Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10: \system32\cmd.exe prompt flashing


  • This topic is locked This topic is locked
37 replies to this topic

#1 ollyoxen

ollyoxen

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 24 October 2016 - 04:24 AM

Hello!

 

I discovered this forum after finding this thread from a google search: http://www.bleepingcomputer.com/forums/t/623402/windows-10-cmdexe-window-flashes-every-few-hours-possible-bi3exe-infection/

 

My problem is remarkably similar to what was laid out in that thread. I am currently using Windows 10 (64 bit) and a few days ago I contracted something nasty from a zip file. Constant pop ups, automatically closing malwarebytes, etc. Anyways, I regained control by restarting in safe mode and doing a system restore to a week prior. 200 plus threats removed by malwarebytes later, I was getting zeros from avast, hitman pro, and malwarebytes. I thought I could breathe easy however, one annoying issue remained:

 

fR9DAIH.png

 

These two command prompts (C:\WINDOWS\system32\cmd.exe) flash for probably less than a millisecond (best image I could capture with screen capture software running at 30fps). They flash exactly every hour from the time I login and cause me to "alt tab" out of any full screen application I am using. I don't notice them when first logging in and my screen recording of them doesn't show any change in the Task Manager when they flash. I decided to run adwCleaner and it ended up identifying 21 threats. After pressing clean and rebooting, my computer would take forever to boot. The log in screen looked normal but logging in would take equally as long before showing a black screen and saying to save my work before the restart due to a failure to boot properly. This repeated until I decided to once again do a system restore to before the adwCleaner scan.

 

Perhaps unsurprisingly, the hourly command prompt flashing persists. Running Avast and Malwarebytes returned zeros so I decided to run the adwCleaner scan once more and here are the returned threats (didn't hit clean):

MGAsRH0.png

 

Note that there are only 12 threats compared to the 21 before. I wish I took pictures of the 21 threats because they included other tabs than the "Registry" tab.

 

I would greatly appreciate any insight anyone might have as I feel I am one system restore away from doing (further) irreparable damage and completely bricking my system hahaha :killcomp:



BC AdBot (Login to Remove)

 


#2 FearOfMalwares

FearOfMalwares

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:5th Street, West Tapinac, Olongapo, Philippines, World, Earth
  • Local time:11:42 AM

Posted 24 October 2016 - 04:54 AM

Hello, Ollyoxen And  :welcome:  To BleepingComputer.com. The most popular helping site forums for computers.
 
 
it seems that you have a problem to your computer. The problem was the virus causing to damage your pc and modifies your files.
 
 
WHAT IS A VIRUS?
 
a piece of code that is capable of copying itself and typically has a detrimental effect,
such as corrupting the system, destroying data.
 
 
 
 
HOW TO I REMOVE IT?
 
Easy just follow my steps to remove the viruses.

  • Step 1: Enter Safe Mode. Before you do anything, you need to disconnect your PC from the internet, and don't use it until you're ready to clean your PC. ...
  • Step 2: Delete temporary files. ...
  • Step 3: Download malware scanners. ...
  • Step 4: Run a scan with Farbar Recovery Tool Scan or any other anti-virus programs.
  • Step 5: Open the log file that farbar gave you.
  • Step 6: Copy and paste the log file in next reply..
I Hope it works for you. :grinner:

Edited by Platypus, 25 October 2016 - 11:06 PM.


#3 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 24 October 2016 - 06:03 PM

