Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows

Featured Deal: Get 98% off the 2018 CompTIA Certification Training Bundle: Lifetime Access Deal

MSIL/Bladabindi remnant closing Chrome

Started by mixolyd , Dec 17 2015 01:36 PM

This topic is locked

18 replies to this topic

#1 mixolyd

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 17 December 2015 - 01:36 PM

Hey guys, Thanks in advance for your help!

I am on Windows 10 x64, all updates, etc. About a week ago I stupidly downloaded a suspicious file. Windows Defender immediately quarantined it and said it has Backdoor:MSIL/Bladabindi -- I thought that was the end of it until a few days later I noticed that google.com didn't work. I found that in my proxy settings I had a script setup which redirects google to another IP. I blocked that IP in firewall and set proxy settings to default.

I scanned with ZHPcleaner, Malwarebytes, TDS killer, Eset online scan, adwcleaner, ZHP cleaner, Rogue killer, Comodo rescue disk, Spybot, and nothing was found.

The proxy change reappeared a day later, and I saw somebody on another forum told me they had same issue and found the following registry key: [HKEY_CURRENT_USER\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings]

"AutoConfigURL"="http://localhost.world/localhost.host" -- I had the same reg key and deleted it. Since then I haven't had any proxy setting changes.

My only current issue now is that sometimes I will see a blank Command Prompt window open and Chrome will be closed. This has been happening maybe once a day. It only happened once when I was in front of computer and I wasn't able to see the program being run.

I would really appreciate some help with getting rid of this virus remnant. Thank you

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-12-2015

Ran by Michael (administrator) on MOTHERSHIP (17-12-2015 12:34:28)

Running from D:\Michael\Downloads

Loaded Profiles: Michael (Available Profiles: Michael & nancy & Administrator)

Platform: Windows 10 Pro Version 1511 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe

(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

(Marvell) C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe

(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe

() C:\Windows\SysWOW64\HsMgr.exe

() C:\Windows\System\HsMgr64.exe

(Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Spotify Ltd) C:\Users\Michael\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(BitTorrent, Inc.) C:\Users\Michael\AppData\Roaming\BitTorrent Sync\BTSync.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Flux Software LLC) C:\Users\Michael\AppData\Local\FluxSoftware\Flux\flux.exe

(Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe

(Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

() C:\Program Files (x86)\SpeedFan\speedfan.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe

(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6515.64021.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6515.64021.0_x64__8wekyb3d8bbwe\HxTsr.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.5.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)

HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows 8 Free Edition\apmwinsrv.exe [66768 2014-11-10] ()

HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd

HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()

HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-25] (Adobe Systems Incorporated)

HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [68928 2015-08-27] (Space Sciences Laboratory)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2013-12-24] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2013-12-24] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)

HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)

HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)

HKLM-x32\...\Run: [PulseSecure] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2826584 2015-07-06] (Pulse Secure, LLC)

HKLM-x32\...\Run: [XPE] => C:\Program Files (x86)\XPE Windows 10 DPI Fix\XPEWindows10_DPI.exe [28672 2015-08-21] (XPExplorer.com - 2015)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1856184 2015-09-30] (Adobe Systems Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-10-08] (Power Software Ltd)

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [Spotify Web Helper] => C:\Users\Michael\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-03] (Spotify Ltd)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [1987D95A86FCFAF5B82FFA7E9B4B7814763EFF83._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [799560 2015-12-11] (Google Inc.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [Google Update] => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-06] (Google Inc.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [BitTorrent Sync] => C:\Users\Michael\AppData\Roaming\BitTorrent Sync\BTSync.exe [6884888 2015-12-08] (BitTorrent, Inc.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [f.lux] => C:\Users\Michael\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [9016128 2015-08-27] (Space Sciences Laboratory)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [Todoist] => C:\Users\Michael\AppData\Local\Todoist\WindowsDesktopApp\Todoist.exe [171080 2015-09-29] (Doist Ltd.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2015-10-30] (Microsoft Corporation)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [Spotify] => C:\Users\Michael\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-12-03] (Spotify Ltd)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [6580872 2015-11-17] (Plex, Inc.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\RunOnce: [Uninstall C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_3\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.5951.0827_3\amd64"

HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJHE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [!BTSync2.0.105Done] -> {581FFA04-FC33-0069-0002-95003A5CDE89} => C:\Program Files (x86)\BitTorrent Sync\SyncShellExtension_33554537.dll [2015-04-12] ()

ShellIconOverlayIdentifiers: [!BTSync2.0.105RO] -> {581FFA03-FC33-0069-0002-95003A5CDE89} => C:\Program Files (x86)\BitTorrent Sync\SyncShellExtension_33554537.dll [2015-04-12] ()

ShellIconOverlayIdentifiers: [!BTSync2.0.105RW] -> {581FFA02-FC33-0069-0002-95003A5CDE89} => C:\Program Files (x86)\BitTorrent Sync\SyncShellExtension_33554537.dll [2015-04-12] ()

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2015-06-13]

ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-08-18]

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)

Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-10-04]

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BootExecute: autocheck autochk * sdnclean64.exe

GroupPolicyScripts: Restriction <======= ATTENTION

GroupPolicyScripts\User: Restriction <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{180892fa-a373-4654-acc7-5f2407b9951b}: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{43b137f6-0950-4b8c-84bb-4657e8457627}: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{54b5a040-16de-413f-988a-6742bc17e8f6}: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{6777532f-aaa9-4dc6-9a04-57223d6585e8}: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{88343a25-6a6d-4b34-b574-f310992125e7}: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{af7f0e6a-c62f-4d9e-a2d2-2ba864ade9a3}: [NameServer] 160.129.6.22,129.59.1.10

Tcpip\..\Interfaces\{cc1755c7-ffd5-4267-9f01-c2482f90c40d}: [DhcpNameServer] 10.0.1.1

Tcpip\..\Interfaces\{e19b2732-fb6b-485c-b4a6-a417e1a4d5d3}: [DhcpNameServer] 10.0.1.1

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

SearchScopes: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001 -> 8DD2282DDC7C5C4A371A13CA0F65B180 URL = hxxp://internet-start.net/?q={searchTerms}

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-15] (Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-08] (Oracle Corporation)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-18] (LastPass)

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-15] (Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-08] (Oracle Corporation)

BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-08] (Oracle Corporation)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-18] (LastPass)

BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-08] (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-18] (LastPass)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-18] (LastPass)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-15] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-15] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-15] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-15] (Microsoft Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

Edge:

======

Edge HomeButtonPage: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001 -> hxxp://www.yandex.ru/?win=203&clid=2100767-002

FireFox:

========

FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\37lpeheh.default

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()

FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-08] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-08] (Oracle Corporation)

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-18] (LastPass)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-08] (Oracle Corporation)

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-18] (LastPass)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-15] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

FF Plugin HKU\S-1-5-21-2172870717-1373750500-4216110194-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Michael\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-08-28] (Citrix Online)

FF Plugin HKU\S-1-5-21-2172870717-1373750500-4216110194-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin HKU\S-1-5-21-2172870717-1373750500-4216110194-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)

FF Plugin HKU\S-1-5-21-2172870717-1373750500-4216110194-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-16] ()

FF SearchPlugin: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\37lpeheh.default\searchplugins\yandex.ru-183702.xml [2015-11-18]

FF Extension: LastPass - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\37lpeheh.default\extensions\support@lastpass.com [2015-10-27]

FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension

FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-10-26]

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-12-09] [not signed]

FF HKU\S-1-5-21-2172870717-1373750500-4216110194-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension

Chrome:

=======

CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp

CHR DefaultSearchKeyword: Default -> google.com_

CHR Session Restore: Default -> is enabled.

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x64\widevinecdmadapter.dll (Google Inc.)

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x64\widevinecdmadapter.dll => No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()

CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-25]

CHR Extension: (Magic Actions for YouTube™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-09]

CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-06-25]

CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-25]

CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-20]

CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]

CHR Extension: (Ratings Preview for YouTube™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2015-06-25]

CHR Extension: (Pushbullet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2015-12-14]

CHR Extension: (uBlock Origin) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-12-14]

CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-12-17]

CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]

CHR Extension: (Mailto: for Gmail™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2015-12-09]

CHR Extension: (Gmelius for Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl [2015-12-14]

CHR Extension: (Google Cast (Beta)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dliochdbjfkdbacpmhlcpmleaejidimm [2015-12-08]

CHR Extension: (Dropbox for Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-06]

CHR Extension: (Zotero Connector) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2015-06-25]

CHR Extension: (Google Play Music) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-12-08]

CHR Extension: (Google Sheets) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-25]

CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2015-12-02]

CHR Extension: (iCloud Bookmarks) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-09-13]

CHR Extension: (Reddit votes) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\geedigenhgnhbebebbjlidlalocdggjl [2015-06-25]

CHR Extension: (Google Docs Offline) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-10-26]

CHR Extension: (Checker Plus for Google Calendar™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkhggnncdpfibdhinjiegagmopldibha [2015-12-09]

CHR Extension: (Google Keep - notes and lists) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2015-12-14]

CHR Extension: (Dropbox) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-06-29]

CHR Extension: (Google Tasks Offline (Unofficial)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekhpicinnaamcmadbipjejafgkjdokh [2015-06-25]

CHR Extension: (Reddit Enhancement Suite) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-06-25]

CHR Extension: (StumbleUpon) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2015-06-25]

CHR Extension: (Simplenote) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjoocpipbbafoimjgbkmfnjcjejdbjo [2015-06-25]

CHR Extension: (Auto HD For YouTube™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-06-25]

CHR Extension: (Evernote Web) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2015-06-25]

CHR Extension: (Graph Your Inbox) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghnjmocfihonjdijomigppjlpdgdeji [2015-06-25]

CHR Extension: (Boomerang for Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2015-12-14]

CHR Extension: (Flashcontrol) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2015-12-17]

CHR Extension: (Google Dictionary (by Google)) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2015-06-25]

CHR Extension: (Pocket) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-09-01]

CHR Extension: (Google Hangouts) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-12-09]

CHR Extension: (Save to Pocket) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-10-16]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]

CHR Extension: (Cite This For Me: Web Citer) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnnmhgkokpalnmbeighfomegjfkklkle [2015-06-25]

CHR Extension: (APK Downloader) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhlfmheblhjhkmacldlhdnbgbaiigba [2015-06-25]

CHR Extension: (Checker Plus for Gmail™) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2015-11-28]

CHR Extension: (Page Notes) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\omjdheidbhoghpfdnndkgoelfiogjfla [2015-09-06]

CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2015-12-14]

CHR Extension: (Evernote Web Clipper) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-09-23]

CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-25]

CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [bejnpnkhfgfkcpgikiinojlmdcjimobi] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [bhjcgomkanpkpblokebecknhahgkcmoo] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [cpegcopcfajiiibidlaelhjjblpefbjk] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-11-29] (Advanced Micro Devices) [File not signed]

R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)

R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-11-21] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-11-21] (Dropbox, Inc.)

R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)

S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AC_Service.exe [310080 2015-08-28] (Citrix Online, a division of Citrix Systems, Inc.)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)

R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]

S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]

R2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)

R2 JuniperAccessService; C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe [162136 2015-07-06] (Pulse Secure, LLC)

R2 LMS; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [415520 2015-07-06] (Intel Corporation)

R2 Marvell PNP Listener; C:\Program Files (x86)\Marvell\mv91xx\util\mvpnplistener.exe [96584 2014-12-01] (Marvell)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

S3 PAExec; C:\WINDOWS\PAExec.exe [207872 2015-08-12] (Power Admin LLC) [File not signed]

R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

S3 rpcapd; "C:\Program Files (x86)\WinPcap\rpcapd.exe" -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini"

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [297672 2015-09-30] (Advanced Micro Devices)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)

R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [35024 2014-11-10] (Paragon Software Group)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-17] (Advanced Micro Devices)

R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8510640 2014-02-06] (Broadcom Corporation)

S3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8510640 2014-02-06] (Broadcom Corporation)

S3 CLVirtualBus02; C:\Windows\System32\drivers\CLVirtualBus02.sys [103176 2015-03-18] (CyberLink)

R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)

R3 CORK70; C:\Windows\system32\drivers\CORK70.sys [25600 2012-10-31] ( )

S3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-07-06] (Corsair)

S3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-07-06] (Corsair)

R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [61136 2014-11-10] (Paragon Software Group)

S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [205008 2014-11-10] (Paragon Software Group)

R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2014-11-10] (Paragon Software Group)

R1 jnprns; C:\Windows\system32\DRIVERS\jnprns.sys [507192 2015-07-05] (Juniper Networks)

S4 jnprTdi_814_60057; C:\WINDOWS\system32\Drivers\jnprTdi_814_60057.sys [108344 2015-07-06] (Pulse Secure, LLC)

S3 jnprva; C:\Windows\System32\drivers\jnprva.sys [30072 2015-07-05] (Juniper Networks, Inc.)

R3 JnprVaMgr; C:\Windows\System32\drivers\jnprvamgr.sys [45352 2015-07-05] (Juniper Networks, Inc.)

R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-30] (Microsoft Corporation)

R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-17] (Malwarebytes)

R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)

R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2014-11-10] (Paragon Software Group)

R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-18] (Riverbed Technology, Inc.)

S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated) [File not signed]

R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13536 2015-05-27] ()

R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-23] (Synaptics Incorporated)

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2015-08-07] (Nicomsoft Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-15 12:56 - 2015-12-15 12:56 - 00000218 _____ C:\Users\Michael\AppData\Local\recently-used.xbel

2015-12-15 12:56 - 2015-12-15 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO

2015-12-15 12:34 - 2015-12-15 12:34 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool

2015-12-15 12:34 - 2015-12-15 12:34 - 00000000 ____D C:\Users\Michael\AppData\Local\Apps\Windows 7 USB DVD Download Tool

2015-12-15 09:00 - 2015-12-15 09:38 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0

2015-12-14 19:21 - 2015-12-14 19:21 - 00000000 ____D C:\Program Files\Common Files\AV

2015-12-14 19:21 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe

2015-12-14 19:17 - 2015-12-14 19:24 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2015-12-14 19:17 - 2015-12-14 19:22 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2015-12-14 19:17 - 2015-12-14 19:17 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2015-12-14 19:17 - 2015-12-14 19:17 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk

2015-12-14 19:17 - 2015-12-14 19:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking

2015-12-14 19:17 - 2015-12-14 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2015-12-14 19:17 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe

2015-12-14 19:05 - 2015-12-17 09:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-12-14 19:05 - 2015-12-14 19:05 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-12-14 19:05 - 2015-12-14 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-12-14 19:05 - 2015-12-14 19:05 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-12-14 19:05 - 2015-12-14 19:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-12-14 19:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-12-14 19:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-12-14 19:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2015-12-14 18:50 - 2015-12-14 18:50 - 00002125 _____ C:\Users\Michael\Desktop\ZHPCleaner.txt

2015-12-14 18:49 - 2015-12-14 18:49 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe

2015-12-14 18:46 - 2015-12-14 18:46 - 00000917 _____ C:\Users\Michael\Desktop\ZHPCleaner.lnk

2015-12-14 17:57 - 2015-12-14 17:57 - 00000000 ____D C:\Users\nancy\AppData\Local\Apple Computer

2015-12-14 12:03 - 2015-12-14 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

2015-12-13 18:05 - 2015-12-14 18:49 - 00000000 ____D C:\ProgramData\HitmanPro

2015-12-13 12:30 - 2015-12-17 12:34 - 00000000 ____D C:\FRST

2015-12-13 12:30 - 2015-12-17 12:32 - 00109816 _____ C:\Users\Michael\Desktop\FRST.txt

2015-12-13 12:18 - 2015-12-14 18:42 - 00000000 ____D C:\AdwCleaner

2015-12-13 12:00 - 2015-12-13 12:00 - 01938944 _____ C:\Users\Michael\ZHPCleaner.exe

2015-12-11 22:20 - 2015-12-11 22:20 - 00000000 ____D C:\Users\nancy\AppData\Local\Adobe

2015-12-11 22:15 - 2015-12-11 22:15 - 00001247 _____ C:\Users\nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk

2015-12-11 22:10 - 2015-12-11 22:10 - 00000000 ____D C:\Users\nancy\AppData\Local\AMD

2015-12-11 22:09 - 2015-12-11 22:09 - 00000020 ___SH C:\Users\nancy\ntuser.ini

2015-12-11 22:09 - 2015-12-11 22:09 - 00000000 ____D C:\Users\nancy\AppData\Local\Publishers

2015-12-11 19:49 - 2015-12-11 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-12-10 10:04 - 2015-12-10 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2015-12-09 22:03 - 2015-12-09 22:04 - 00108682 _____ C:\TDSSKiller.3.1.0.7_09.12.2015_22.03.22_log.txt

2015-12-09 21:54 - 2015-12-09 22:36 - 00000000 ____D C:\ProgramData\RogueKiller

2015-12-09 21:54 - 2015-12-09 21:54 - 00036608 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys

2015-12-09 21:54 - 2015-12-09 21:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller

2015-12-09 21:54 - 2015-12-09 21:54 - 00000000 ____D C:\Program Files\RogueKiller

2015-12-09 21:43 - 2015-12-14 18:50 - 00000000 ____D C:\Users\Michael\AppData\Roaming\ZHP

2015-12-09 21:43 - 2015-12-09 21:43 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\orye.sys

2015-12-09 21:42 - 2015-12-09 21:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-12-09 11:55 - 2015-12-11 03:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-12-09 11:35 - 2015-12-09 11:48 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk

2015-12-09 11:35 - 2015-12-09 11:46 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk

2015-12-09 11:30 - 2015-12-16 18:00 - 00000548 _____ C:\WINDOWS\Tasks\Adobe Acrobat Pro DC Update.job

2015-12-09 11:30 - 2015-12-09 11:30 - 00003448 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Pro DC Update

2015-12-09 11:30 - 2015-12-09 11:30 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Adobe Acrobat Pro DC

2015-12-08 22:00 - 2015-12-01 01:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2015-12-08 22:00 - 2015-11-24 06:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-12-08 22:00 - 2015-11-24 05:07 - 03671896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-12-08 22:00 - 2015-11-24 05:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-12-08 22:00 - 2015-11-24 04:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2015-12-08 22:00 - 2015-11-24 04:03 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-12-08 22:00 - 2015-11-24 04:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2015-12-08 22:00 - 2015-11-24 03:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll

2015-12-08 22:00 - 2015-11-24 03:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-12-08 22:00 - 2015-11-24 03:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll

2015-12-08 22:00 - 2015-11-24 03:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys

2015-12-08 22:00 - 2015-11-24 03:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2015-12-08 22:00 - 2015-11-24 03:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll

2015-12-08 22:00 - 2015-11-24 03:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll

2015-12-08 22:00 - 2015-11-24 02:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-12-08 22:00 - 2015-11-24 02:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-12-08 22:00 - 2015-11-24 02:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2015-12-08 22:00 - 2015-11-24 02:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2015-12-08 22:00 - 2015-11-24 02:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2015-12-08 22:00 - 2015-11-24 02:27 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-12-08 22:00 - 2015-11-24 02:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll

2015-12-08 22:00 - 2015-11-24 02:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-12-08 22:00 - 2015-11-24 01:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2015-12-08 22:00 - 2015-11-24 01:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll

2015-12-08 22:00 - 2015-11-24 01:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-12-08 22:00 - 2015-11-24 01:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-12-08 22:00 - 2015-11-24 01:25 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-12-08 22:00 - 2015-11-24 01:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-12-08 22:00 - 2015-11-24 01:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-12-08 22:00 - 2015-11-24 01:09 - 19338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-12-08 22:00 - 2015-11-24 01:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-12-08 22:00 - 2015-11-24 01:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-12-08 21:03 - 2015-12-08 21:03 - 00000000 ____D C:\Program Files (x86)\Acrobat

2015-12-08 17:10 - 2015-12-08 17:10 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2015-12-08 13:44 - 2015-12-08 13:44 - 00000000 ____D C:\Program Files (x86)\AMD

2015-12-08 13:43 - 2015-11-29 14:20 - 00223744 _____ C:\WINDOWS\system32\dgtrayicon.exe

2015-12-08 13:43 - 2015-09-29 20:11 - 00674816 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe

2015-12-08 13:43 - 2015-09-29 20:10 - 00246784 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe

2015-12-08 13:43 - 2015-09-29 19:47 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll

2015-12-08 13:43 - 2014-09-03 06:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

2015-12-08 13:43 - 2014-09-03 06:55 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll

2015-12-08 13:43 - 2013-04-10 09:34 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe

2015-12-08 13:43 - 2013-04-10 09:34 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe

2015-12-02 17:44 - 2015-11-22 04:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-12-02 17:44 - 2015-11-22 04:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2015-12-02 17:44 - 2015-11-22 04:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2015-12-02 17:44 - 2015-11-22 04:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-12-02 17:44 - 2015-11-22 04:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2015-12-02 17:44 - 2015-11-22 04:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll

2015-12-02 17:44 - 2015-11-22 04:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-12-02 17:44 - 2015-11-22 04:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll

2015-12-02 17:44 - 2015-11-22 04:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys

2015-12-02 17:44 - 2015-11-22 04:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll

2015-12-02 17:44 - 2015-11-22 04:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll

2015-12-02 17:44 - 2015-11-22 04:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2015-12-02 17:44 - 2015-11-22 04:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2015-12-02 17:44 - 2015-11-22 04:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll

2015-12-02 17:44 - 2015-11-22 04:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll

2015-12-02 17:44 - 2015-11-22 04:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2015-12-02 17:44 - 2015-11-22 04:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2015-12-02 17:44 - 2015-11-22 04:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2015-12-02 17:44 - 2015-11-22 04:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2015-12-02 17:44 - 2015-11-22 04:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll

2015-12-02 17:44 - 2015-11-22 04:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll

2015-12-02 17:44 - 2015-11-22 03:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll

2015-12-02 17:44 - 2015-11-22 03:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll

2015-12-02 17:44 - 2015-11-22 03:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll

2015-12-02 17:44 - 2015-11-22 03:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll

2015-12-02 17:44 - 2015-11-22 03:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2015-12-02 17:44 - 2015-11-22 03:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll

2015-12-02 17:44 - 2015-11-22 03:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll

2015-12-02 17:44 - 2015-11-22 03:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll

2015-12-02 17:44 - 2015-11-22 03:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll

2015-12-02 17:44 - 2015-11-22 03:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys

2015-12-02 17:44 - 2015-11-22 03:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll

2015-12-02 17:44 - 2015-11-22 03:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll

2015-12-02 17:44 - 2015-11-22 03:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-12-02 17:44 - 2015-11-22 03:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll

2015-12-02 17:44 - 2015-11-22 03:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll

2015-12-02 17:44 - 2015-11-22 03:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2015-12-02 17:44 - 2015-11-22 03:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll

2015-12-02 17:44 - 2015-11-22 03:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2015-12-02 17:44 - 2015-11-22 03:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll

2015-12-02 17:44 - 2015-11-22 03:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll

2015-12-02 17:44 - 2015-11-22 03:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll

2015-12-02 17:44 - 2015-11-22 03:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2015-12-02 17:44 - 2015-11-22 03:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll

2015-12-02 17:44 - 2015-11-22 03:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2015-12-02 17:44 - 2015-11-22 03:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll

2015-12-02 17:44 - 2015-11-22 03:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2015-12-02 17:44 - 2015-11-22 03:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll

2015-12-02 17:44 - 2015-11-22 03:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll

2015-12-02 17:44 - 2015-11-22 03:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll

2015-12-02 17:44 - 2015-11-22 03:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2015-12-02 17:44 - 2015-11-22 03:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-12-02 17:44 - 2015-11-22 03:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll

2015-12-02 17:44 - 2015-11-22 03:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll

2015-12-02 17:44 - 2015-11-22 03:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2015-12-02 17:44 - 2015-11-22 03:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2015-12-02 17:44 - 2015-11-22 03:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll

2015-12-02 17:44 - 2015-11-22 03:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll

2015-12-02 17:44 - 2015-11-22 03:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll

2015-12-02 17:44 - 2015-11-22 03:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-12-02 17:44 - 2015-11-22 03:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll

2015-12-02 17:44 - 2015-11-22 03:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll

2015-12-02 17:44 - 2015-11-22 03:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll

2015-12-02 17:44 - 2015-11-22 03:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll

2015-12-02 17:44 - 2015-11-22 03:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2015-12-02 17:44 - 2015-11-22 03:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2015-12-02 17:44 - 2015-11-22 03:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll

2015-12-02 17:44 - 2015-11-22 03:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll

2015-12-02 17:44 - 2015-11-22 03:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll

2015-12-02 17:44 - 2015-11-22 03:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll

2015-12-02 17:44 - 2015-11-22 03:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-12-02 17:44 - 2015-11-22 03:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll

2015-12-02 17:44 - 2015-11-22 03:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2015-12-02 17:44 - 2015-11-22 03:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2015-12-02 17:44 - 2015-11-22 03:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2015-12-02 17:44 - 2015-11-22 03:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2015-12-02 17:44 - 2015-11-22 03:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll

2015-12-02 17:44 - 2015-11-22 03:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll

2015-12-02 17:44 - 2015-11-22 03:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2015-12-02 17:44 - 2015-11-22 03:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2015-12-02 17:44 - 2015-11-22 03:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2015-12-02 17:44 - 2015-11-22 03:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll

2015-12-02 17:44 - 2015-11-22 03:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2015-12-02 17:44 - 2015-11-22 03:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2015-12-02 17:44 - 2015-11-22 03:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2015-12-02 17:44 - 2015-11-22 03:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2015-12-02 17:44 - 2015-11-22 03:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2015-12-02 17:44 - 2015-11-22 03:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll

2015-12-02 17:44 - 2015-11-22 03:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-12-02 17:44 - 2015-11-22 03:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll

2015-12-02 17:44 - 2015-11-22 03:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll

2015-12-02 17:44 - 2015-11-22 03:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2015-12-02 17:44 - 2015-11-22 03:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2015-12-02 17:44 - 2015-11-22 03:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll

2015-12-02 17:44 - 2015-11-22 03:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll

2015-12-02 17:44 - 2015-11-22 03:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll

2015-12-02 17:44 - 2015-11-22 03:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2015-12-02 17:44 - 2015-11-22 03:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-12-02 17:44 - 2015-11-22 03:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll

2015-12-02 17:44 - 2015-11-22 03:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2015-12-02 17:44 - 2015-11-22 03:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-12-02 17:44 - 2015-11-22 03:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2015-12-02 17:44 - 2015-11-22 03:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll

2015-12-02 17:44 - 2015-11-22 03:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll

2015-12-02 17:44 - 2015-11-22 03:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2015-12-02 17:44 - 2015-11-22 03:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2015-12-02 17:44 - 2015-11-22 03:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2015-12-02 17:44 - 2015-11-22 03:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll

2015-12-02 17:44 - 2015-11-22 03:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

2015-12-02 17:44 - 2015-11-22 03:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2015-12-02 17:44 - 2015-11-22 03:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2015-12-02 17:44 - 2015-11-22 03:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2015-12-02 17:44 - 2015-11-22 03:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-12-02 17:44 - 2015-11-22 03:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2015-12-02 17:44 - 2015-11-22 03:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2015-12-02 17:44 - 2015-11-22 03:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll

2015-12-02 17:44 - 2015-11-22 03:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll

2015-12-02 17:44 - 2015-11-22 03:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll

2015-12-02 17:44 - 2015-11-22 03:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2015-12-02 17:44 - 2015-11-22 03:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-12-02 17:44 - 2015-11-22 03:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-12-02 17:44 - 2015-11-22 03:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2015-12-02 17:44 - 2015-11-22 03:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2015-12-02 17:44 - 2015-11-22 03:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2015-12-02 17:44 - 2015-11-22 03:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-12-02 17:44 - 2015-11-22 03:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2015-12-02 17:44 - 2015-11-22 03:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2015-11-29 15:35 - 2015-11-29 15:35 - 02420736 _____ C:\WINDOWS\system32\amdacpusl.pdb

2015-11-29 15:33 - 2015-11-29 15:33 - 00364544 _____ (Advanced Micro Devices) C:\WINDOWS\system32\amdacpusl.dll

2015-11-29 15:33 - 2015-11-29 15:33 - 00306176 _____ C:\WINDOWS\system32\amdacpusl.pdb.pub

2015-11-29 15:33 - 2015-11-29 15:33 - 00248832 _____ (Advanced Micro Devices) C:\WINDOWS\SysWOW64\amdacpusl.dll

2015-11-25 13:44 - 2015-11-21 00:21 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2015-11-25 13:44 - 2015-11-21 00:02 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2015-11-25 13:44 - 2015-11-20 23:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll

2015-11-25 13:44 - 2015-11-20 23:29 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2015-11-25 13:44 - 2015-11-20 23:07 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2015-11-24 21:42 - 2015-11-24 21:42 - 00001024 _____ C:\.rnd

2015-11-24 21:42 - 2015-11-24 21:42 - 00000000 ____D C:\ProgramData\Paessler

2015-11-24 21:42 - 2015-11-24 21:42 - 00000000 ____D C:\Program Files\WinPcap

2015-11-24 21:41 - 2015-11-26 11:01 - 00000000 ____D C:\Program Files (x86)\PRTG Network Monitor

2015-11-24 14:51 - 2015-11-24 14:51 - 00000000 ____D C:\ProgramData\ATI

2015-11-24 14:23 - 2015-11-24 14:23 - 00001247 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk

2015-11-24 14:17 - 2015-12-08 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings

2015-11-24 14:17 - 2015-11-24 14:17 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater

2015-11-24 01:33 - 2015-11-29 14:32 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll

2015-11-23 22:43 - 2015-11-23 22:43 - 00323588 _____ C:\WINDOWS\system32\ativvaxy_el.dat

2015-11-23 22:43 - 2015-11-23 22:43 - 00320992 _____ C:\WINDOWS\system32\ativvaxy_el_nd.dat

2015-11-23 22:43 - 2015-11-23 22:43 - 00261920 _____ C:\WINDOWS\system32\ativvaxy_stn_nd.dat

2015-11-23 22:41 - 2015-11-23 22:41 - 00166560 _____ C:\WINDOWS\system32\amde34a.dat

2015-11-23 22:41 - 2015-11-23 22:41 - 00007112 _____ C:\WINDOWS\system32\AMDKernelEvents.man

2015-11-23 18:09 - 2015-11-23 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server

2015-11-21 10:08 - 2015-11-21 10:08 - 00129033 _____ C:\Users\Michael\Desktop\SessionI-SubjectMatter-102515.pdf

2015-11-18 21:17 - 2015-09-30 00:22 - 10114240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll

2015-11-18 21:17 - 2015-09-30 00:22 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll

2015-11-18 18:37 - 2015-11-18 18:38 - 00000000 ____D C:\Users\Michael\AppData\Local\Yandex

2015-11-18 18:37 - 2015-11-18 18:37 - 00000000 ____D C:\Users\Michael\AppData\LocalLow\Yandex

2015-11-18 18:36 - 2015-11-18 18:39 - 00000000 ____D C:\Users\Michael\AppData\Roaming\DriverPack Easy Search

2015-11-18 18:36 - 2015-11-18 18:39 - 00000000 ____D C:\Program Files (x86)\DriverPack Notifier

2015-11-18 18:36 - 2015-11-18 18:38 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Yandex

2015-11-18 18:36 - 2015-11-18 18:38 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Opera Software

2015-11-18 18:36 - 2015-11-18 18:38 - 00000000 ____D C:\Users\Michael\AppData\Local\Opera Software

2015-11-18 18:36 - 2015-11-18 18:38 - 00000000 ____D C:\Program Files (x86)\Opera

2015-11-18 18:36 - 2015-11-18 18:36 - 00000000 ____D C:\Users\Michael\AppData\Roaming\DriverPack Notifier

2015-11-18 18:36 - 2015-11-18 18:36 - 00000000 ____D C:\Users\Michael\AppData\Local\Xpom

2015-11-18 18:36 - 2015-11-18 18:36 - 00000000 ____D C:\Users\Michael\AppData\Local\Nichrome

2015-11-18 18:36 - 2015-11-18 18:36 - 00000000 ____D C:\Users\Michael\AppData\Local\Chromium

2015-11-18 18:35 - 2015-05-29 17:05 - 00646408 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys

2015-11-18 18:35 - 2015-05-06 00:56 - 00334984 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvs91xx.sys

2015-11-18 18:35 - 2015-05-06 00:56 - 00015496 _____ (Marvell Semiconductor Inc.) C:\WINDOWS\system32\Drivers\mvxxmm.sys

2015-11-18 18:35 - 2015-04-14 04:49 - 00036352 _____ (<Marvell>) C:\WINDOWS\system32\mv91xxm.dll

2015-11-18 18:34 - 2015-11-18 18:36 - 00000000 ____D C:\Users\Michael\AppData\Roaming\DRPSu

2015-11-18 16:56 - 2015-11-13 00:43 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2015-11-18 16:56 - 2015-11-13 00:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2015-11-18 16:56 - 2015-11-13 00:41 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-11-18 16:56 - 2015-11-13 00:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2015-11-18 16:56 - 2015-11-13 00:21 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2015-11-18 16:56 - 2015-11-13 00:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2015-11-18 16:56 - 2015-11-13 00:18 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-11-18 16:56 - 2015-11-12 23:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2015-11-18 16:56 - 2015-11-12 23:39 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2015-11-18 16:56 - 2015-11-12 23:29 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2015-11-18 16:56 - 2015-11-12 23:19 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2015-11-18 16:55 - 2015-11-13 00:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys

2015-11-18 16:55 - 2015-11-13 00:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2015-11-18 16:55 - 2015-11-13 00:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2015-11-18 16:55 - 2015-11-13 00:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2015-11-18 16:55 - 2015-11-13 00:43 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2015-11-18 16:55 - 2015-11-13 00:43 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2015-11-18 16:55 - 2015-11-13 00:43 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2015-11-18 16:55 - 2015-11-13 00:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2015-11-18 16:55 - 2015-11-13 00:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe

2015-11-18 16:55 - 2015-11-13 00:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2015-11-18 16:55 - 2015-11-13 00:42 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2015-11-18 16:55 - 2015-11-13 00:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

2015-11-18 16:55 - 2015-11-13 00:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

2015-11-18 16:55 - 2015-11-13 00:33 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-11-18 16:55 - 2015-11-13 00:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2015-11-18 16:55 - 2015-11-13 00:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2015-11-18 16:55 - 2015-11-13 00:21 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2015-11-18 16:55 - 2015-11-13 00:21 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2015-11-18 16:55 - 2015-11-13 00:21 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2015-11-18 16:55 - 2015-11-13 00:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll

2015-11-18 16:55 - 2015-11-13 00:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe

2015-11-18 16:55 - 2015-11-13 00:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2015-11-18 16:55 - 2015-11-13 00:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll

2015-11-18 16:55 - 2015-11-13 00:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll

2015-11-18 16:55 - 2015-11-13 00:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll

2015-11-18 16:55 - 2015-11-13 00:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll

2015-11-18 16:55 - 2015-11-13 00:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll

2015-11-18 16:55 - 2015-11-13 00:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll

2015-11-18 16:55 - 2015-11-13 00:04 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll

2015-11-18 16:55 - 2015-11-13 00:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe

2015-11-18 16:55 - 2015-11-13 00:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe

2015-11-18 16:55 - 2015-11-13 00:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll

2015-11-18 16:55 - 2015-11-13 00:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll

2015-11-18 16:55 - 2015-11-13 00:02 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll

2015-11-18 16:55 - 2015-11-13 00:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2015-11-18 16:55 - 2015-11-13 00:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

2015-11-18 16:55 - 2015-11-13 00:00 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll

2015-11-18 16:55 - 2015-11-13 00:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe

2015-11-18 16:55 - 2015-11-12 23:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2015-11-18 16:55 - 2015-11-12 23:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll

2015-11-18 16:55 - 2015-11-12 23:57 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll

2015-11-18 16:55 - 2015-11-12 23:57 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2015-11-18 16:55 - 2015-11-12 23:56 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2015-11-18 16:55 - 2015-11-12 23:56 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll

2015-11-18 16:55 - 2015-11-12 23:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll

2015-11-18 16:55 - 2015-11-12 23:55 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2015-11-18 16:55 - 2015-11-12 23:55 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll

2015-11-18 16:55 - 2015-11-12 23:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2015-11-18 16:55 - 2015-11-12 23:53 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2015-11-18 16:55 - 2015-11-12 23:53 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2015-11-18 16:55 - 2015-11-12 23:50 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-11-18 16:55 - 2015-11-12 23:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2015-11-18 16:55 - 2015-11-12 23:40 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe

2015-11-18 16:55 - 2015-11-12 23:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll

2015-11-18 16:55 - 2015-11-12 23:37 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2015-11-18 16:55 - 2015-11-12 23:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll

2015-11-18 16:55 - 2015-11-12 23:33 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2015-11-18 16:55 - 2015-11-12 23:32 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2015-11-18 16:55 - 2015-11-12 23:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

2015-11-18 16:55 - 2015-11-12 23:30 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2015-11-18 16:55 - 2015-11-12 23:28 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2015-11-18 16:55 - 2015-11-12 23:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2015-11-18 16:55 - 2015-11-12 23:23 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-17 12:31 - 2015-10-30 00:28 - 00000000 ____D C:\Windows

2015-12-17 12:26 - 2015-02-25 16:43 - 00000000 ____D C:\Users\Michael\AppData\Roaming\BitTorrent Sync

2015-12-17 12:16 - 2015-09-14 22:14 - 00000932 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2015-12-17 12:12 - 2015-08-28 15:42 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-12-17 11:56 - 2015-02-24 11:44 - 00000000 ____D C:\ProgramData\BOINC

2015-12-17 11:45 - 2015-08-06 20:25 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2172870717-1373750500-4216110194-1001UA.job

2015-12-17 11:40 - 2015-06-25 11:15 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-12-17 10:16 - 2015-09-14 22:14 - 00000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

2015-12-17 09:50 - 2015-02-24 11:38 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{43EB6EA7-BF27-4F04-88FB-A68B608738CB}

2015-12-17 05:26 - 2015-06-22 14:47 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-12-17 05:25 - 2015-10-30 01:21 - 00000000 ____D C:\WINDOWS\INF

2015-12-17 03:45 - 2015-08-06 20:25 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2172870717-1373750500-4216110194-1001Core.job

2015-12-17 02:40 - 2015-06-25 11:15 - 00000924 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-12-16 22:25 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-12-16 18:41 - 2015-10-30 01:24 - 00000000 ___HD C:\Program Files\WindowsApps

2015-12-15 19:55 - 2015-10-30 01:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2015-12-15 19:54 - 2015-02-24 18:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2015-12-15 18:39 - 2015-06-22 15:45 - 00000000 ____D C:\Users\Michael\AppData\Local\ActiveSync