In order to paste these results, I needed  to exit safe mode and restart my computer normally:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Johnsory (administrator) on JOHNSORY-PC (24-10-2016 15:13:01)
Running from C:\Users\Johnsory\Desktop
Loaded Profiles: Johnsory (Available Profiles: Johnsory)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3941528 2016-05-20] (Logitech, Inc.)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [41088 2014-02-21] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11340752 2016-07-19] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2016-07-27] (MSI)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-22] (AVAST Software)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-06-15] (Google Inc.)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [f.lux] => C:\Users\Johnsory\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [Spotify Web Helper] => C:\Users\Johnsory\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-08-02] (Spotify Ltd)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [Discord] => C:\Users\Johnsory\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-22] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-12]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-06-23]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> D:\Program Files HD\TP-LINK\TWCU.exe ()
Startup: C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2016-09-30]
ShortcutTarget: ShareX.lnk -> D:\Program Files HD\ShareX\ShareX.exe (ShareX Team)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{ac889bde-cbe1-41e0-833b-968fac66a51c}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: e05dl6f9.default
FF ProfilePath: C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default [2016-10-24]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\e05dl6f9.default -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\e05dl6f9.default -> Google
FF Session Restore: Mozilla\Firefox\Profiles\e05dl6f9.default -> is enabled.
FF Extension: (Distill Web Monitor) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\alertbox@ajitk.com.xpi [2016-08-11]
FF Extension: (BetterTTV) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\firefox@betterttv.net.xpi [2016-03-19]
FF Extension: (MEGA) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\firefox@mega.co.nz.xpi [2016-10-20]
FF Extension: (Reddit Enhancement Suite) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-10-15]
FF Extension: (uBlock Origin) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-02]
FF Extension: (Location Bar Enhancer) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\UIEnhancer@girishsharma.xpi [2016-01-27]
FF Extension: (Flagfox) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-10-12]
FF Extension: (FT DeepDark) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2016-10-10]
FF Extension: (YouTube High Definition) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-10-03]
FF Extension: (SoundCloud Downloader - Technowise) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2015-12-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shyos&prd=set_ch&q={searchTerms}&s=GAMzftpbl0cshmoAU,f596b095-a37e-4cb5-9b63-18501afea0d1,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default [2016-09-06]
CHR Extension: (Google Slides) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-27]
CHR Extension: (Google Docs) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-27]
CHR Extension: (Google Drive) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-06]
CHR Extension: (Google Search) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Sheets) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-27]
CHR HKU\S-1-5-21-12257215-3952172286-556340471-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-22] (AVAST Software)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
S2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-08-25] (Micro-Star Int'l Co., Ltd.)
S2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
S2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
S2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-06-14] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162144 2016-05-19] (MSI)
S2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)
S2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)
S2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [58296 2016-08-12] (Micro-Star INT'L CO., LTD.)
S2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-27] (Micro-Star INT'L CO., LTD.)
S2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-07-19] (Micro-Star INT'L CO., LTD.)
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2016-08-01] (MSI)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files HD\Origin\OriginClientService.exe [2122248 2016-08-31] (Electronic Arts)
S2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2015-02-09] (Micro-Star INT'L CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asstor64; C:\WINDOWS\System32\drivers\asstor64.sys [84304 2015-10-01] (Asmedia Technology)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-10-22] (AVAST Software)
S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-10-22] (AVAST Software)
S1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-10-22] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-22] (AVAST Software)
S1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-10-22] (AVAST Software)
S1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-10-22] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-10-22] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-22] (AVAST Software)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
S3 KillerEth; C:\WINDOWS\System32\drivers\e22w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.)
S2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-18] (Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
S3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
S3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys [14216760 2016-08-27] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-24 15:09 - 2016-10-24 15:13 - 00023746 _____ C:\Users\Johnsory\Desktop\FRST.txt
2016-10-24 15:01 - 2016-10-23 23:17 - 00448512 _____ (OldTimer Tools) C:\Users\Johnsory\Desktop\TFC.exe
2016-10-24 15:01 - 2016-10-23 22:47 - 03910208 _____ C:\Users\Johnsory\Desktop\AdwCleaner.exe
2016-10-24 15:01 - 2016-10-23 18:29 - 11579432 _____ (SurfRight B.V.) C:\Users\Johnsory\Desktop\hitmanpro_x64.exe
2016-10-24 15:00 - 2016-10-24 14:57 - 02407424 _____ (Farbar) C:\Users\Johnsory\Desktop\FRST64.exe
2016-10-24 14:58 - 2016-10-24 15:13 - 00000000 ____D C:\FRST
2016-10-24 14:48 - 2016-10-24 15:09 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-10-24 00:22 - 2016-08-22 07:51 - 06910841 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-10-24 00:22 - 2016-08-22 07:51 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-10-24 00:22 - 2016-08-22 07:51 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 01745672 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-10-23 22:47 - 2016-10-24 02:07 - 00000000 ____D C:\AdwCleaner
2016-10-23 22:17 - 2016-10-24 01:19 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\ProcessLasso
2016-10-23 22:17 - 2016-10-24 01:19 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Lasso
2016-10-23 22:17 - 2016-10-23 22:17 - 00000000 ____D C:\ProgramData\ProcessLasso
2016-10-23 19:03 - 2016-10-23 19:09 - 00288104 _____ C:\TDSSKiller.3.1.0.11_23.10.2016_19.03.46_log.txt
2016-10-23 18:52 - 2016-10-23 19:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-23 18:50 - 2016-10-24 01:19 - 00000000 ____D C:\Users\Johnsory\Desktop\mbar
2016-10-23 18:29 - 2016-10-24 01:19 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-23 16:46 - 2016-10-24 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-22 20:59 - 2016-10-22 20:59 - 00000000 ____D C:\Users\Johnsory\Documents\Dolphin Emulator
2016-10-22 20:58 - 2016-10-22 20:58 - 00001056 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-10-22 20:58 - 2016-10-22 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2016-10-22 20:53 - 2016-10-22 20:53 - 00000000 ____D C:\Users\Johnsory\Desktop\SSBM
2016-10-22 03:59 - 2016-10-22 03:59 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-10-22 03:59 - 2016-10-22 03:59 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-10-22 03:59 - 2016-10-22 03:59 - 00044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-10-22 03:59 - 2016-10-22 03:59 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-10-22 03:59 - 2016-10-22 03:59 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-10-22 03:40 - 2016-10-22 03:40 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\AVAST Software
2016-10-22 03:39 - 2016-10-22 03:58 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-22 03:36 - 2016-10-22 03:36 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-22 01:38 - 2016-10-22 01:38 - 00000000 ____D C:\WINDOWS\system32\lyqr
2016-10-22 01:36 - 2016-10-22 03:10 - 00000000 ____D C:\a
2016-10-22 01:36 - 2016-10-22 02:02 - 00000000 ____D C:\Program Files (x86)\Foul
2016-10-22 01:36 - 2016-10-22 01:36 - 00000000 ____D C:\Users\Johnsory\AppData\Local\MicrosoftEdge
2016-10-22 01:35 - 2016-10-22 02:02 - 00000000 ____D C:\Users\Johnsory\AppData\LocalLow\Company
2016-10-22 01:35 - 2016-10-22 01:36 - 00000000 _____ C:\Users\Johnsory\AppData\Local\stxtname.txt
2016-10-22 01:35 - 2016-10-22 01:35 - 00000003 _____ C:\Users\Johnsory\AppData\Local\run1.txt
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\c
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Tempfolder
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Corporation
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 _____ C:\Users\Johnsory\AppData\Local\run.txt
2016-10-22 01:34 - 2016-10-22 03:10 - 00000000 ____D C:\Program Files (x86)\sysonem
2016-10-22 01:34 - 2016-10-22 01:34 - 00000000 _____ C:\TOSTACK
2016-10-22 01:19 - 2016-10-22 20:58 - 00000000 ____D C:\Program Files (x86)\Dolphin
2016-10-11 11:27 - 2016-10-05 03:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-11 11:27 - 2016-10-05 03:34 - 01051104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-11 11:27 - 2016-10-05 03:34 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-11 11:27 - 2016-10-05 03:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 11:27 - 2016-10-05 03:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-11 11:27 - 2016-10-05 03:31 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-11 11:27 - 2016-10-05 03:31 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-11 11:27 - 2016-10-05 03:30 - 07812448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-11 11:27 - 2016-10-05 03:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-11 11:27 - 2016-10-05 03:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-11 11:27 - 2016-10-05 03:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-11 11:27 - 2016-10-05 03:13 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-11 11:27 - 2016-10-05 03:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-11 11:27 - 2016-10-05 03:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-11 11:27 - 2016-10-05 03:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-11 11:27 - 2016-10-05 03:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-11 11:27 - 2016-10-05 03:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-11 11:27 - 2016-10-05 03:09 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-11 11:27 - 2016-10-05 03:09 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-11 11:27 - 2016-10-05 03:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-11 11:27 - 2016-10-05 03:09 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-11 11:27 - 2016-10-05 03:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-11 11:27 - 2016-10-05 03:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-11 11:27 - 2016-10-05 03:04 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-11 11:27 - 2016-10-05 03:04 - 00628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-11 11:27 - 2016-10-05 03:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-11 11:27 - 2016-10-05 02:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 11:27 - 2016-10-05 02:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-11 11:27 - 2016-10-05 02:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 11:27 - 2016-10-05 02:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-11 11:27 - 2016-10-05 02:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-11 11:27 - 2016-10-05 02:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-11 11:27 - 2016-10-05 02:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-11 11:27 - 2016-10-05 02:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-11 11:27 - 2016-10-05 02:45 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-11 11:27 - 2016-10-05 02:44 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-11 11:27 - 2016-10-05 02:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-11 11:27 - 2016-10-05 02:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-11 11:27 - 2016-10-05 02:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-11 11:27 - 2016-10-05 02:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 11:27 - 2016-10-05 02:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 11:27 - 2016-10-05 02:34 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-11 11:27 - 2016-10-05 02:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 11:27 - 2016-10-05 02:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-11 11:27 - 2016-10-05 02:33 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-11 11:27 - 2016-10-05 02:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-11 11:27 - 2016-10-05 02:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-11 11:27 - 2016-10-05 02:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 11:27 - 2016-10-05 02:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-11 11:27 - 2016-10-05 02:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 11:27 - 2016-10-05 02:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-11 11:27 - 2016-10-05 02:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 11:27 - 2016-10-05 02:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-11 11:27 - 2016-10-05 02:24 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-11 11:27 - 2016-10-05 02:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 11:27 - 2016-10-05 02:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-11 11:27 - 2016-10-05 02:22 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-11 11:27 - 2016-10-05 02:22 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-11 11:27 - 2016-10-05 02:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-11 11:27 - 2016-10-05 02:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 11:27 - 2016-10-05 02:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-11 11:27 - 2016-10-05 02:19 - 02265088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-11 11:27 - 2016-10-05 02:19 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-11 11:27 - 2016-10-05 02:19 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-11 11:27 - 2016-10-05 02:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-11 11:27 - 2016-10-05 02:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-11 11:27 - 2016-10-05 02:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 02667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01778176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 11:27 - 2016-10-05 02:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-11 11:27 - 2016-10-05 02:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-11 11:27 - 2016-10-05 02:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-11 11:27 - 2016-10-05 02:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-11 11:27 - 2016-10-05 02:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-11 11:27 - 2016-10-05 02:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 11:27 - 2016-10-05 02:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-11 11:27 - 2016-10-05 02:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-11 11:27 - 2016-10-05 02:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-11 11:27 - 2016-10-05 02:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-11 11:27 - 2016-10-05 02:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 11:27 - 2016-10-04 17:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-11 11:27 - 2016-09-06 22:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-29 11:12 - 2016-09-15 11:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-29 11:12 - 2016-09-15 10:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-29 11:12 - 2016-09-15 10:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-29 11:12 - 2016-09-15 10:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-29 11:12 - 2016-09-15 10:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-29 11:12 - 2016-09-15 10:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-29 11:12 - 2016-09-15 10:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-29 11:12 - 2016-09-15 10:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-29 11:12 - 2016-09-15 10:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-29 11:12 - 2016-09-15 10:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-29 11:12 - 2016-09-15 10:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-29 11:12 - 2016-09-15 10:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-29 11:12 - 2016-09-15 10:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-29 11:12 - 2016-09-15 10:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-29 11:12 - 2016-09-15 10:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-29 11:12 - 2016-09-15 10:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-29 11:12 - 2016-09-15 10:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-29 11:12 - 2016-09-15 10:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-29 11:12 - 2016-09-15 10:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-29 11:12 - 2016-09-15 10:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-29 11:12 - 2016-09-15 10:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 11:12 - 2016-09-15 10:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-29 11:12 - 2016-09-15 10:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-29 11:12 - 2016-09-15 10:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-29 11:12 - 2016-09-15 10:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-29 11:12 - 2016-09-15 10:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-29 11:12 - 2016-09-15 10:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-29 11:12 - 2016-09-15 10:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-29 11:12 - 2016-09-15 10:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-29 11:12 - 2016-09-15 10:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-29 11:12 - 2016-09-15 10:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-29 11:12 - 2016-09-15 10:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-29 11:12 - 2016-09-15 10:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-29 11:12 - 2016-09-15 10:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-29 11:12 - 2016-09-15 10:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-29 11:12 - 2016-09-15 10:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-29 11:12 - 2016-09-15 10:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-29 11:12 - 2016-09-15 10:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-29 11:12 - 2016-09-15 10:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-29 11:12 - 2016-09-15 10:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-29 11:12 - 2016-09-15 10:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-29 11:12 - 2016-09-15 10:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-29 11:12 - 2016-09-15 10:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-29 11:12 - 2016-09-15 10:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-29 11:12 - 2016-09-15 10:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-29 11:12 - 2016-09-15 10:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-29 11:12 - 2016-09-15 10:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-29 11:12 - 2016-09-15 10:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-29 11:12 - 2016-09-15 10:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-29 11:12 - 2016-09-15 10:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-29 11:12 - 2016-09-15 10:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-29 11:12 - 2016-09-15 10:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-29 11:12 - 2016-09-15 10:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-29 11:12 - 2016-09-15 10:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-29 11:12 - 2016-09-15 10:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-29 11:12 - 2016-09-15 10:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-09-29 11:12 - 2016-09-15 10:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-29 11:12 - 2016-09-15 10:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-29 11:12 - 2016-09-15 10:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-29 11:12 - 2016-09-15 09:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-29 11:12 - 2016-09-15 09:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-29 11:12 - 2016-09-15 09:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-29 11:12 - 2016-09-15 09:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-29 11:12 - 2016-09-15 09:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-29 11:12 - 2016-09-15 09:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-29 11:12 - 2016-09-15 09:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-29 11:12 - 2016-09-15 09:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-29 11:12 - 2016-09-15 09:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-29 11:12 - 2016-09-15 09:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-29 11:12 - 2016-09-15 09:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-29 11:12 - 2016-09-15 09:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-29 11:12 - 2016-09-15 09:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-29 11:12 - 2016-09-15 09:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-29 11:12 - 2016-09-15 09:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-29 11:12 - 2016-09-15 09:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-29 11:12 - 2016-09-15 09:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-29 11:12 - 2016-09-15 09:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-29 11:12 - 2016-09-15 09:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-29 11:12 - 2016-09-15 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-29 11:12 - 2016-09-15 09:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-29 11:12 - 2016-09-15 09:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-29 11:12 - 2016-09-15 09:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-29 11:12 - 2016-09-15 09:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-29 11:12 - 2016-09-15 09:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-29 11:12 - 2016-09-15 09:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-29 11:12 - 2016-09-15 09:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-29 11:12 - 2016-09-15 09:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-29 11:12 - 2016-09-15 09:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-29 11:12 - 2016-09-15 09:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-29 11:12 - 2016-09-15 09:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-29 11:12 - 2016-09-15 09:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-29 11:12 - 2016-09-15 09:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-29 11:12 - 2016-09-15 09:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-29 11:12 - 2016-09-15 09:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-29 11:12 - 2016-09-15 09:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-29 11:12 - 2016-09-15 09:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-29 11:12 - 2016-09-15 09:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-29 11:12 - 2016-09-15 09:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-29 11:12 - 2016-09-15 09:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-29 11:12 - 2016-09-15 09:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-29 11:12 - 2016-09-15 09:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-29 11:12 - 2016-09-15 09:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-29 11:12 - 2016-09-15 09:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-29 11:12 - 2016-09-15 09:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-29 11:12 - 2016-09-15 09:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-29 11:12 - 2016-09-15 09:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-29 11:12 - 2016-09-15 09:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-29 11:12 - 2016-09-15 09:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-29 11:12 - 2016-09-15 09:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-29 11:12 - 2016-09-15 09:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-29 11:12 - 2016-09-15 09:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-29 11:12 - 2016-09-15 09:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-29 11:12 - 2016-09-15 09:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-29 11:12 - 2016-09-15 09:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-29 11:12 - 2016-09-15 09:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-29 11:12 - 2016-09-15 09:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-29 11:12 - 2016-09-15 09:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-29 11:12 - 2016-09-15 09:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-29 11:12 - 2016-09-15 09:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-29 11:12 - 2016-09-15 09:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-29 11:12 - 2016-09-15 09:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-29 11:12 - 2016-09-15 09:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-29 11:12 - 2016-09-15 09:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-29 11:12 - 2016-09-15 09:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-29 11:12 - 2016-09-15 09:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-29 11:12 - 2016-09-15 09:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-29 11:12 - 2016-09-15 09:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-29 11:12 - 2016-09-15 09:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-29 11:12 - 2016-09-15 09:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-29 11:12 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-29 11:11 - 2016-09-15 10:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-29 11:11 - 2016-09-15 10:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-29 11:11 - 2016-09-15 10:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-29 11:11 - 2016-09-15 10:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-29 11:11 - 2016-09-15 10:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-29 11:11 - 2016-09-15 10:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-29 11:11 - 2016-09-15 10:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-29 11:11 - 2016-09-15 10:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-29 11:11 - 2016-09-15 10:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-29 11:11 - 2016-09-15 10:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-29 11:11 - 2016-09-15 10:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-29 11:11 - 2016-09-15 10:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-29 11:11 - 2016-09-15 10:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-29 11:11 - 2016-09-15 10:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-29 11:11 - 2016-09-15 10:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-29 11:11 - 2016-09-15 10:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-29 11:11 - 2016-09-15 10:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-29 11:11 - 2016-09-15 10:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-29 11:11 - 2016-09-15 10:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-29 11:11 - 2016-09-15 10:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-29 11:11 - 2016-09-15 10:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-29 11:11 - 2016-09-15 10:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-29 11:11 - 2016-09-15 10:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-29 11:11 - 2016-09-15 10:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-29 11:11 - 2016-09-15 10:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-29 11:11 - 2016-09-15 10:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-29 11:11 - 2016-09-15 10:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-29 11:11 - 2016-09-15 10:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-29 11:11 - 2016-09-15 10:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-29 11:11 - 2016-09-15 10:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-29 11:11 - 2016-09-15 10:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-29 11:11 - 2016-09-15 10:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-29 11:11 - 2016-09-15 10:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-29 11:11 - 2016-09-15 10:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-29 11:11 - 2016-09-15 10:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-29 11:11 - 2016-09-15 09:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-29 11:11 - 2016-09-15 09:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-29 11:11 - 2016-09-15 09:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-29 11:11 - 2016-09-15 09:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-29 11:11 - 2016-09-15 09:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-29 11:11 - 2016-09-15 09:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-29 11:11 - 2016-09-15 09:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-29 11:11 - 2016-09-15 09:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-29 11:11 - 2016-09-15 09:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-29 11:11 - 2016-09-15 09:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-29 11:11 - 2016-09-15 09:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-29 11:11 - 2016-09-15 09:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-29 11:11 - 2016-09-15 09:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-29 11:11 - 2016-09-15 09:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-29 11:11 - 2016-09-15 09:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-29 11:11 - 2016-09-15 09:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-29 11:11 - 2016-09-15 09:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-29 11:11 - 2016-09-15 09:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-29 11:11 - 2016-09-15 09:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-29 11:11 - 2016-09-15 09:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-29 11:11 - 2016-09-15 09:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-29 11:11 - 2016-09-15 09:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-29 11:11 - 2016-09-15 09:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-29 11:11 - 2016-09-15 09:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-29 11:11 - 2016-09-15 09:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-29 11:11 - 2016-09-15 09:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-29 11:11 - 2016-09-15 09:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-29 11:11 - 2016-09-15 09:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-29 11:11 - 2016-09-15 09:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-29 11:11 - 2016-09-15 09:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-29 11:11 - 2016-09-15 09:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-29 11:11 - 2016-09-15 09:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-29 11:11 - 2016-09-15 09:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-29 11:11 - 2016-09-15 09:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-29 11:11 - 2016-09-15 09:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-29 11:11 - 2016-09-15 09:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-29 11:11 - 2016-09-15 09:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-29 11:11 - 2016-09-15 09:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-29 11:11 - 2016-09-15 09:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-29 11:11 - 2016-09-15 09:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-29 11:11 - 2016-09-15 09:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-29 11:11 - 2016-09-15 09:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-29 11:11 - 2016-09-15 09:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-29 11:11 - 2016-09-15 09:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-29 11:11 - 2016-09-15 09:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-29 11:11 - 2016-09-15 09:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-29 11:11 - 2016-09-15 09:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-29 11:11 - 2016-09-15 09:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-29 11:11 - 2016-09-15 09:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-29 11:11 - 2016-09-15 09:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-29 11:11 - 2016-09-15 09:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-29 11:11 - 2016-09-15 09:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-29 11:11 - 2016-09-15 09:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-29 11:11 - 2016-09-15 09:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-29 11:11 - 2016-09-15 09:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-29 11:11 - 2016-09-15 09:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-29 11:11 - 2016-08-05 20:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-29 11:11 - 2016-08-05 20:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-29 11:11 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-24 15:09 - 2016-09-22 09:37 - 00000000 ____D C:\Users\Johnsory
2016-10-24 15:09 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-24 15:02 - 2016-07-15 23:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-24 15:01 - 2016-09-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-24 14:59 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-24 14:57 - 2016-09-22 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-24 14:57 - 2015-06-14 23:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-24 14:52 - 2016-09-22 09:37 - 01608396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-24 14:25 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-24 14:17 - 2016-09-22 09:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-24 02:40 - 2015-06-17 23:36 - 00000000 ____D C:\Users\Johnsory\Documents\ShareX
2016-10-24 02:37 - 2016-05-04 19:29 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Battle.net
2016-10-24 01:49 - 2015-07-08 20:26 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\vlc
2016-10-24 01:19 - 2016-09-22 09:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-10-24 01:19 - 2016-09-22 09:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-10-24 01:19 - 2016-09-22 09:37 - 00000000 ____D C:\Users\DefaultAppPool
2016-10-24 01:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\registration
2016-10-24 01:19 - 2016-06-26 01:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-10-24 01:19 - 2016-05-04 19:48 - 00000000 ____D C:\Users\Johnsory\Documents\Overwatch
2016-10-24 01:19 - 2016-05-04 19:27 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Battle.net
2016-10-24 01:19 - 2015-06-15 00:52 - 00000000 ____D C:\MSI
2016-10-24 01:19 - 2015-06-15 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-10-24 01:19 - 2015-06-15 00:51 - 00000000 ____D C:\Program Files (x86)\MSI
2016-10-24 01:19 - 2015-06-14 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-24 01:19 - 2015-06-14 23:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-24 01:19 - 2015-06-14 23:28 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Macromedia
2016-10-24 00:25 - 2015-06-17 20:21 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-24 00:22 - 2016-09-22 09:37 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-10-24 00:22 - 2015-06-15 00:43 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-22 07:39 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-22 04:53 - 2016-09-12 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-10-22 04:53 - 2016-09-12 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI® Intel® Extreme Tuning Utility
2016-10-22 04:53 - 2016-08-27 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2016-10-22 04:53 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-22 04:53 - 2016-06-05 18:38 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-10-22 04:53 - 2016-05-26 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-22 04:53 - 2016-05-04 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-10-22 04:53 - 2016-05-04 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-10-22 04:53 - 2016-02-15 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-22 04:53 - 2016-02-03 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-10-22 04:53 - 2015-12-18 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-22 04:53 - 2015-10-09 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-10-22 04:53 - 2015-10-07 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-10-22 04:53 - 2015-08-02 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radiant
2016-10-22 04:53 - 2015-07-18 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-22 04:53 - 2015-07-11 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack
2016-10-22 04:53 - 2015-06-23 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-10-22 04:53 - 2015-06-17 00:19 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-10-22 04:53 - 2015-06-15 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2016-10-22 04:53 - 2015-06-15 00:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-22 04:53 - 2015-06-14 23:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-22 04:53 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-22 04:11 - 2015-10-07 20:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-18 11:26 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-15 22:01 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-13 19:46 - 2016-09-22 09:45 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-13 19:46 - 2016-01-24 22:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-12 10:18 - 2016-02-13 06:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-12 10:17 - 2016-09-22 09:35 - 00343256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 10:17 - 2016-02-15 01:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 10:17 - 2016-02-15 01:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 10:17 - 2015-06-15 21:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-11 23:17 - 2016-05-26 23:25 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Packages
2016-10-11 16:36 - 2016-09-22 09:45 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-11 16:36 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-11 12:17 - 2015-06-17 20:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-11 12:14 - 2015-06-17 20:06 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 10:32 - 2016-07-16 04:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 10:32 - 2016-07-16 04:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-07 15:57 - 2015-06-14 23:54 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Skype
2016-10-06 22:57 - 2016-05-01 19:12 - 00000000 ____D C:\Program Files\Waterfox
2016-10-04 10:50 - 2016-09-22 10:33 - 00000000 ____D C:\Windows.old
2016-10-03 15:23 - 2015-06-14 23:28 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 15:23 - 2015-06-14 23:28 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 13:09 - 2016-07-16 04:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 13:09 - 2016-07-16 04:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-02 09:57 - 2016-06-05 18:38 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\discord
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-29 19:05 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-29 19:05 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism

==================== Files in the root of some directories =======

2016-10-22 01:35 - 2016-10-22 01:35 - 0000000 _____ () C:\Users\Johnsory\AppData\Local\run.txt
2016-10-22 01:35 - 2016-10-22 01:35 - 0000003 _____ () C:\Users\Johnsory\AppData\Local\run1.txt
2016-10-22 01:35 - 2016-10-22 01:36 - 0000000 _____ () C:\Users\Johnsory\AppData\Local\stxtname.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-24 01:39

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by Johnsory (24-10-2016 15:13:17)
Running from C:\Users\Johnsory\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-22 16:45:50)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-12257215-3952172286-556340471-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-12257215-3952172286-556340471-503 - Limited - Disabled)
Guest (S-1-5-21-12257215-3952172286-556340471-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-12257215-3952172286-556340471-1002 - Limited - Enabled)
Johnsory (S-1-5-21-12257215-3952172286-556340471-1000 - Administrator - Enabled) => C:\Users\Johnsory

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Drift (HKLM\...\Steam App 320140) (Version:  - Funselektor Labs Inc.)
ACPI Driver Installer (HKLM-x32\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Agent Ransack x64 (HKLM\...\{FD8C1365-2229-4F37-A126-558DB2471CBE}) (Version: 7.0.828.1 - Mythicsoft Ltd)
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.8.0000 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.33.1 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Batman™: Arkham Knight (HKLM-x32\...\Steam App 208650) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Corsair Hydro Series 7289 USB Device (Driver Removal) (HKLM-x32\...\HYDROS7289&1B1C&0C02) (Version:  - Corsair Components, Inc.)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 3.1.5570 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - thechineseroom & Robert Briscoe)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Devil Daggers (HKLM\...\Steam App 422970) (Version:  - Sorath)
Discord (HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Epic Games Launcher (HKLM-x32\...\{23073CBA-4A21-464F-9874-0FF6B7727C7C}) (Version: 1.1.77.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Flux) (Version:  - )
Google Chrome (HKLM-x32\...\{6A21C1E8-DAC1-3C18-BCDC-2DBB4B352AD8}) (Version: 53.0.2785.143 - Google, Inc.)
Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
H1Z1 Test Server (HKLM-x32\...\Steam App 362300) (Version:  - )
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{3CC1CC76-AB3A-4360-AB6F-1355D05A2A17}) (Version: 5.0.10.2907 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version:  - Avalanche Studios)
Killer Bandwidth Control Filter Driver (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.57.1125 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1125 - Rivet Networks)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LINDO 6.1 (HKLM-x32\...\{C19796D5-E477-40A1-8C78-DF2EB439D99B}) (Version: 6.1.0 - XXXXXXXX)
Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
Mad Max (HKLM-x32\...\Steam App 234140) (Version:  - Avalanche Studios)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version:  - Stainless Games Ltd.)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4867.1003 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.15 - MSI)
MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.35 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.0.0.21 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.1.021 - MSI)
MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.11 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.07 - MSI)
MSI® Intel® Extreme Tuning Utility (HKLM-x32\...\{bcbf202c-9746-4173-a49b-649bfd0adca6}) (Version: 6.0.2.102 - Intel Corporation)
MSI® Intel® Extreme Tuning Utility (x32 Version: 6.0.2.102 - Intel Corporation) Hidden
N++ (HKLM\...\Steam App 230270) (Version:  - Metanet Software Inc.)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Obduction (HKLM\...\Steam App 306760) (Version:  - Cyan Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4867.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Peggle Nights (HKLM-x32\...\Steam App 3540) (Version:  - PopCap Games, Inc.)
qBittorrent 3.2.0 (HKLM-x32\...\qBittorrent) (Version: 3.2.0 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rising Thunder (HKLM-x32\...\{058B8624-E23B-4AD5-AF38-F9E70D6225EE}) (Version: 1.00.0000 - Radiant)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version:  - ACE Team)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix)
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 11.3.0 - ShareX Team)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
SNOW (HKLM-x32\...\Steam App 244930) (Version:  - Poppermost Productions)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.07 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB)
STAR WARS™ Battlefront™ Beta (HKLM-x32\...\{8A863B64-C9BE-4203-9ED7-92981CF690D3}) (Version: 1.0.3.51560 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tableau Public 10.0 (10000.16.0812.0001) (HKLM-x32\...\{f171bf17-d499-4c3a-ab95-f62013046320}) (Version: 10.0.385 - Tableau Software)
Tableau Public 10.0 (10000.16.0812.0001) (Version: 10.0.385 - Tableau Software) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
TP-LINK TL-WDN4800 Driver (HKLM-x32\...\{70D605C7-C823-4750-BA72-BEB835713612}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Undertale (HKLM-x32\...\Steam App 391540) (Version:  - tobyfox)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Waterfox 49.0.2 (x64 en-US) (HKLM\...\Waterfox 49.0.2 (x64 en-US)) (Version: 49.0.2 - Mozilla)
XSplit Gamecaster (HKLM-x32\...\{02297800-E109-4A50-8F82-AACD0844A051}) (Version: 2.5.1507.3024 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-12257215-3952172286-556340471-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Johnsory\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15D725A5-019F-451E-BDA7-C227B533AA7A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {25FB4464-6826-4968-ABD5-1490CE0D5222} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.)
Task: {2762F9C5-5B3C-42B4-BE85-36861CB00919} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2772031C-CA48-4298-8C2E-665E84BA9AEA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-10-22] (AVAST Software)
Task: {28118167-A864-4E92-945C-5F66C3896031} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {2B20BA9A-FF2D-49D5-9E69-78B100C529F0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F7B5DB8-AF64-4A40-A6B4-BFBF7D3EB2AC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F975355-4494-4326-A829-7D034C4D7340} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-11] (Adobe Systems Incorporated)
Task: {3511B53E-3B1E-436E-999E-267DD50E658A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {490024A4-9011-4785-AE83-F7AF9CEEBAEE} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B7B582E-B29C-4BA3-922B-F772F6A5E0E2} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {4C703ECE-B5BE-4EE2-AE9D-FAF9AE2E831D} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-05-05] (Intel Corporation)
Task: {4E18BD82-A5B9-4231-8B4C-91EF878FBD11} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4EC63DED-DF87-4C66-8F4C-5A9E6E24EEDA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {4F3F174B-FCAC-46D6-BD85-D0A1C358F439} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {54E69766-19A6-455E-873B-BA09F7C0DD51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {55C41E2E-8DE1-4F1A-B11B-345E9558CF90} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {59BDBF44-F0F6-4C61-ACA5-18FA52419C80} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B77596E-90F8-415A-BBF9-F9D1E22BCAFB} - System32\Tasks\Start Corsair Link => D:\Program Files HD\Corsair\Corsair Link\CorsairLINK.exe [2015-04-02] ()
Task: {715D1CE0-0A73-4D9F-95DF-7974D1D29780} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {730BFFE5-9E01-44E1-8B14-03F023AC98C5} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7679FDAC-4F15-4E65-896E-9E94480B9AAF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {781E371C-1B65-41C0-BB47-5BDCC1325E68} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe [2016-07-28] (Micro-Star INT'L CO., LTD.)
Task: {7AAF065F-E662-456D-B9AA-582F49BC1CA7} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeReminderTask => C:\WINDOWS\System32\GWX\GWX.exe
Task: {7D0EEC7D-11B0-40CB-AE91-22C3BDE7B2A3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {84313A81-695D-4A2D-B4BD-09947DA6CA42} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8737B593-7C15-4F5B-9B52-BF6E8E63C65A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {88A22BAE-3485-49C1-8105-612FBCCEF4AD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {8B6F1439-14B6-4A5C-BC86-539BF0A88708} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [2015-08-18] (MSI)