2015-12-15 18:37 - 2015-11-06 17:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-12-15 18:37 - 2015-02-24 18:09 - 00000000 ____D C:\Program Files (x86)\SpeedFan

2015-12-15 18:37 - 2015-02-24 17:53 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Dropbox

2015-12-15 18:37 - 2015-02-24 17:34 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2015-12-15 16:08 - 2015-11-06 17:51 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin

2015-12-15 16:08 - 2015-03-13 22:13 - 00003136 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner

2015-12-15 15:27 - 2015-07-03 13:35 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\WINDOWS\gdrv.sys

2015-12-15 14:57 - 2015-10-30 00:28 - 01310720 ___SH C:\WINDOWS\system32\config\BBI

2015-12-15 13:45 - 2015-02-24 17:52 - 00000000 ____D C:\Program Files (x86)\Steam

2015-12-15 13:25 - 2015-03-30 15:29 - 00000000 ____D C:\Program Files\PowerISO

2015-12-15 12:58 - 2015-02-25 17:04 - 00000000 ____D C:\Users\Michael\AppData\Roaming\deluge

2015-12-15 06:33 - 2015-02-24 17:40 - 00003498 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics

2015-12-14 17:57 - 2015-10-02 22:40 - 00000000 ____D C:\Users\nancy\AppData\Roaming\Apple Computer

2015-12-13 21:16 - 2015-10-02 22:42 - 00000000 ____D C:\Users\nancy\AppData\Local\ActiveSync

2015-12-13 12:00 - 2015-11-06 17:51 - 00000000 ____D C:\Users\Michael

2015-12-12 22:22 - 2015-06-22 15:37 - 00000000 ____D C:\Users\Michael\3D Objects

2015-12-12 05:00 - 2015-02-24 11:34 - 00000000 ____D C:\Users\Michael\AppData\Local\Packages

2015-12-11 23:23 - 2015-10-02 22:40 - 00000000 ____D C:\Users\nancy\AppData\Local\Google

2015-12-11 22:43 - 2015-10-02 22:40 - 00000000 ____D C:\Users\nancy\AppData\Local\Packages

2015-12-11 22:25 - 2015-10-02 22:40 - 00000000 ____D C:\Users\nancy\AppData\Local\PackageStaging

2015-12-11 22:20 - 2015-10-02 22:40 - 00000000 ____D C:\Users\nancy\AppData\Roaming\Adobe

2015-12-11 22:10 - 2015-10-02 22:40 - 00002378 _____ C:\Users\nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2015-12-11 22:10 - 2015-10-02 22:40 - 00000000 ___RD C:\Users\nancy\OneDrive

2015-12-11 22:09 - 2015-11-06 17:51 - 00000000 ____D C:\Users\nancy

2015-12-11 22:09 - 2015-10-02 22:40 - 00002336 _____ C:\Users\nancy\Desktop\Google Chrome.lnk

2015-12-11 22:09 - 2015-06-22 14:53 - 00000000 __RHD C:\Users\Public\AccountPictures

2015-12-11 19:49 - 2015-09-14 22:14 - 00000000 ____D C:\Program Files (x86)\Dropbox

2015-12-10 10:05 - 2015-10-26 15:47 - 00000000 ____D C:\Users\Michael\AppData\Local\D3308A52-78A1-47AD-8000-4AE771D4C732.aplzod

2015-12-10 10:05 - 2015-10-08 15:38 - 00000258 __RSH C:\ProgramData\ntuser.pol

2015-12-09 21:43 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\ModemLogs

2015-12-09 21:08 - 2015-08-28 15:40 - 00000000 ___HD C:\ProgramData\SsiRecord

2015-12-09 20:23 - 2015-11-09 07:49 - 00000000 ____D C:\Users\Michael\AppData\Local\Deployment

2015-12-09 20:23 - 2015-10-20 18:45 - 00000125 _____ C:\Users\Michael\Desktop\Remote Proctor Now.url

2015-12-09 20:23 - 2015-08-28 15:40 - 00004084 _____ C:\WINDOWS\System32\Tasks\goloader1

2015-12-09 20:23 - 2015-08-28 15:40 - 00000000 ____D C:\Users\Michael\Documents\SsiAuthenticate

2015-12-09 20:23 - 2015-08-28 15:40 - 00000000 ____D C:\ProgramData\SsiAuthenticate

2015-12-09 19:57 - 2015-11-06 17:50 - 00343360 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2015-12-09 19:57 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\oobe

2015-12-09 14:16 - 2015-02-24 18:21 - 00000600 _____ C:\Users\Michael\AppData\Local\PUTTY.RND

2015-12-09 14:16 - 2015-02-24 18:19 - 00000000 ____D C:\Users\Michael\AppData\Roaming\FileZilla

2015-12-09 11:55 - 2015-10-13 12:29 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-12-09 11:55 - 2015-03-11 15:39 - 00000000 ____D C:\Users\Michael\AppData\Local\Adobe

2015-12-09 11:55 - 2015-03-08 10:14 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-12-09 11:48 - 2015-03-21 13:12 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk

2015-12-09 11:42 - 2015-03-11 15:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2015-12-09 11:34 - 2015-03-11 15:38 - 00000000 ____D C:\ProgramData\Adobe

2015-12-08 22:14 - 2015-10-30 01:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-12-08 22:14 - 2015-02-26 05:37 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-12-08 21:39 - 2015-02-25 19:00 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2015-12-08 21:26 - 2015-02-24 17:41 - 00000000 ____D C:\Users\Michael\AppData\Roaming\TeamViewer

2015-12-08 21:21 - 2015-06-12 17:04 - 00000000 ____D C:\ProgramData\Oracle

2015-12-08 21:21 - 2015-04-08 09:59 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Spotify

2015-12-08 21:21 - 2015-04-08 09:59 - 00000000 ____D C:\Users\Michael\AppData\Local\Spotify

2015-12-08 21:20 - 2015-08-27 21:01 - 00000000 ____D C:\Users\Michael\.oracle_jre_usage

2015-12-08 21:20 - 2015-08-17 19:29 - 00000000 ____D C:\Program Files (x86)\Java

2015-12-08 21:20 - 2015-06-25 19:21 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2015-12-08 21:20 - 2015-06-25 19:20 - 00000000 ____D C:\Program Files\Java

2015-12-08 21:20 - 2015-06-12 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-12-08 21:05 - 2015-11-06 19:49 - 00000000 ___DC C:\WINDOWS\Panther

2015-12-08 19:25 - 2015-05-28 18:45 - 00000000 ____D C:\Users\Michael\AppData\Roaming\HexChat

2015-12-08 13:44 - 2015-11-06 17:51 - 00000000 ____D C:\Program Files\AMD

2015-12-06 13:07 - 2015-04-14 12:22 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Audacity

2015-12-04 03:40 - 2015-08-06 20:25 - 00004060 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2172870717-1373750500-4216110194-1001UA

2015-12-04 03:40 - 2015-08-06 20:25 - 00003684 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2172870717-1373750500-4216110194-1001Core

2015-12-04 02:35 - 2015-06-25 11:15 - 00003986 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-12-04 02:35 - 2015-06-25 11:15 - 00003754 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-12-03 19:15 - 2015-09-01 19:23 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

2015-12-03 18:38 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\rescache

2015-12-02 18:16 - 2015-10-30 01:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files

2015-12-02 17:46 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2015-11-30 18:33 - 2015-10-30 01:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-11-30 18:33 - 2015-10-30 01:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-11-28 19:17 - 2015-02-24 18:07 - 00000000 ____D C:\Users\Michael\AppData\Roaming\vlc

2015-11-26 11:01 - 2015-05-02 00:28 - 00000000 ____D C:\ProgramData\TEMP

2015-11-25 22:35 - 2015-07-01 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-11-24 14:17 - 2015-10-03 16:05 - 00000000 ____D C:\Users\Michael\AppData\Local\AMD

2015-11-24 14:15 - 2015-02-24 11:44 - 00000000 ____D C:\AMD

2015-11-24 13:07 - 2015-07-18 17:55 - 00000000 ____D C:\ProgramData\SUPPORTDIR

2015-11-24 13:06 - 2015-07-18 18:02 - 00000000 ____D C:\Users\Michael\Documents\CyberLink

2015-11-24 13:06 - 2015-07-18 17:58 - 00000000 ____D C:\Users\Michael\AppData\Local\CyberLink

2015-11-24 13:06 - 2015-07-18 17:55 - 00000000 ____D C:\ProgramData\CyberLink

2015-11-24 13:06 - 2015-02-24 18:49 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-11-24 13:05 - 2015-11-05 20:28 - 00000000 ____D C:\Users\Michael\AppData\Roaming\dvdcss

2015-11-23 19:10 - 2015-02-26 05:37 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-11-23 18:09 - 2015-09-20 02:26 - 00000000 ____D C:\ProgramData\Package Cache

2015-11-21 10:11 - 2015-09-14 22:14 - 00003992 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA

2015-11-21 10:11 - 2015-09-14 22:14 - 00003760 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore

2015-11-18 21:18 - 2015-09-08 10:11 - 00000000 ____D C:\Users\Michael\AppData\Local\CrashDumps

2015-11-18 21:18 - 2015-05-03 17:56 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Free Download Manager

2015-11-18 20:03 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2015-11-18 20:03 - 2015-10-30 01:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2015-11-18 20:03 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-11-18 20:03 - 2015-10-30 01:24 - 00000000 ____D C:\WINDOWS\Provisioning

2015-11-18 20:03 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2015-11-18 20:03 - 2015-10-30 00:28 - 00000000 ____D C:\WINDOWS\system32\Dism

2015-11-17 17:36 - 2015-10-10 14:37 - 00000000 ___RD C:\Users\Michael\OneDrive

2015-11-17 17:33 - 2015-10-10 14:37 - 00002384 _____ C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2015-11-17 15:57 - 2015-02-26 06:00 - 00000000 ____D C:\Users\Michael\Documents\My Kindle Content

==================== Files in the root of some directories =======

2015-06-18 22:09 - 2015-06-17 10:09 - 0000040 ____H () C:\Program Files (x86)\57012c43.tmp

2015-08-12 03:29 - 2015-08-10 15:29 - 0000040 ____H () C:\Program Files (x86)\a71c9ac4.tmp

2015-08-18 17:43 - 2015-08-18 17:43 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe

2015-06-17 20:42 - 2015-06-17 20:42 - 0000600 _____ () C:\Users\Michael\AppData\Roaming\PUTTY.RND

2015-04-08 11:20 - 2015-09-09 12:20 - 0001456 _____ () C:\Users\Michael\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-05-20 18:34 - 2015-05-20 18:51 - 2128896 _____ () C:\Users\Michael\AppData\Local\file__0.localstorage

2015-02-24 18:21 - 2015-12-09 14:16 - 0000600 _____ () C:\Users\Michael\AppData\Local\PUTTY.RND

2015-12-15 12:56 - 2015-12-15 12:56 - 0000218 _____ () C:\Users\Michael\AppData\Local\recently-used.xbel

2015-03-30 15:37 - 2015-03-30 16:11 - 0000469 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Files to move or delete:

====================

C:\Users\Michael\en_res.dll

C:\Users\Michael\es_res.dll

C:\Users\Michael\fr_res.dll

C:\Users\Michael\grm_res.dll

C:\Users\Michael\it_res.dll

C:\Users\Michael\jp_res.dll

C:\Users\Michael\mfc80u.dll

C:\Users\Michael\msvcr80.dll

C:\Users\Michael\PCPE Setup.exe

C:\Users\Michael\pt_res.dll

C:\Users\Michael\ResourceReader.dll

C:\Users\Michael\ru_res.dll

C:\Users\Michael\ZHPCleaner.exe

C:\Users\Michael\zh_res.dll

Some files in TEMP:

====================

C:\Users\Michael\AppData\Local\Temp\Acrobat_DC_Web_WWMUI.exe

C:\Users\Michael\AppData\Local\Temp\dllnt_dump.dll

C:\Users\Michael\AppData\Local\Temp\jre-8u66-windows-au.exe

C:\Users\Michael\AppData\Local\Temp\sfamcc00001.dll

C:\Users\Michael\AppData\Local\Temp\sfareca00001.dll

C:\Users\Michael\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-10 18:04

==================== End of FRST.txt ============================

Attached Files

Addition.txt 73.52KB 5 downloads

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 nasdaq

Malware Response Team
39,888 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:35 PM

Posted 18 December 2015 - 02:39 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled

How to: Turn System Restore ON - Windows < Important
http://windows.microsoft.com/en-ca/windows/turn-system-restore-on-off#1TC=windows-7
===

Press the windows key

+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.

start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001 -> 8DD2282DDC7C5C4A371A13CA0F65B180 URL = hxxp://internet-start.net/?q={searchTerms}
BHO-x32: No Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> No File
BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
Edge HomeButtonPage: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001 -> hxxp://www.yandex.ru/?win=203&clid=2100767-002
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x64\widevinecdmadapter.dll => No File
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2015-12-14]
CHR HKLM-x32\...\Chrome\Extension: [bejnpnkhfgfkcpgikiinojlmdcjimobi] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bhjcgomkanpkpblokebecknhahgkcmoo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cpegcopcfajiiibidlaelhjjblpefbjk] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdjdjkkjoiomafnihnobkinnfjnnlhdg] - hxxp://clients2.google.com/service/update2/crx
CustomCLSID: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {181259C4-9468-D082-92C9-63E985889A47} => No File
CustomCLSID: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2172870717-1373750500-4216110194-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5A3D2210-9468-D082-46B2-4CAB85889A47} => No File
Task: {08DF942A-E013-424B-B8CC-66D439D6A53A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0ECCA29B-6C8E-4021-BA55-AFFEF2B086B4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-10s -> No File <==== ATTENTION
Task: {2CEED18A-CDE9-48EA-A7AB-7F372BDD2C19} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s -> No File <==== ATTENTION
Task: {2D27AA08-D880-4B0A-8D92-B2CC0445FD97} - \Selection Tools Update -> No File <==== ATTENTION
Task: {409CB2AC-FFD2-4574-95E8-AB1959319D6E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s -> No File <==== ATTENTION
Task: {7E871080-813C-4578-B33D-9881341BB17E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s -> No File <==== ATTENTION
Task: {8C420602-A9D7-44BA-B8D8-A146A626E91B} - \Microsoft\Windows\Setup\GWXTriggers\Time-10s -> No File <==== ATTENTION
Task: {A3AC6796-E8EB-46FA-8CC0-5E53900CF68D} - \WindApp Update -> No File <==== ATTENTION
Task: {D4065A61-2767-4EBF-A318-0BB03F0D374B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E4C5AF13-6070-4FFF-8A23-49BA656C5E8B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
ShortcutWithArgument: C:\Users\Michael\AppData\Local\Microsoft\Windows\Application Shortcuts\Chrome\??????.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yandex.ru/?win=203&clid=2100779-002
C:\Users\Michael\AppData\Local\Temp\sfareca00001.dll
C:\Users\Michael\AppData\Local\Temp\sfamcc00001.dll
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\Michael\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Michael\Desktop\Ah.jpg:com.apple.metadata?kMDItemDownloadedDate
AlternateDataStreams: C:\Users\Michael\Desktop\Ah.jpg:com.apple.metadata?kMDItemWhereFroms
AlternateDataStreams: C:\Users\Michael\Desktop\Ah.jpg:com.apple.quarantine

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon

which is located right side top of the google chrome.

Click "Settings" then "Show advanced settings" at the bottom of the screen.

Click "Reset browser settings" button.

Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en
Select "From the beginning of time"

Restart Chrome.

====

Any remaining issues with this computer?

#3 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 18 December 2015 - 03:44 PM

Thanks! Done.. I'll respond to let you know if the issue remains or if it is fixed. Usually it happens once a day so I should know shortly.

Attached Files

Fixlog.txt 14.51KB 2 downloads

#4 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 18 December 2015 - 05:31 PM

Actually I was hoping you could take a look at this? I ran Rkill several times over past 2 days. Yesterday I got a really long log full of reparse points (uploaded here). But every other time I ran Rkill yesterday and today (after rebooting inbetween) the scan was fine (see attached). So I am not sure if this particular Rkill scan was a fluke?

Attached Files

Rkill.txt 3.11KB 5 downloads

#5 nasdaq

Malware Response Team
39,888 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:35 PM

Posted 19 December 2015 - 08:42 AM

Checking for processes to terminate:

* C:\Windows\SysWOW64\HsMgr.exe (PID: 3664) [WD-HEUR]
* C:\Windows\System\HsMgr64.exe (PID: 6932) [WD-HEUR]

Required for your Sound card.
http://www.file.net/process/hsmgr.exe.html

===

As for the other services that are missing I'm not sure that they are required in you case.
If you have any difficulties with this compute then run this tool.

Please Download Tweaking.com - Windows Repair from Here

Install and then run the program
Execute the instructions on Step 1 Important
Click Next on Step 2 Optional, do the Pre Scan skip Step 3 and 4 Optional for now.
On Step 5 Backup System Restore Do a Registry backup. When you have completed this click Next
Click on Repairs
Click Repairs - Open Repairs in the bottom right corner
Click the Unselect All button then select just the item(s) listed below

01 - Repair Registry Permissions
03 - Reset Service permissions
04 - Register System Files
10 - Remove Policies Set By Infections
26 - Restore Important Windows Services
27 - Set Windows Service to Default Startup

Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
Please copy and paste the Contents of this file on your next reply.
===

Restart the computer normally.

How is the computer running now?

#6 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 19 December 2015 - 11:14 AM

Hey nasdaq,

Thanks for your help. Did you see the Rkill log I linked? https://www.dropbox.com/s/1117jsnhgfb9zph/Rkill.txt?dl=0 It was too big too attach. The one that I attached is a 'normal' Rkill log which is what Rkill gives everytime I scan. But one time 2 days ago it gave me a really big log with many reparse points (the dropbox link) I am not sure if that was just a fluke or not because every other time it has been normal. I am not sure if this is related or worth looking into

Edited by mixolyd, 19 December 2015 - 02:25 PM.

#7 nasdaq

Malware Response Team
39,888 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:35 PM

Posted 20 December 2015 - 09:05 AM

No I do not open any such files.
Next time please past only the items in then logs you find suspicious.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#8 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 20 December 2015 - 12:23 PM

Ok, well it's just a text file. I've scanned it with different AVs and it's completely clean.. I also attached it to this post. Anyway, there's a lot there and all of it is suspicious.. Here is some of it

Rkill 2.8.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html


Program started at: 12/17/2015 09:22:09 PM in x64 mode.
Windows Version: Windows 10 Pro 


Checking for Windows services to stop:


 * No malware services found to stop.


Checking for processes to terminate:


 * C:\Windows\SysWOW64\HsMgr.exe (PID: 7564) [WD-HEUR]
 * C:\Windows\System\HsMgr64.exe (PID: 7892) [WD-HEUR]


2 proccesses terminated!


Checking Registry for malware related settings:


 * No issues found in the Registry.


Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


Performing miscellaneous checks:


 * ALERT: ZEROACCESS Reparse Point/Junction found!


     * C:\Program Files\Windows Defender\mpuxhostproxy.dll => <Unknown Target> [File]


 * Reparse Point/Junctions Found (These may be legitimate)!


     * C:\WINDOWS\AppPatch\AcGenral.dll => <Unknown Target> [File]
     * C:\WINDOWS\AppPatch\AcRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\AppPatch\AcSpecfc.dll => <Unknown Target> [File]
     * C:\WINDOWS\AppPatch\AcWinRT.dll => <Unknown Target> [File]
     * C:\WINDOWS\AppPatch\apppatch64\AcWinRT.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_32\srmlib\1.0.0.0__31bf3856ad364e35\srmlib.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_64\srmlib\1.0.0.0__31bf3856ad364e35\srmlib.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Ink.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_en_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\MMCFxCommon\3.0.0.0__31bf3856ad364e35\MMCFxCommon.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AuditPolicy42d3d2cc#\3339dca8783490ab51839a634bfafc73\AuditPolicyGPManagedStubs.Interop.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\6d8f5ac3c1e8ca91f5896af375b80e00\CustomMarshalers.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\EventViewer\e75cfdfad89977cb991c9fe143d62ee5\EventViewer.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.A26c32abb#\2d6879b249ecdacc4d8597803f86b570\Microsoft.ApplicationId.RuleWizard.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Abf69f55a#\b4eb06de6c7c792e4da6561f54cbab7d\Microsoft.ApplicationId.Framework.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.C26a36d2b#\4784bfa63f3063343ae8fcd02dd8fd92\Microsoft.CertificateServices.PKIClient.Cmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.D0ff51f83#\834817e1359f777cf7d6ddb9bfc10a5e\Microsoft.Dtc.PowerShell.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Ga41585c2#\1d243b7481d6bd7ca48d22aa449deb96\Microsoft.GroupPolicy.AdmTmplEditor.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.I0cd65b90#\4a72cda586e8e55498b5f73e86b46cad\Microsoft.Isam.Esent.Interop.Wsa.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Ic1a2041b#\51e7aaa38683e5874c4b9178bafc5d80\Microsoft.Isam.Esent.Interop.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Kd58820a5#\0e595a421457d106c1c6c6bed82f8838\Microsoft.KeyDistributionService.Cmdlets.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Mf49f6405#\c5cf09a01c434d73a149336798330955\Microsoft.Management.Infrastructure.ni.dll => <Unknown Target> [File]
     * C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Mff1be75b#\960122e162c3ec2a1c31cb8206ba642b\Microsoft.ManagementConsole.ni.dll => <Unknown Target> [File]


 * C:\WINDOWS\System32\winethc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinFax.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winhttpcom.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wininetlui.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winipcfile.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winipcsecproc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winipcsecproc_ssp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winipsec.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winlogonext.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winmde.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.ApplicationModel.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Data.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Devices.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Gaming.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Globalization.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Graphics.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Management.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Media.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Networking.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Perception.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.Services.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMetadata\Windows.UI.Xaml.winmd => <Unknown Target> [File]
     * C:\WINDOWS\System32\winmsipc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinMsoIrmProtector.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinOpcIrmProtector.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winrs.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\winrscmd.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winrshost.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\winrssrv.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinRtTracing.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSAT.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSATAPI.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSCard.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSetupUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winshfhc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winsku.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winsockhc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winsqlite3.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WINSRPC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSync.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSyncMetastore.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WinSyncProviders.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winusb.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\winver.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wisp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\witnesswmiv2provider.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wkspbroker.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wkspbrokerAx.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wksprt.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wksprtPS.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlancfg.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WLanConn.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlandlg.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlangpui.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WLanHC.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WlanMediaManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WlanMM.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlanpref.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlanui.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlidcli.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlidfdp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlidnsp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wlrmdr.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMADMOD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMASF.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmcodecdspps.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmdmlog.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmdmps.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmdrmdev.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmdrmnet.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmdrmsdk.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmicmiplugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmidx.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmiprop.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmitomi.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMNetMgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMPDMC.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WmpDui.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmpdxm.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmpeffects.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMPhoto.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmpmde.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmpps.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmpshell.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMSPDMOD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMSPDMOE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMVCORE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMVDECOD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\wmvdspa.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMVENCOD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMVSDECD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMVSENCD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WMVXENCD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\System32\WofTasks.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WofUtil.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WordBreakers.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\workerdd.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WorkFolders.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WorkfoldersControl.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WorkFoldersGPExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WorkFoldersRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wowreg32.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wpbcreds.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WpcWebFilter.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WpcWebSync.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WpdMtp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WpdMtpUS.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WPDShextAutoplay.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WPDSp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wpd_ci.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wpninprc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wpnpinst.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WppRecorderUM.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wpr.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wpx.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\write.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\ws2help.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wscisvif.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WSCollect.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wscproxystub.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsecedit.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsepno.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wshbth.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wshcon.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wshelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wshhyperv.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wshirda.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wshrm.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WsmAgent.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WSManMigrationPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WsmAuto.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsmplpxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsmprovhost.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WsmWmiPl.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsplib.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsp_fs.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsp_health.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wsp_sr.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WSReset.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\WSSls.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wuapihost.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wuautoappupdate.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WUDFCoinstaller.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WudfSMCClassExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WUDFx02000.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wudriver.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wusa.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\wvc.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WwaExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WWanAPI.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wwancfg.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wwanconn.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\WWanHC.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wwanmm.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\Wwanpref.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\wwanprotdim.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XamlDiagnostics.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XAudio2_8.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XAudio2_9.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XblAuthManagerProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XblAuthTokenBrokerExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XblGameSaveProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xcopy.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\XInput1_4.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XInput9_1_0.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XInputUap.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xmlfilter.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xmlprovi.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xolehlp.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XpsDocumentTargetPrint.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XpsFilt.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XpsGdiConverter.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XpsPrint.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XpsRasterService.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xpsservices.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\XPSSHHDR.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xwizard.exe => <Unknown Target> [File]
     * C:\WINDOWS\System32\xwizards.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xwreg.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xwtpdui.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\xwtpw32.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\zipcontainer.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\ZTrace_ca.dll => <Unknown Target> [File]
     * C:\WINDOWS\System32\ztrace_maps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ContactSupport_cw5n1h2txyewy\ContactSupport.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ContactSupport_cw5n1h2txyewy\RdpRelayTransport.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ContactSupport_cw5n1h2txyewy\SupportApp.WinRT.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ContactSupport_cw5n1h2txyewy\SupportApp.WinRT.winmd => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\Microsoft.Diagnostics.Tracing.EventSource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\PilotContracts.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\PilotsHub.NativeHelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\PilotsHub.NativeHelper.winmd => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\PilotsHubApp.BackgroundWorker.winmd => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\PilotsHubApp.Core.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\PilotshubApp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\siufquestions.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\InsiderHub_cw5n1h2txyewy\TokenBrokerClientAuthentication.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AAD.Core.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.BioEnrollment_cw5n1h2txyewy\BioEnrollmentHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.BioEnrollment_cw5n1h2txyewy\BioEnrollmentUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eData.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eModel.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eShims.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\eView.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\F12App2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\F12AppFrame2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.AssignedAccessLockApp_cw5n1h2txyewy\AssignedAccessLockApp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\Microsoft.CloudExperienceHost.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\MicrosoftAccount.TokenProvider.Core.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionMgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingLocalSearchService.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CGSVCBackgroundTask.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ContactPermissionsActionUriHandlers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ContactPermissionsProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.ActionUriHandlers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.AppToApp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.ContactPermissions.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.DevTestHooks.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.DoNotDisturb.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.IntentExtraction.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.LocalSearch.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Nodewinrtwrap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.People.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Places.ViewModels.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Reminders.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.SmartExtraction.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Sync.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Sync.Worker.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Upload.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaCoreProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaMusicSearch.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaSignalsManagerProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaSignalsProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaSpeechUXRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaSyncProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DNDActionUriHandlers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DoNotDisturbProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\JsonReader.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\microsoft.bing.client.graph.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\node.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\OnlineServices.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PhonePCVoiceAgents.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesAutoSuggestProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PPIVoiceAgents.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ReactiveAgentsCommon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ReminderActionUriHandlers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesActionUriHandler.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesServiceProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SAPIBackgroundTask.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ShellActionUriHandlers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\TextEntityExtractorProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\tws.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\VoiceAgentsCommon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.SecondaryTileExperience_cw5n1h2txyewy\SecondaryTileExperience.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.Windows.SecondaryTileExperience_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\GamingTcuiHelpers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Microsoft.Diagnostics.Tracing.EventSource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\Toolkit.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.Resource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.Shell.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.Tracing.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XboxExperienceServices.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\AuthManAuthProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\Microsoft.Diagnostics.Tracing.EventSource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxExperienceServices.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.Auth.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.Tasks.winmd => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.Telemetry.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ParentalControls_cw5n1h2txyewy\WpcUapApp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\DevicesFlowUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\PeopleShared.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\WindowsFeedback_cw5n1h2txyewy\feedbackapp.helper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\WindowsFeedback_cw5n1h2txyewy\FeedbackApp.Helper.winmd => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\WindowsFeedback_cw5n1h2txyewy\FeedbackApp.Windows.exe => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\WindowsFeedback_cw5n1h2txyewy\microsoft.windows.internal.feedback.winmd => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\WindowsFeedback_cw5n1h2txyewy\siufdata.dll => <Unknown Target> [File]
     * C:\WINDOWS\SystemApps\WindowsFeedback_cw5n1h2txyewy\TokenBrokerClientAuthentication.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\accessibilitycpl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AccountsControlInternal.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AccountsRt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ACCTRES.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\acledit.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\aclui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ActionCenterCPL.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ActivationClient.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\activeds.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AddressParser.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AdmTmpl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\adprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\adrclient.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\adsmsext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\adsnt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\adtschema.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AdvancedInstallers\cmiv2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\aeevts.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\amstream.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\APHostClient.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AppCapture.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Apphlpdm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\appidapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AppLockerCSP.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\appmgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AppointmentApis.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\apprepsync.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\appwiz.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AppxApplicabilityEngine.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\aspnet_counters.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\asycfilt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\at.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\atmfd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\atmlib.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\audiodev.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\auditpol.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\auditpolmsg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuthBrokerUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuthExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\authfwcfg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuthFWGP.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuthFWSnapin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AuthFWWizFwk.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\autochk.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\autoconv.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\autofmt.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\autoplay.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\avifil32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\azroleui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AzSqlExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\backgroundTaskHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\basecsp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bcastdvr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bcd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bidispl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\BingMaps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\BingOnlineServices.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bitsadmin.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\blackbox.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bootcfg.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\BOOTVID.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\BrowserSettingSync.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\bthudtask.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\btpanui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\BWContextHandler.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cabview.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cacls.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CallButtons.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CallButtons.ProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CallHistoryClient.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CameraCaptureUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CameraSettingsUIHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\capiprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\capisp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\catsrv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\catsrvps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cca.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cdosys.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cdp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cemapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\certcli.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\certenc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CertEnrollUI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\certmgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\certreq.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\certutil.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cewmdm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cfgbkend.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cfmifs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cfmifsproxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Chakradiag.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Chakrathunk.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\charmap.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\chartv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ChatApis.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CheckNetIsolation.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\chkdsk.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\choice.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CHxReadingStringIME.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cic.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cipher.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\clb.dll => <Unknown Target> [File]