Task: {97A33618-E70E-4A57-80C9-28DB34F52331} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9979CF8D-8A45-481A-9DCD-5C5F411EE846} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9C56150B-5292-4D0F-8FAF-A025C0F485A9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9F58055E-8251-402A-8572-C2340504A672} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A33A6A5F-93B5-4E7F-8822-C5415FE429E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A417F811-8E30-4431-A7D3-97E70CAE2941} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {A5F2C73C-1CE9-4653-8117-7D499C749336} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A84BFD78-E9D6-4FFC-BB68-3B8A60E235F5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B1CEFABC-2186-4180-8857-EFF866E0E06A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B1DBD32F-F30F-4CD4-9665-33745568E04E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B3662E77-FFCC-49DA-BBEA-D1B6885C200E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B3D24944-0C9F-45F0-98F0-675608C340A2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B5235D6B-55E4-4FC5-935E-3BF8A8DC3D65} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B81C4239-8F54-48E2-94B9-5281EE9BDB37} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {BA5E5FBC-3AB6-40DD-A4E7-5A51A7592738} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BC315BFF-E8EC-477C-88E9-9D7246D3B863} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BDD068D4-4D34-4E2F-A93D-D0BB13D9DC48} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C03304A5-2D54-4B80-A0F5-14BFFD9DE8ED} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C521C281-0524-400A-BC1E-B5EBDC4519C5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {C63C3BB7-87E3-483A-BA03-DE0B6CF67715} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-14] (Google Inc.)
Task: {C7C96655-C6CB-4919-961E-01E43CFDC598} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Johnsory\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-22] (Microsoft Corporation)
Task: {CD340FEA-A3FE-46C1-AC12-A09994799B25} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D34C1ECD-3342-496E-89B7-6AA1D61C5B02} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E4788F92-6FC6-4C60-908C-8D025F12F468} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {EED237F3-4AD2-4EB7-8318-B453931BB22C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1BBB29D-A12E-4102-AD00-F2BC6AC4E883} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {FC45A681-0EB5-405A-96B3-C7FF287CC4F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {FE3D9D78-F96C-4747-8A3F-894BFD102980} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
Task: {FF2F5868-7125-4086-9188-3BEBC8A023D7} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 04:42 - 2016-07-16 04:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 11:12 - 2016-09-15 10:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 11:12 - 2016-09-15 10:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-07-25 17:08 - 2016-05-24 09:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-07-16 04:42 - 2016-07-16 04:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-22 10:32 - 2016-09-22 10:32 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\sharepoint.com -> hxxps://oregonstateuniversity.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-12257215-3952172286-556340471-1000\Control Panel\Desktop\\Wallpaper -> D:\Johnsory\MyPictures\Backgrounds\Misc\Illusion-hd.png
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{645500B6-2A96-4F92-9E4C-6EC80DCF02EF}D:\program files hd\overwatch\overwatch.exe] => (Allow) D:\program files hd\overwatch\overwatch.exe
FirewallRules: [TCP Query User{DFE0E45A-0DFD-429D-A92E-5D40DFE3C6F4}D:\program files hd\overwatch\overwatch.exe] => (Allow) D:\program files hd\overwatch\overwatch.exe
FirewallRules: [UDP Query User{FDD229D8-D325-4ECA-85D5-93C25A558F1B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{8DC93326-16CC-48D5-AC1B-3EE829756735}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{01DC334C-FD42-42F9-874F-6A971CABBB47}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{28309110-391E-41C4-902C-1EF3D5821D93}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [UDP Query User{A96EF510-737A-4772-88A3-48E67EE3FCD1}D:\steam library\steamapps\common\obduction\obduction\binaries\win64\obduction-win64-shipping.exe] => (Allow) D:\steam library\steamapps\common\obduction\obduction\binaries\win64\obduction-win64-shipping.exe
FirewallRules: [TCP Query User{5BA39C0B-41EA-44D9-82CB-E3D838EF5050}D:\steam library\steamapps\common\obduction\obduction\binaries\win64\obduction-win64-shipping.exe] => (Allow) D:\steam library\steamapps\common\obduction\obduction\binaries\win64\obduction-win64-shipping.exe
FirewallRules: [{4F7A2A26-5EBE-47C2-A072-85ACCB536AC1}] => (Allow) D:\Steam Library\steamapps\common\Obduction\Obduction.exe
FirewallRules: [{C01F0858-DAA1-4FE2-98B4-B54AB80320D7}] => (Allow) D:\Steam Library\steamapps\common\Obduction\Obduction.exe
FirewallRules: [{40054AEF-8F9B-42B1-950A-3A1BD8CC8F3C}] => (Allow) D:\Steam Library\steamapps\common\N++\N++.exe
FirewallRules: [{6918EB3A-EE44-47EE-AA11-C70AB623A398}] => (Allow) D:\Steam Library\steamapps\common\N++\N++.exe
FirewallRules: [UDP Query User{C36744BE-D7AB-4D08-92CE-B53183745D97}D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{EEEF5C45-F6F3-4412-A7DB-E0D6F10E25A0}D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{462E1153-EB7E-4E2B-B077-C7687BA04196}D:\program files hd\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files hd\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{D0C22E5A-651D-4D5F-9A19-DB39E0E14AF9}D:\program files hd\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files hd\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{59EC2FD7-F9EB-42A6-95BA-33D2B07A9CA0}] => (Allow) D:\Steam Library\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{ADB9821A-7EDB-417F-BCC5-20DEB803FC4E}] => (Allow) D:\Steam Library\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{972F8EA2-AEE2-4A0A-8E16-108381222B0C}] => (Allow) D:\Steam Library\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{EC3987F3-07F5-4C77-A068-F4AF989A6B10}] => (Allow) D:\Steam Library\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{1CD5EC1B-C432-4640-A6C2-FBD4DEE1C08E}] => (Allow) D:\Steam Library\steamapps\common\devildaggers\dd.exe
FirewallRules: [{1E32D7A8-1520-409A-97FB-BA8590EE7C0D}] => (Allow) D:\Steam Library\steamapps\common\devildaggers\dd.exe
FirewallRules: [{C87AF28C-FB18-4591-A641-DA6693E865B8}] => (Allow) D:\Steam Library\steamapps\common\Absolute Drift\AbsoluteDrift.exe
FirewallRules: [{4CEFED44-AAD3-401C-9BB2-A2F3A4C8EF9E}] => (Allow) D:\Steam Library\steamapps\common\Absolute Drift\AbsoluteDrift.exe
FirewallRules: [UDP Query User{46EC6396-D518-4DA1-B09A-D8819F7FD0A8}D:\steam library\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam library\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{45909719-495A-4517-85D7-852DF67D8A8A}D:\steam library\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => (Allow) D:\steam library\steamapps\common\dead by daylight alpha access\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{F66AA2BA-B0FC-44AE-94C1-2369FCBA986F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{98AD33C1-AFEC-4D6B-B73D-1935089B9F0B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{6927E403-76E3-4A4D-999F-30388D89870A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{497412B2-17A3-4474-86FF-D92859DD9F94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FD429929-4C3C-4D03-9EA5-BF3356C8C51C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6214095F-81AF-414E-AF53-33EE46B0E085}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5C53417E-2C0B-4D4E-BEA6-F4EECABFA9B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2C1DF4BE-3A45-4F81-B6A9-A6429AE163DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{503AB2E7-4FEB-42C3-AE12-748512E5C1E5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C44AF2E9-B9E9-475B-8E42-03DBA6740D7F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A80A65F8-EAF2-4A3A-89B6-2084FE96C01B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{18044719-38A7-4767-8C73-EAF3375F15F4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C2211492-F52F-46DA-9CF6-B25FA61BCFF2}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{4CA9CA66-0FDB-4D3A-92FE-1A6FBC4E025A}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{60C08D62-491A-4D8D-8C57-C5448F68B29A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B7C619C8-42C8-423C-BE54-3D8ADBD278AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{908DE756-4082-400E-A1B5-64DAE320994D}] => (Allow) D:\Steam Library\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{33C27F0E-D74F-40F9-9A8E-1C2916024749}] => (Allow) D:\Steam Library\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E5A33114-85A0-4D43-BA0E-79F266F8F641}] => (Allow) D:\Steam Library\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7FD9AACF-4A25-4F26-B731-8F9D1D677EFC}] => (Allow) D:\Steam Library\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{7E029137-BDB2-4241-B5DF-AEC4DC1DA4D2}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{4AFCE05E-182D-4267-B2CD-388436D64BC2}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E29E2491-1764-4F1C-BB22-8A942EFC74F8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{34B42E0E-BA76-4327-8E32-C93481BA8673}] => (Allow) D:\Steam Library\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{AF9C73B8-6D5D-4FA0-AA73-52D578592AA8}] => (Allow) D:\Steam Library\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E215A1C0-B380-4A0F-A781-1A4CA1355C54}] => (Allow) D:\Steam Library\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{C66D27B8-C57A-4729-B84B-06742F23D828}] => (Allow) D:\Steam Library\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{355E3FA5-11BB-46CE-96C9-446D34BBC72F}] => (Allow) D:\Steam Library\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{CC3A85B6-C837-4FB6-B1CF-44265A820FD1}] => (Allow) D:\Steam Library\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{E361EB5F-5D79-406B-A640-131B0E26BE9E}] => (Allow) D:\Steam Library\steamapps\common\Peggle Nights\PeggleNights.exe
FirewallRules: [{41A8AA6F-9871-47C6-8685-A4E6E062A4BC}] => (Allow) D:\Steam Library\steamapps\common\Peggle Nights\PeggleNights.exe
FirewallRules: [{530757FD-699B-4425-B2E2-E85D9BE00A95}] => (Allow) D:\Steam Library\steamapps\common\Dear Esther\dearesther.exe
FirewallRules: [{8B204CEA-81F2-47BD-B089-4992601DDE73}] => (Allow) D:\Steam Library\steamapps\common\Dear Esther\dearesther.exe
FirewallRules: [TCP Query User{ADC771FD-E354-4592-BCFE-75169C9F311B}D:\program files hd\desperate gods\desperate gods.exe] => (Allow) D:\program files hd\desperate gods\desperate gods.exe
FirewallRules: [UDP Query User{075A7B17-2F48-4AFA-B239-406F3B95B77F}D:\program files hd\desperate gods\desperate gods.exe] => (Allow) D:\program files hd\desperate gods\desperate gods.exe
FirewallRules: [{A59B35EB-1574-4C1E-B4EA-22AD7C4D47CB}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{3DFFF61B-9C2F-408B-B813-5B5FA69284BF}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{AD492F16-41CC-48E3-BC9D-57AEB5CC1E06}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{8E1407F5-70AA-4A15-A3C1-509ECE445372}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{06D9AB8A-7DD9-4CD8-BDD1-275EA7C4685A}] => (Allow) D:\Program Files HD\qBittorrent\qbittorrent.exe
FirewallRules: [{41B9D829-CE2B-465A-B252-CC696D189C4D}] => (Allow) D:\Program Files HD\qBittorrent\qbittorrent.exe
FirewallRules: [{A2A9DFF2-6E3A-43E1-86FA-C42E25D6955C}] => (Allow) D:\Steam Library\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{FEC74C48-6CBE-4DD5-93D2-679EBD532624}] => (Allow) D:\Steam Library\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{B2455A15-457A-4378-8CA4-AD3ED33A1359}] => (Allow) D:\Steam Library\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{875E199B-35FF-47A2-A9ED-1B8F345F5338}] => (Allow) D:\Steam Library\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{E6E8A1FA-C4E6-4166-931A-3EB310833EB3}] => (Allow) D:\Steam Library\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{37B5EE58-3224-4108-A759-1BB8EF85B852}] => (Allow) D:\Steam Library\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{9903800E-869A-48BF-B722-75A59A6DBA40}] => (Allow) D:\Steam Library\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{123A3393-90DC-4822-8627-4E2B8A0E9835}] => (Allow) D:\Steam Library\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{918BF49B-2FD3-48DB-9C06-0BE7BD0B6597}] => (Allow) D:\Steam Library\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{F075B548-EC6B-4DC0-A884-343745811077}] => (Allow) D:\Steam Library\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{83EAC983-309D-4623-8EC7-4378F6D731F4}] => (Allow) C:\Users\Johnsory\AppData\Local\Temp\nsi71B8.tmp\Installer-76084596.exe
FirewallRules: [{16DED371-45EC-4A88-80A5-17813143CAD5}] => (Allow) C:\Users\Johnsory\AppData\Local\Temp\nsi71B8.tmp\Installer-76084596.exe
FirewallRules: [{0FA13A80-7C6E-4A24-B570-1903E12EE1C1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BB355A31-29D3-4465-BF4E-38FC353A5AD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0033060D-148A-4185-85DD-379D23149BD1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B6FE1BC8-6A82-40C9-A265-9F08D5808990}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{37FC7D26-AA00-4A95-83A7-EAE2F9EACE9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{48884857-76C1-4CC3-964B-AB7C3D316499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A7BE3669-CBED-42AC-9D12-CD3AD1459F20}] => (Allow) D:\Steam Library\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [{52A27854-1FF4-47BB-A2B6-3C8306C59DCA}] => (Allow) D:\Steam Library\steamapps\common\Rock of Ages\Binaries\Win32\RoA.exe
FirewallRules: [TCP Query User{56139D84-038E-4E11-A783-EA641A693FF0}D:\program files hd\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe] => (Allow) D:\program files hd\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe
FirewallRules: [UDP Query User{DEC1938D-AB6D-4F27-86FA-9F10FED7C52A}D:\program files hd\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe] => (Allow) D:\program files hd\rising thunder\radiantgames\rising thunder\windowsnoeditor\risingthunder\binaries\win64\risingthunder-win64-shipping.exe
FirewallRules: [{08B38DEC-1009-40B8-8959-C68E13EDB583}] => (Allow) D:\Steam Library\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{9DB6C7DC-B459-4257-B57F-1A07D54B0110}] => (Allow) D:\Steam Library\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{62D9DC4C-5574-4AD3-9C7B-3CD2DBE4AD41}D:\steam library\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam library\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{998FDAAB-241F-438A-9F21-52918F60B239}D:\steam library\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steam library\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{B1E942CE-40B9-4CCE-8C8F-25C2FBA51DFF}] => (Allow) D:\Steam Library\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{0E2718D2-7AE3-4A50-B962-B64CEF12DBF6}] => (Allow) D:\Steam Library\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{0FEB241E-2173-4C02-93F4-13F1D47ACDFA}] => (Allow) D:\Steam Library\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F6D6BBFE-C21B-47E4-871D-52909AF58B8F}] => (Allow) D:\Steam Library\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B4FFB41A-81D6-465C-97B1-1F5C95FBB854}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{728A1D83-4F0E-4EA8-82A2-AA513790CC19}] => (Allow) D:\Steam Library\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D90E1B2D-257A-420F-B6AA-5059145F6488}] => (Allow) D:\Steam Library\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{3886E554-E3CC-4BFD-BEB1-6AAED349E53F}] => (Allow) D:\Steam Library\steamapps\common\Batman Arkham Knight\Binaries\Win64\BatmanAK.exe
FirewallRules: [{8E398F30-D8E9-4C97-A40D-B9ECD33ED006}] => (Allow) D:\Steam Library\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{43B9487F-5A1A-4C7E-9857-C25CA991FA32}] => (Allow) D:\Steam Library\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{E5413601-338A-4F81-911D-DCB8DBF7D6D1}] => (Allow) D:\Steam Library\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{946EEF95-B041-45FD-8B5A-A871AC8FBA3C}] => (Allow) D:\Steam Library\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{ACEC8762-7A74-4152-8C2E-47A8A4067174}D:\steam library\steamapps\common\war thunder\aces.exe] => (Allow) D:\steam library\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{2CF577B3-B50F-41B1-A0A2-24BD79CFE705}D:\steam library\steamapps\common\war thunder\aces.exe] => (Allow) D:\steam library\steamapps\common\war thunder\aces.exe
FirewallRules: [{1B9F4CB5-47DA-42B6-A78B-2B6393F02AB7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D4C177C3-9111-4721-B380-40C154488631}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{B6F03773-5BE3-499B-B6FC-EB99AD4A96E2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{F7BFC9C4-6FC8-44EC-B9C0-DC05D1306949}] => (Allow) D:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{C34B3B31-D701-4C7F-84D2-05679BBBBEE4}] => (Allow) D:\Program Files (x86)\Origin Games\STAR WARS Battlefront Beta\starwarsbattlefront.exe
FirewallRules: [{024E3E3D-73A2-47F6-802C-F7EE75F0AF04}] => (Allow) D:\Steam Library\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{E303408F-0916-462F-86A2-16070AA6DC24}] => (Allow) D:\Steam Library\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [TCP Query User{5AD4077C-2C7B-4801-A16A-175826515A73}C:\users\johnsory\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnsory\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C0264562-F92C-4963-9867-25F5B7B771AC}C:\users\johnsory\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnsory\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3D6B4B83-0987-4062-BA42-407FD50F28F6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{6C7EF03B-C4BC-4F64-93E9-35A50F003E3D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{5A9C9706-2422-4A4B-804D-5397EA49C4F1}] => (Allow) D:\Steam Library\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{A831A7B7-D3E7-42AD-B4F4-5E0B857E48AC}] => (Allow) D:\Steam Library\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{F275DE63-9433-47E0-8BFC-7F82D5031464}D:\program files hd\halo online\eldorado.exe] => (Allow) D:\program files hd\halo online\eldorado.exe
FirewallRules: [UDP Query User{FBBAEB34-2B7B-4DBF-828E-161ADB256844}D:\program files hd\halo online\eldorado.exe] => (Allow) D:\program files hd\halo online\eldorado.exe
FirewallRules: [TCP Query User{40E0D453-B33D-490E-B095-0F3C644D474F}D:\program files hd\comicrack\comicrack.exe] => (Allow) D:\program files hd\comicrack\comicrack.exe
FirewallRules: [UDP Query User{F5FDB05B-D171-4626-8AD0-E6DBD2157C77}D:\program files hd\comicrack\comicrack.exe] => (Allow) D:\program files hd\comicrack\comicrack.exe
FirewallRules: [{18E81A5A-1D2B-4276-92A1-07A7B489A3C1}] => (Allow) D:\Steam Library\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{7DA0397E-64C7-47F7-9D51-A61257F2205D}] => (Allow) D:\Steam Library\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{29711283-CC1A-4578-8D9A-49607BF50BF9}D:\program files hd\overwatch\overwatch.exe] => (Allow) D:\program files hd\overwatch\overwatch.exe
FirewallRules: [UDP Query User{1F26DA8C-82CA-4B51-8DDB-B2A319ECECBD}D:\program files hd\overwatch\overwatch.exe] => (Allow) D:\program files hd\overwatch\overwatch.exe
FirewallRules: [TCP Query User{35ECFDEB-4662-4585-B129-2C0613BAFEAC}D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{8DA0DC63-1ED6-4967-9E6E-5173D2315539}D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files hd\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{30B899E2-EABC-4381-8D45-EB2419B17D87}] => (Allow) D:\Steam Library\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{E7F8F849-EFD4-4F03-BB8B-28E382A0431C}] => (Allow) D:\Steam Library\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{997D35E3-18C5-4495-8452-37C509D84DDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E40C76F3-757D-44B9-8B31-C5F78BD72D11}] => (Allow) D:\Steam Library\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{5D26C858-FB88-436F-8830-8A61B0A99AEA}] => (Allow) D:\Steam Library\steamapps\common\SNOW\Bin64\playSNOW.exe