     * C:\WINDOWS\SysWOW64\cmmon32.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cmpbk32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cmstp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cmstplua.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cmutil.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cngprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cnvfat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\colbact.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\colorcpl.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\colorui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Com\comadmin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Com\comrepl.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Com\MigRegDB.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\comcat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\comp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\compact.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CompPkgSup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\compstui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ComputerDefaults.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\comrepl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\comsnap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\connect.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ConnectedAccountState.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\console.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\convert.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CoreMmRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Cortana.Persona.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CortanaMapiHelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CortanaMapiHelper.ProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CPFilters.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\CredentialUIBroker.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\credssp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\credwiz.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\crtdll.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cryptdlg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cryptext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cryptuiwizard.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cscdll.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cscript.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ctl3d32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cttune.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\cttunesvr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\C_G18030.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\c_GSM7.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\C_IS2022.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\C_ISCII.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3d10.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3d10core.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3d10level9.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3d10_1.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3d10_1core.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\D3D12.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\D3DCompiler_47.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3dim.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3dim700.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3dramp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\d3dxof.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dabapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DafCdp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DafPrintProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dataclen.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DavSyncProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dbgeng.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DbgModel.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dbnetlib.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dbnmpntw.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dccw.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dcomcnfg.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DDACLSys.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ddodiag.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DDOIProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ddrawex.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DefaultDeviceManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DefaultPrinterProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\delegatorprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\desk.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\deskmon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DeviceCenter.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DeviceDisplayStatusManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DevicePairing.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DevicePairingFolder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DevicePairingProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DevicePairingWizard.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DeviceProperties.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DeviceUxRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\devmgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dfrgui.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dfscli.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dfshim.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DfsShlEx.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dhcpcmonitor.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dhcpsapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DiagSvcs\DiagnosticsHub.StandardCollector.Proxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dialer.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DictationManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dimsroam.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dinput.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\diskpart.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\diskperf.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\diskraid.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\AppxProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\AssocProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\CbsProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\CompatProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\DismCore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\DismCorePS.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\DismHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\DismProv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\DmiProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\FfuProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\FolderProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\GenericProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\IBSProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\ImagingProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\IntlProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\LogProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\MsiProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\OfflineSetupProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\OSProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\ProvProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\SmiProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\TransmogProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\UnattendProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\VhdProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism\WimProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Dism.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dispex.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Display.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DisplayManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\DisplaySwitch.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\dllhst3g.exe => <Unknown Target> [File]
    
     * C:\WINDOWS\SysWOW64\efsext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\efsui.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\EhStorAuthn.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\EhStorPwdMgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\els.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\elshyph.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\EmailApis.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\embeddedmodesvcapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\en\AuthFWSnapIn.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\en\AuthFWWizFwk.Resources.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\encapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\EncDec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\eqossnap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ErrorDetails.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\EsdSip.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\esentprf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\esentutl.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\esevss.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ETWESEProviderResources.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\eudcedit.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\eventcls.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\eventcreate.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\eventvwr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\evr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\expand.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\explorer.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ExSMime.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\extrac32.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\DiagnosticsHub.DataWarehouse.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\DiagnosticsHub.ScriptedSandboxPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\DiagnosticsHub_is.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\DiagnosticsTap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12App.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12AppFrame.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Chooser.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Platform.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Platform2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Script.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Script2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Tab.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\F12Tab2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\MemoryAnalyzer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\msdbg2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\pdm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\pdmproxy100.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\Timeline.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\F12\Timeline_is.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\f3ahvoas.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FamilySafetyExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fc.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdBth.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdBthProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FdDevQuery.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fde.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdeploy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdprint.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdSSDP.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdWCN.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdWNet.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fdWSD.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\feclient.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\findnetprinters.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\findstr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\finger.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fingerprintcredential.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FirewallControlPanel.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fixmapi.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fltMC.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fmifs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fms.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Fondue.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fontdrvhost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fontext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fontsub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fontview.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\forfiles.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fphc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\framedyn.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\frprov.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fsquirt.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fsutil.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fsutilext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ftp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\fwcfg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FwRemoteSvr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FXSAPI.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FXSCOM.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FXSCOMEX.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FXSEXT32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FXSRESM.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\FXSXP32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\GamePanel.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\GameUXLegacyGDFs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gamingtcui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gcdef.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Geocommon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Geolocation.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\GeoLocatorHelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\getmac.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\getuname.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\glmf32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\GlobCollationHost.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpedit.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpprefcl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpprnext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpresult.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpscript.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpscript.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gptext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\gpupdate.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\grpconv.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hbaapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hdwwiz.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hdwwiz.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\help.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\HelpPaneProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hevcdecoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hh.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hhsetup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hidserv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hlink.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hmkd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\hnetmon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\HOSTNAME.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\HrtfApo.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\htui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ias.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iasacct.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iasads.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iasdatastore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iashlpr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IasMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iasnap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iaspolcy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iasrad.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iasrecst.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iassam.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iassdo.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iassvcs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\icacls.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iccvid.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\icmui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\icsigd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\icsunattend.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IdCtrls.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\idndl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IEAdvpack.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iedkcs32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ieetwproxystub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iepeers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iernonce.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iesetup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iesysprep.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ieui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ieUnatt.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iexpress.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ifmon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ifsutilx.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\imagesp1.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\imapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\applets\IMJPCAC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\applets\IMJPCLST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\applets\IMJPKDIC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\applets\imjpskey.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\applets\IMJPSKF.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPAPI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPCD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPCMLD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\imjpcus.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPDAPI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPDCT.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPDCTP.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPLMP.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPPRED.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPSET.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPTIP.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\IMJPUEX.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\imjpuexc.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEJP\imjputyc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\APPLETS\imkrcac.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\APPLETS\imkrskf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\DICTS\imkrhjd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\imkrapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\imkrotip.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\imkrtip.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMEKR\imkrudt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\Applets\IMTCCAC.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\Applets\IMTCDIC.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\Applets\IMTCSKF.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\IMTCCFG.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\IMTCCORE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\IMTCLNWZ.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\IMTCPROP.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\IMTCTIP.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\IMTCTRLN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\IMETC\imtcui.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMCCPHR.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMEAPIS.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\ImeBrokerps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\imecfm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\imecfmps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\imecfmui.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMEDICAPICCPS.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMEFILES.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMELM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMEPADSM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMEPADSV.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMESEARCH.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMESEARCHDLL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMESEARCHPS.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMETIP.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\imever.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMEWDBLD.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\IMJKAPI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\MSCAND20.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\res\padrs404.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\res\padrs411.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\res\padrs412.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IME\SHARED\res\padrs804.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\inetcpl.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\inetmib1.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\INETRES.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InfDefaultInstall.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InkAnalysis.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InkEd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InkObjCore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\input.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InputInjectionBroker.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InputLocaleManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InputMethod\CHS\ChsIFEComp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InputMethod\JPN\Windows.Globalization.JapanesePhoneme.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InputService.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\inseng.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallAgent.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setup.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0003\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0005\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0006\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0007\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0008\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0009\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\000a\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\000b\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\000e\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0010\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0011\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0012\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0013\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0014\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0015\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0019\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\001a\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\001b\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\001d\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\001e\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\001f\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0021\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0024\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\002d\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0404\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\040c\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0416\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0804\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0816\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\setupdir\0c0c\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\_isdel.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\InstallShield\_setup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\instnm.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\intl.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IoTAssignedAccessLockFramework.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ipconfig.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\IPELoggingDictationHelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iprtprio.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iprtrmgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ipsecsnp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ipsmsnap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir32_32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir32_32original.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir41_32original.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir41_qc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir41_qcoriginal.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir41_qcx.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir41_qcxoriginal.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir50_32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir50_32original.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir50_qc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir50_qcoriginal.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir50_qcx.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ir50_qcxoriginal.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\irclass.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\irprops.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsicli.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsicpl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsicpl.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsidsc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsied.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsium.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsiwmi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iscsiwmiv2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\isoburn.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\itircl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\itss.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\iyuv_32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\joinproviderol.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\joinutil.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\joy.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\JpMapControl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\jscript9diag.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd101.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd101a.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd101b.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd101c.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd103.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd106.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbd106n.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDA1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDA2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDA3.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDAL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDARME.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdarmph.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdarmty.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDARMW.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdax2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDAZE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDAZEL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDAZST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBASH.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBENE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBGPH.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBGPH1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBHC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBLR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBU.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBUG.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDBULG.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCAN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCHER.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCHERP.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCZ1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDCZ2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDDA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDDIV1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDDIV2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDDV.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDDZO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDES.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDEST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDFA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdfar.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDFI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDFI1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDFO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDFR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDFTHRK.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGAE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGEO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdgeoer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdgeome.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdgeooa.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdgeoqw.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGKL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGR1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGRLND.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDGTHC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHAU.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHAW.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHE220.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHE319.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHEB.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdhebl3.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHELA2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHELA3.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHEPT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHU.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDHU1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdibm02.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDIBO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDIC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINASA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINBE1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINBE2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINBEN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINDEV.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINEN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINGUJ.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINHIN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINKAN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINMAL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINMAR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINORI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINPUN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINTAM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINTEL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDINUK2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDIR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDIT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDIT142.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDIULAT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDJAV.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDJPN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDKAZ.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDKHMR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDKNI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDKOR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDKURD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDKYR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLAO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdlisub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdlisus.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdlk41a.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLT1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLT2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLV.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLV1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDLVST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMAC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMACST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMAORI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMLT47.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMLT48.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMON.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMONMO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMONST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDMYAN.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDNE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdnec.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdnec95.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdnecat.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdnecnt.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDNEPR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdnko.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDNO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDNO1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDNSO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDNTL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDOGHAM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDOLCH.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDOLDIT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDOSM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDPASH.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\kbdphags.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDPL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDPL1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDPO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDRO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDROPR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDROST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDRU.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDRU1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDRUM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSF.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSG.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSL1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSMSFI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSMSNO.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSN1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSORA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSOREX.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSORS1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSORST.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSP.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSW.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSW09.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSYR1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDSYR2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTAILE.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTAJIK.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTAT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTH0.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTH1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTH2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTH3.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTIFI.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTIFI2.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTIPRC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTIPRD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTT102.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTUF.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTUQ.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTURME.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDTZM.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUGHR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUGHR1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUK.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUKX.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUR1.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDURDU.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUSA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUSL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUSR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUSX.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDUZB.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDVNTC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDWOL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDYAK.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDYBA.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDYCC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\KBDYCL.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\keymgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ktmutil.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\l2gpstore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\L2SecHC.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\label.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\LAPRXY.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\LaunchTM.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\LaunchWinApp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\licensingdiag.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\localsec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\lodctr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\logagent.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\loghours.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\logman.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\luainstall.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\main.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\makecab.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MapConfiguration.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MapControlCore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mapistub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MapsBtSvc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MbaeApi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mbsmsapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mbussdapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mcbuilder.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MCCSEngineShared.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MCEWMDRMNDBootstrap.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mciavi32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mcicda.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mciseq.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MCRecvSrc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mdminst.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mdmregistration.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MessagingDataModel2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mf3216.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfAACEnc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfc40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfc40u.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfcsubs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfds.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfdvdec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mferror.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfh263enc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfh265enc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfmjpegdec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfnetcore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfnetsrc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfperfhelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MFPlay.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfpmp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mftranscode.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mfvdsp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MFWMAAEC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mgmtapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mibincodec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MicrosoftAccountExtension.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migisol.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\audmigplugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\bthmigplugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\CntrtextMig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\commig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\dabmigplugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\dafmigplugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\gameuxmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\imjpmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\imkrmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\imtcmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\IphlpsvcMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\MapsMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\modemmigplugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\msctfmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\netiomig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\nlscoremig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\PlaMig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\SCGMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\shmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\sppmig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\StorMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\SxsMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\TableTextServiceMig.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\WininetPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\WMIMigrationPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\WpcMigration.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\WSearchMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migration\WsUpgrade.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\miguiresource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\migwiz\unbcl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mimefilt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mimofcodec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MinstoreEvents.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MiracastReceiver.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MirrorDrvCompat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mispace.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\miutils.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmcbase.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmci.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmcico.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmcndmgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmcshext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmres.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mmsys.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mobsync.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\modemui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\moricons.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MosHostClient.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MosResource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MosStorage.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mountvol.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MP43DECD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MPG4DECD.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mprapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mprddm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mprdim.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mprext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mprmsg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MRINFO.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MrmIndexer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mrt100.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mrt_map.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ms3dthumbnailprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msaatext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAC3ENC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAJApi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAlacDecoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAlacEncoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAMRNBDecoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAMRNBEncoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAMRNBSink.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSAMRNBSource.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msaudite.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mscandui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mscat32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msclmd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mscorier.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mscories.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mscpxl32.dLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msctfui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msctfuimanager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdadiag.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdart.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdelta.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdrm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdt.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdtcprx.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdtcuiu.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msdtcVSp1res.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msexch40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msexcl40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msfeedsbs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msfeedssync.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSFlacDecoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSFlacEncoder.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MshtmlDac.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mshtmled.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mshtmler.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msidcrl40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msident.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msidntld.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msieftp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msihnd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msimsg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msinfo32.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msiwer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msjetoledb40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mskeyprotcli.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msltus40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msmpeg2adec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msmpeg2vdec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msnetobj.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msobjs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msoeacct.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msorcl32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mspaint.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mspatcha.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mspatchc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mspbde40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSPhotography.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msports.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msra.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msrating.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msrd2x40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msrd3x40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msrdc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MsRdpWebAccess.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msrepl40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msrle32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msscntrs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msscp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mssign32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mssip32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mssitlb.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mssphtb.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mstext40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mstsc.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mstscax.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvbvm60.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvcirt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvcp60.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvcrt20.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvcrt40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msvidc32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSVideoDSP.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MSVP9DEC.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mswdat10.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mswmdm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msxbde40.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\msyuv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MTF.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mtstocom.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mtxclu.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mtxlegih.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\mtxoci.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MUI\0409\mscorees.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\muifontsetup.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\MuiUnattend.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NAPCRYPT.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Narrator.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NaturalLanguage6.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NcaApi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NcdProp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nci.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ncpa.cpl => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndadmin.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nddeapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndfapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndfetw.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndfhcdiscovery.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndiscapCfg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndishc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ndproxystub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\net1.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netbios.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netbtugc.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netcenter.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netcorehc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netdiagfx.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netevent.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netfxperf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netid.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netiohlp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netiougc.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netlogon.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netplwiz.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Netplwiz.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netprovfw.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netprovisionsp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netsh.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\netshell.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NETSTAT.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\networkhelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\networkitemfactory.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\newdev.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nlhtml.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nlmgp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nlmproxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nlmsprep.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nlsbres.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NlsData0000.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NlsData0009.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Nlsdl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NlsLexicons0009.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NMAA.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NmaDirect.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\notepad.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nshhttp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nshipsec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nshwfp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\nslookup.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ntlanui2.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\NtlmShared.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ntprint.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ntprint.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ntvdm64.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\objsel.dll => <Unknown Target> [File]

     * C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TpmInit.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\tracerpt.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TRACERT.EXE => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\traffic.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\tsbyuv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\tsgqec.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\tsmf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TSTheme.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TSWorkspace.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TtlsAuth.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TtlsCfg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\TtlsExt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\tvratings.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\txflog.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\txfw32.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\typeperf.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\tzutil.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ucmhc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\udhisapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uexfat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ufat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uicom.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uireng.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\umdmxfrm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\unimdmat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uniplat.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Unistore.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\unlodctr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\unregmp2.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\untfs.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\upnpcont.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\upnphost.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uReFS.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uReFSv1.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ureg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\usbceip.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\usbperf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\usbui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserAccountBroker.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserAccountControlSettings.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserAccountControlSettings.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\usercpl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDataAccessRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDataAccountApis.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\ustprov.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\utildll.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Utilman.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uudf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\UXInit.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uxlib.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\uxlibres.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Vault.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\VCardParser.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\vdmdbg.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\vds_ps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\verclsid.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\verifier.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\verifiergui.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\VIDRESZR.DLL => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\virtdisk.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\VoiceActivationManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\VoipRT.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\vpnikeapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\VscMgrPS.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\vssadmin.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\vss_ps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\w32tm.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\w32topl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WABSyncProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\waitfor.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WalletBackgroundServiceProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WalletProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wavemsp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\ipmiprv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\mofcomp.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\mofd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\msdtcwmi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\PolicMan.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\PrintManagementProvider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\RacWmiProv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\schedprov.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\stdprov.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\vdswmi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\viewprov.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\vsswmi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\wbemcntl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WdacWmiProv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\Win32_Tpm.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WinMgmt.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WMIADAP.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WmiApRpl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WMIC.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WMICOOKR.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WmiDcPrv.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\WmiPerfInst.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wbem\xml\wmi2xml.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WcnApi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wcnwiz.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WcsPlugInService.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wdc.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WebcamUi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WebClnt.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Websocket.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wecapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wecutil.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\werdiagcontroller.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\weretw.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WerFault.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WerFaultSecure.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wermgr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\werui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wevtfwd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wevtutil.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wextract.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wfapigp.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wfdprov.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WfHC.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\where.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\whhelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\whoami.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wiaacmgr.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wiaaut.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wiadefui.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wiascanprofiles.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wiashext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\WiFiDisplay.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wimgapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\winbioext.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\wincredprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Background.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Background.ps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Portable.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Printers.Extensions.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Management.Lockdown.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Management.Workplace.WorkplaceSettings.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.BackgroundPlayback.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Capture.AppCapture.Stub.exe => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Import.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Networking.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Networking.XboxLive.ProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll => <Unknown Target> [File]
    

 * C:\WINDOWS\WinSxS\amd64_1394.inf_31bf3856ad364e35_10.0.10586.0_none_87b4eef7b03f2543\1394ohci.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_3ware.inf_31bf3856ad364e35_10.0.10586.0_none_ee92a7f009c38c8a\3ware.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_61883.inf_31bf3856ad364e35_10.0.10586.0_none_b682fb78c9ac24f8\61883.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_acpi.inf_31bf3856ad364e35_10.0.10586.0_none_af0e5c5c785f0279\acpi.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_acpipagr.inf_31bf3856ad364e35_10.0.10586.0_none_9169b6b6efabdf57\acpipagr.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_acpipmi.inf_31bf3856ad364e35_10.0.10586.0_none_34044f4f6ad329cf\acpipmi.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_acpitime.inf_31bf3856ad364e35_10.0.10586.0_none_582e408ad4e2dda0\acpitime.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_addinprocess32_b77a5c561934e089_4.0.10586.0_none_674039174f59a7e0\AddInProcess32.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_adp80xx.inf_31bf3856ad364e35_10.0.10586.0_none_e9a65db55ec4f111\adp80xx.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_agp.inf_31bf3856ad364e35_10.0.10586.0_none_f885b99f8b22f85a\GAGP30KX.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_agp.inf_31bf3856ad364e35_10.0.10586.0_none_f885b99f8b22f85a\UAGP35.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_amdsata.inf_31bf3856ad364e35_10.0.10586.0_none_d8f26f992c423a09\amdsata.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_amdsata.inf_31bf3856ad364e35_10.0.10586.0_none_d8f26f992c423a09\amdxata.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_amdsbs.inf_31bf3856ad364e35_10.0.10586.0_none_f222cedbbf7768fa\amdsbs.sys => <Unknown Target> [Fi