==================== Restore Points =========================

07-10-2016 15:12:24 Scheduled Checkpoint
11-10-2016 12:10:46 Windows Update
11-10-2016 12:10:54 Windows Update
17-10-2016 15:36:29 Windows Update
22-10-2016 01:19:25 Installed DirectX
23-10-2016 11:35:06 Installed Realtek High Definition Audio Driver

==================== Faulty Device Manager Devices =============

Name: Intel® Management Engine Interface
Description: Intel® Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2016 03:12:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Getstarted_4.1.15.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 03:09:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Getstarted_4.1.15.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 03:09:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.MicrosoftStickyNotes_8wekyb3d8bbwe!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/24/2016 02:54:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Johnsory-PC)
Description: Activation of app Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy:App.AppXc99k5qnnsvxj5szemm7fp3g7y08we5vm.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (10/24/2016 03:13:17 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/24/2016 03:13:17 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/24/2016 03:13:17 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/24/2016 03:13:17 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/24/2016 03:13:17 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/24/2016 03:13:02 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/24/2016 03:13:02 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (10/24/2016 03:12:59 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/24/2016 03:12:56 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/24/2016 03:12:54 PM) (Source: DCOM) (EventID: 10005) (User: Johnsory-PC)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}


CodeIntegrity:
===================================
  Date: 2016-10-23 00:48:32.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:32.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:32.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:32.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:32.149
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:32.140
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:31.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-23 00:48:31.362
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-10-22 01:41:31.100
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-22 01:41:31.046
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 9%
Total physical RAM: 8154.11 MB
Available physical RAM: 7349.68 MB
Total Virtual: 16346.11 MB
Available Virtual: 15656.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.44 GB) (Free:157.43 GB) NTFS
Drive d: (DiskDrive1) (Fixed) (Total:931.41 GB) (Free:468.69 GB) NTFS
Drive f: (SP UFD U3) (Removable) (Total:29.45 GB) (Free:20.1 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9FF1FE3F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9FF1FE47)
Partition 1: (Not Active) - (Size=232.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 29.5 GB) (Disk ID: 00267ADA)
Partition 1: (Active) - (Size=29.5 GB) - (Type=0C)

==================== End of Addition.txt ============================



#4 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,916 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:01:42 PM

Posted 24 October 2016 - 09:49 PM

Topic moved from Am I Infected due to FRST log.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:42 PM

Posted 29 October 2016 - 04:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/630439 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 29 October 2016 - 01:17 PM

Here is the new FRST and Addition logs. I performed the FRST scan while in normal boot (not safe mode). I can re-scan while in safe mode if you think it matters! Also, I do have my Windows CD with me. Anyways, the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016
Ran by Johnsory (administrator) on JOHNSORY-PC (29-10-2016 11:10:52)
Running from C:\Users\Johnsory\Desktop
Loaded Profiles: Johnsory (Available Profiles: Johnsory & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.1.30.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Flux Software LLC) C:\Users\Johnsory\AppData\Local\FluxSoftware\Flux\flux.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Spotify Ltd) C:\Users\Johnsory\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hammer & Chisel, Inc.) C:\Users\Johnsory\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Johnsory\AppData\Local\Discord\app-0.0.296\Discord.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
() D:\Program Files HD\TP-LINK\TWCU.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Hammer & Chisel, Inc.) C:\Users\Johnsory\AppData\Local\Discord\app-0.0.296\Discord.exe
(ShareX Team) D:\Program Files HD\ShareX\ShareX.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.197.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3941528 2016-05-20] (Logitech, Inc.)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [41088 2014-02-21] (Creative Technology Ltd.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1442304 2014-05-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [11340752 2016-07-19] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1022928 2016-07-27] (MSI)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9099440 2016-10-27] (AVAST Software)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-06-15] (Google Inc.)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [f.lux] => C:\Users\Johnsory\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [Spotify Web Helper] => C:\Users\Johnsory\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-08-02] (Spotify Ltd)
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe
HKU\S-1-5-21-12257215-3952172286-556340471-1000\...\Run: [Discord] => C:\Users\Johnsory\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-22] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-09-12]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-06-23]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> D:\Program Files HD\TP-LINK\TWCU.exe ()
Startup: C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2016-09-30]
ShortcutTarget: ShareX.lnk -> D:\Program Files HD\ShareX\ShareX.exe (ShareX Team)
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{ac889bde-cbe1-41e0-833b-968fac66a51c}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-08-09] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-06] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: e05dl6f9.default
FF ProfilePath: C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default [2016-10-29]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\e05dl6f9.default -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\e05dl6f9.default -> Google
FF Session Restore: Mozilla\Firefox\Profiles\e05dl6f9.default -> is enabled.
FF Extension: (Distill Web Monitor) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\alertbox@ajitk.com.xpi [2016-08-11]
FF Extension: (BetterTTV) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\firefox@betterttv.net.xpi [2016-03-19]
FF Extension: (MEGA) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\firefox@mega.co.nz.xpi [2016-10-20]
FF Extension: (Reddit Enhancement Suite) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-10-15]
FF Extension: (uBlock Origin) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\uBlock0@raymondhill.net.xpi [2016-10-25]
FF Extension: (Location Bar Enhancer) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\UIEnhancer@girishsharma.xpi [2016-01-27]
FF Extension: (Flagfox) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-10-12]
FF Extension: (FT DeepDark) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2016-10-27]
FF Extension: (YouTube High Definition) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2016-10-28]
FF Extension: (SoundCloud Downloader - Technowise) - C:\Users\Johnsory\AppData\Roaming\Mozilla\Firefox\Profiles\e05dl6f9.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2015-12-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-28] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shyos&prd=set_ch&q={searchTerms}&s=GAMzftpbl0cshmoAU,f596b095-a37e-4cb5-9b63-18501afea0d1,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default [2016-09-06]
CHR Extension: (Google Slides) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-27]
CHR Extension: (Google Docs) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-27]
CHR Extension: (Google Drive) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-06]
CHR Extension: (Google Search) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Sheets) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-27]
CHR Extension: (Google Docs Offline) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-14]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Johnsory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-27]
CHR HKU\S-1-5-21-12257215-3952172286-556340471-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-22] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-08-25] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-01-28] (Rivet Networks)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-06-14] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2200872 2016-02-01] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4162144 2016-05-19] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2014160 2016-03-04] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2328160 2016-07-01] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-06-02] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [598112 2016-06-02] (MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [58296 2016-08-12] (Micro-Star INT'L CO., LTD.)
R2 MSI_ECOSERVICE; C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe [2266280 2015-03-27] (Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [105296 2015-06-04] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2227152 2016-07-19] (Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2016-08-01] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files HD\Origin\OriginClientService.exe [2122248 2016-08-31] (Electronic Arts)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2015-02-09] (Micro-Star INT'L CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe [19192 2015-10-06] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asstor64; C:\WINDOWS\System32\drivers\asstor64.sys [84304 2015-10-01] (Asmedia Technology)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-10-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-10-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-10-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-10-22] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-10-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-22] (AVAST Software)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-01-22] (Rivet Networks, LLC.)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [30224 2015-05-28] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e22w10x64.sys [156744 2015-10-07] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-18] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NTIOLib_ECO; C:\Program Files (x86)\MSI\ECO Center\NTIOLib_X64.sys [13808 2014-01-06] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys [14216760 2016-08-27] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (SplitmediaLabs Limited)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-07-10] (Intel Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 11:10 - 2016-10-29 11:10 - 00000000 ____D C:\Users\Johnsory\Desktop\FRST-OlderVersion
2016-10-27 13:33 - 2016-10-14 22:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-27 13:33 - 2016-10-14 21:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-27 13:33 - 2016-10-14 21:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 13:33 - 2016-10-14 21:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 13:33 - 2016-10-14 21:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 13:33 - 2016-10-14 21:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-27 13:33 - 2016-10-14 21:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-27 13:33 - 2016-10-14 21:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-27 13:33 - 2016-10-14 21:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-27 13:33 - 2016-10-14 21:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 13:33 - 2016-10-14 21:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-27 13:33 - 2016-10-14 21:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 13:33 - 2016-10-14 21:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 13:33 - 2016-10-14 21:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 13:33 - 2016-10-14 21:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 13:33 - 2016-10-14 21:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 13:33 - 2016-10-14 21:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 13:33 - 2016-10-14 21:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 13:33 - 2016-10-14 21:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-27 13:33 - 2016-10-14 21:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-27 13:33 - 2016-10-14 21:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 13:33 - 2016-10-14 21:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-27 13:33 - 2016-10-14 21:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 13:33 - 2016-10-14 21:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 13:33 - 2016-10-14 21:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 13:33 - 2016-10-14 21:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 13:33 - 2016-10-14 21:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-27 13:33 - 2016-10-14 21:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 13:33 - 2016-10-14 21:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 13:33 - 2016-10-14 21:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 13:33 - 2016-10-14 21:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-27 13:33 - 2016-10-14 21:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 13:33 - 2016-10-14 21:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 13:33 - 2016-10-14 21:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 13:33 - 2016-10-14 21:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 13:33 - 2016-10-14 21:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 13:33 - 2016-10-14 21:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-27 13:33 - 2016-10-14 21:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-27 13:33 - 2016-10-14 21:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 13:33 - 2016-10-14 21:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 13:33 - 2016-10-14 21:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 13:33 - 2016-10-14 21:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-27 13:33 - 2016-10-14 21:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 13:33 - 2016-10-14 21:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-27 13:33 - 2016-10-14 21:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-27 13:33 - 2016-10-14 21:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 13:33 - 2016-10-14 21:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 13:33 - 2016-10-14 21:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 13:33 - 2016-10-14 21:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 13:33 - 2016-10-14 21:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 13:33 - 2016-10-14 21:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-27 13:33 - 2016-10-14 21:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 13:33 - 2016-10-14 21:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 13:33 - 2016-10-14 21:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 13:33 - 2016-10-14 21:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 13:33 - 2016-10-14 21:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 13:33 - 2016-10-14 21:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-27 13:33 - 2016-10-14 21:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-27 13:33 - 2016-10-14 21:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 13:33 - 2016-10-14 21:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-27 13:33 - 2016-10-14 21:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 13:33 - 2016-10-14 21:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-27 13:33 - 2016-10-14 21:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-27 13:33 - 2016-10-14 21:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-27 13:33 - 2016-10-14 21:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 13:33 - 2016-10-14 21:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 13:33 - 2016-10-14 21:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 13:33 - 2016-10-14 21:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-27 13:33 - 2016-10-14 21:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 13:33 - 2016-10-14 21:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 13:33 - 2016-10-14 21:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 13:33 - 2016-10-14 21:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 13:33 - 2016-10-14 21:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 13:33 - 2016-10-14 20:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 13:33 - 2016-10-14 20:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 13:33 - 2016-10-14 20:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 13:33 - 2016-10-14 20:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 13:33 - 2016-10-14 20:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 13:33 - 2016-10-14 20:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-27 13:33 - 2016-10-14 20:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-27 13:33 - 2016-10-14 20:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 13:33 - 2016-10-14 20:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 13:33 - 2016-10-14 20:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 13:33 - 2016-10-14 20:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-27 13:33 - 2016-10-14 20:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 13:33 - 2016-10-14 20:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 13:33 - 2016-10-14 20:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 13:33 - 2016-10-14 20:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 13:33 - 2016-10-14 20:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 13:33 - 2016-10-14 20:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 13:33 - 2016-10-14 20:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-27 13:33 - 2016-10-14 20:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-27 13:33 - 2016-10-14 20:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 13:33 - 2016-10-14 20:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-27 13:33 - 2016-10-14 20:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-27 13:33 - 2016-10-14 20:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-27 13:33 - 2016-10-14 20:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-27 13:33 - 2016-10-14 20:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 13:33 - 2016-10-14 20:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 13:33 - 2016-10-14 20:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-27 13:33 - 2016-10-14 20:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 13:33 - 2016-10-14 20:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 13:33 - 2016-10-14 20:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 13:33