     * C:\WINDOWS\WinSxS\amd64_mchgr.inf_31bf3856ad364e35_10.0.10586.0_none_a180427903a37a69\seaddsmc.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mchgr.inf_31bf3856ad364e35_10.0.10586.0_none_a180427903a37a69\snyaitmc.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mchgr.inf_31bf3856ad364e35_10.0.10586.0_none_a180427903a37a69\sonymc.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mchgr.inf_31bf3856ad364e35_10.0.10586.0_none_a180427903a37a69\spctramc.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmagm64.inf_31bf3856ad364e35_10.0.10586.0_none_e898ba37ae58e587\ltmdm64.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmags64.inf_31bf3856ad364e35_10.0.10586.0_none_bb4e526d5dbf94dd\agrsm64.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmbtmdm.inf_31bf3856ad364e35_10.0.10586.0_none_7a29667335b629e4\bthmodem.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxhv6.inf_31bf3856ad364e35_10.0.10586.0_none_36daf5667cb12499\VSTAZL6.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxhv6.inf_31bf3856ad364e35_10.0.10586.0_none_36daf5667cb12499\VSTBS26.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxhv6.inf_31bf3856ad364e35_10.0.10586.0_none_36daf5667cb12499\VSTBS36.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxhv6.inf_31bf3856ad364e35_10.0.10586.0_none_36daf5667cb12499\VSTCNXT6.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxhv6.inf_31bf3856ad364e35_10.0.10586.0_none_36daf5667cb12499\VSTDPV6.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxpv6.inf_31bf3856ad364e35_10.0.10586.0_none_4fcd15ae113a0e61\VSTBS26.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxpv6.inf_31bf3856ad364e35_10.0.10586.0_none_4fcd15ae113a0e61\VSTCNXT6.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmcxpv6.inf_31bf3856ad364e35_10.0.10586.0_none_4fcd15ae113a0e61\VSTDPV6.SYS => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmirmdm.inf_31bf3856ad364e35_10.0.10586.0_none_93a0161b2fdf48c7\MSIRCOMM.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmmot64.inf_31bf3856ad364e35_10.0.10586.0_none_164d09a719b6e022\SmSerl64.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mdmsettingsprov_31bf3856ad364e35_10.0.10586.0_none_4163f50d1de69848\MDMSettingsProv.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_megasas.inf_31bf3856ad364e35_10.0.10586.0_none_bcc5ed94f9097a0f\megasas.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_megasr.inf_31bf3856ad364e35_10.0.10586.0_none_751f86d2a578ff0f\megasr.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_memory.inf_31bf3856ad364e35_10.0.10586.0_none_d9e1898fe1d16237\pnpmem.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_mf.inf_31bf3856ad364e35_10.0.10586.0_none_4bbe11c937882ee7\mf.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-antimalware-scan-interface_31bf3856ad364e35_10.0.10586.0_none_e339f252816b2b88\amsi.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-antimalware-scan-interface_31bf3856ad364e35_10.0.10586.0_none_e339f252816b2b88\amsiproxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-appmodel-exec-events_31bf3856ad364e35_10.0.10586.14_none_a5f51be599dbebb2\Microsoft-Windows-AppModelExecEvents.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-li..ing-platform-client_31bf3856ad364e35_10.0.10586.0_none_95eb30bc5e27492f\Clipc.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-li..ing-platform-client_31bf3856ad364e35_10.0.10586.0_none_95eb30bc5e27492f\licensingdiag.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-li..ing-platform-client_31bf3856ad364e35_10.0.10586.0_none_95eb30bc5e27492f\oemlicense.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-li..m-service-migration_31bf3856ad364e35_10.0.10586.0_none_23891e90c02e780f\ClipMigPlugin.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-li..m-service-migration_31bf3856ad364e35_10.0.10586.0_none_23891e90c02e780f\ClipUp.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-li..se-platform-service_31bf3856ad364e35_10.0.10586.0_none_616d7ed3ee6c26e8\ClipSVC.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-client-licensing-licensingcsp_31bf3856ad364e35_10.0.10586.0_none_d7d23eed0873ec7c\LicensingCSP.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-deviceproxy-wmiv2-provider_31bf3856ad364e35_10.0.10586.0_none_90f7398d33294bd9\pcsvDevice.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-etw-ese_31bf3856ad364e35_10.0.10586.0_none_5be06af730b36c5d\ETWESEProviderResources.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-foundatio..ostics-errordetails_31bf3856ad364e35_10.0.10586.0_none_95a3a7849dc2975e\ErrorDetails.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-foundatio..ostics-errordetails_31bf3856ad364e35_10.0.10586.0_none_95a3a7849dc2975e\ErrorDetailsUpdate.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-integration-rdv-core_31bf3856ad364e35_10.0.10586.0_none_e3e63378a4cef1e2\vmrdvcore.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-integration-services_31bf3856ad364e35_10.0.10586.0_none_2e4b2acc9ad6af5e\icsvc.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-integration-services_31bf3856ad364e35_10.0.10586.0_none_2e4b2acc9ad6af5e\VmApplicationHealthMonitorProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-integration-services_31bf3856ad364e35_10.0.10586.0_none_2e4b2acc9ad6af5e\vmictimeprovider.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-kmcl_31bf3856ad364e35_10.0.10586.0_none_ffd6a60506bf7712\vmbkmcl.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-socket-provider_31bf3856ad364e35_10.0.10586.0_none_9cdc42b8cfed6f80\hvsocket.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-winhv_31bf3856ad364e35_10.0.10586.0_none_6a60c2c98e8b1817\winhv.sys => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-hyper-v-winsock-provider_31bf3856ad364e35_10.0.10586.0_none_6420b95ac4878c1f\wshhyperv.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-media-cap..ternal-broadcastdvr_31bf3856ad364e35_10.0.10586.11_none_3ba39d04c69bea98\AppCapture.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-media-cap..ternal-broadcastdvr_31bf3856ad364e35_10.0.10586.11_none_3ba39d04c69bea98\bcastdvr.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-media-cap..ternal-broadcastdvr_31bf3856ad364e35_10.0.10586.11_none_3ba39d04c69bea98\bcastdvr.proxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-media-cap..ternal-broadcastdvr_31bf3856ad364e35_10.0.10586.35_none_3b786120c6bc54aa\AppCapture.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-media-cap..ternal-broadcastdvr_31bf3856ad364e35_10.0.10586.35_none_3b786120c6bc54aa\bcastdvr.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-media-cap..ternal-broadcastdvr_31bf3856ad364e35_10.0.10586.35_none_3b786120c6bc54aa\bcastdvr.proxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-c..dexperiencehost-api_31bf3856ad364e35_10.0.10586.0_none_4bb539b3bb032239\CloudExperienceHostCommon.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-c..elperutil-component_31bf3856ad364e35_10.0.10586.0_none_cf4b95bf3bc98f88\CommsTypeHelperUtil_ca.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-c..experiencehost-user_31bf3856ad364e35_10.0.10586.0_none_498810f3fc7402da\CloudExperienceHostUser.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-c..ility-authorization_31bf3856ad364e35_10.0.10586.0_none_a7905d2a3dc4cf6b\capauthz.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-c..periencehost-broker_31bf3856ad364e35_10.0.10586.0_none_cb700e7d7b3de758\CloudExperienceHostBroker.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-coremessaging_31bf3856ad364e35_10.0.10586.0_none_d4086be08ddf2206\CoreMessaging.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-d..onmanager-component_31bf3856ad364e35_10.0.10586.0_none_5b87042c72fe62b1\DictationManager.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-driververifier-tools_31bf3856ad364e35_10.0.10586.0_none_4d8238c1669c0469\verifier.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-e..taprotectioncleanup_31bf3856ad364e35_10.0.10586.0_none_6236ae0d60f88b24\EDPCleanup.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-embeddedmodeclient_31bf3856ad364e35_10.0.10586.0_none_f3eae58e9864b741\embeddedmodesvcapi.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-embeddedmodesvc_31bf3856ad364e35_10.0.10586.0_none_acc6d984406a413e\embeddedmodesvc.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-i..atedusermode-common_31bf3856ad364e35_10.0.10586.0_none_8af48ce5eab370c0\iumbase.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-i..atedusermode-common_31bf3856ad364e35_10.0.10586.0_none_8af48ce5eab370c0\iumdll.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-i..inghelper-component_31bf3856ad364e35_10.0.10586.0_none_909cb112811d74d8\IPELoggingDictationHelper.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-m..ment-assignedaccess_31bf3856ad364e35_10.0.10586.0_none_499b3a61ee2d7b15\IoTAssignedAccessLockFramework.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-notificationcontroller_31bf3856ad364e35_10.0.10586.0_none_8f9071d3e3d4e736\NotificationController.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-notificationcontroller_31bf3856ad364e35_10.0.10586.0_none_8f9071d3e3d4e736\NotificationControllerPS.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-onlinesetup-component_31bf3856ad364e35_10.0.10586.0_none_f996e0f9d255c2e5\ActionQueue.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-onlinesetup-component_31bf3856ad364e35_10.0.10586.0_none_f996e0f9d255c2e5\oobeldr.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-onlinesetup-component_31bf3856ad364e35_10.0.10586.0_none_f996e0f9d255c2e5\windeploy.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-quickactions-core_31bf3856ad364e35_10.0.10586.0_none_583075b4fffc7959\QuickActionsDataModel.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-s..chservice-component_31bf3856ad364e35_10.0.10586.0_none_3a22ab4936364950\SpeechBrokeredApi.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-s..chservice-component_31bf3856ad364e35_10.0.10586.0_none_3a22ab4936364950\SpeechRuntime.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-s..chservice-component_31bf3856ad364e35_10.0.10586.0_none_3a22ab4936364950\SpeechServiceWinRTApi.ProxyStub.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.10586.0_none_79dc946bc8eab18c\ShareHost.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-tetheringservice_31bf3856ad364e35_10.0.10586.11_none_11debbac9799e996\IcsEntitlementHost.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-tetheringservice_31bf3856ad364e35_10.0.10586.11_none_11debbac9799e996\tetheringclient.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-tetheringservice_31bf3856ad364e35_10.0.10586.11_none_11debbac9799e996\tetheringconfigsp.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-tetheringservice_31bf3856ad364e35_10.0.10586.11_none_11debbac9799e996\tetheringservice.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-universalvoip-bmpolicy_31bf3856ad364e35_10.0.10586.0_none_91bd9efcc2c0f086\UVoipBackgroundManagerPolicy.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-onecore-ztrace-component_31bf3856ad364e35_10.0.10586.0_none_b2939eb8128564ba\ZTrace_ca.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-pdc-events-container_31bf3856ad364e35_10.0.10586.0_none_553ebc5d57c13b3a\microsoft-windows-pdc.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-system-user-component_31bf3856ad364e35_10.0.10586.17_none_e9277f73eb76d0de\UserMgrProxy.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-system-user-ext_31bf3856ad364e35_10.0.10586.0_none_07e68f1ac968d812\usermgrcli.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-system-user-service_31bf3856ad364e35_10.0.10586.17_none_0f4609f823cb3ba8\usermgr.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-windows-3daudio-hrtfapo_31bf3856ad364e35_10.0.10586.0_none_19530faff9e82355\HrtfApo.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_10.0.10586.0_none_0e87721f0b1a8949\Apphlpdm.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-windows-a..-experience-apphelp_31bf3856ad364e35_10.0.10586.0_none_0e87721f0b1a8949\pcaui.exe => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-windows-a..-messagingdatamodel_31bf3856ad364e35_10.0.10586.0_none_170236bb3d9e35c9\MessagingDataModel2.dll => <Unknown Target> [File]
     * C:\WINDOWS\WinSxS\amd64_microsoft-windows-a..-service.deployment_31bf3856ad364e35_10.0.10586.0_none_d8af229ef7a79145\AppReadine

Attached Files

Rkill.txt 4.44MB 1 downloads

Edited by mixolyd, 20 December 2015 - 12:25 PM.

#9 nasdaq

Malware Response Team
39,888 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:35 PM

Posted 21 December 2015 - 08:13 AM

* ALERT: ZEROACCESS Reparse Point/Junction found!
* C:\Program Files\Windows Defender\mpuxhostproxy.dll => <Unknown Target> [File]

Press the windows key

+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Run the RKILL tool one more time and post the log.

==

Run also the Farbar tool and post a fresh FRST log for my review.

Let me know is the problem persists.

#10 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 21 December 2015 - 12:36 PM

Done. Thanks so much for your help. I think the fix you had me run on 12/18 took care of whatever was closing Chrome. Since then I haven't had any issues. I will respond if it happens again. I appreciate you helping get rid of this!

Fix result of Farbar Recovery Scan Tool (x64) Version:20-12-2015

Ran by Michael (2015-12-21 11:34:52) Run:2

Running from D:\Michael\Downloads

Loaded Profiles: Michael & nancy & Administrator (Available Profiles: Michael & nancy & Administrator)

Boot Mode: Normal

==============================================

fixlist content:

*****************

start

DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

End

*****************

"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started:

"C:\Program Files\Windows Defender" =>Deleting reparse point and unlocking completed.

==== End of Fixlog 11:34:53 ====

#11 nasdaq

Malware Response Team
39,888 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:35 PM

Posted 21 December 2015 - 02:00 PM

Glad we could help.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#12 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 21 December 2015 - 08:46 PM

Looks like the issue was actually not resolved. Chrome closed earlier. But I think I have it resolved now. This post on Tenforums somebody with same issue and found a task in task scheduler. I found the same task in my task scheduler, and when I run it, Chrome closes... I am going to delete the task and .ini file that it points to and hopefully that will be it.. Instructions for removal in a later post here

Here is how it showed up on FRST

2015-12-09 11:30 - 2015-12-16 18:00 - 00000548 _____ C:\WINDOWS\Tasks\Adobe Acrobat Pro DC Update.job

2015-12-09 11:30 - 2015-12-09 11:30 - 00003448 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Pro DC Update

2015-12-09 11:30 - 2015-12-09 11:30 - 00000000 ____D C:\Users\Michael\AppData\Roaming\Adobe Acrobat Pro DC

Edited by mixolyd, 21 December 2015 - 09:34 PM.

#13 mixolyd

Topic Starter

Members
10 posts
OFFLINE

Local time:06:35 PM

Posted 21 December 2015 - 08:47 PM

By the way, do you think I really had a Zeroaccess infection?

#14 nasdaq

Malware Response Team
39,888 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:35 PM

Posted 22 December 2015 - 11:11 AM

That was good investigating work on your part.

All of the entries passed our toosl without being targeted as bad.

The will from now on.

===

Press the windows key

+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:


Task: {1BFF9600-602C-407E-919B-FF8E05E05E6C} - System32\Tasks\Adobe Acrobat Pro DC Update => Wscript.exe //nologo //B //E:jscript "C:\Users\Michael\AppData\Roaming\Adobe Acrobat Pro DC\settings.ini"
Task: C:\WINDOWS\Tasks\Adobe Acrobat Pro DC Update.job => Wscript.exe ^/nologo /B /E:jscript C:\Users\Michael\AppData\Roaming\Adobe Acrobat Pro DC\settings.ini
C:\WINDOWS\Tasks\Adobe Acrobat Pro DC Update.job
C:\WINDOWS\System32\Tasks\Adobe Acrobat Pro DC Update
C:\Users\Michael\AppData\Roaming\Adobe Acrobat Pro DC


End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Registry changes used to force proxy usage. In my case, I totally deleted the following values:
Quoted from: http://www.tenforums.com/antivirus-firewalls-system-security/27107-google-redirection-localhost-world-5.html#post509527

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableAutoProxyResultCache

If you need help to remove these registry entries run this search.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

If your operating system is 64 bit download this tool:
SystemLook_x64.exe

Double-click SystemLook.exe
to run it.
Copy and paste the content
of the following bold text into the main textfield:
:reg
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL /sub
HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoConfigURL /sub
HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableAutoProxyResultCache /sub
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt.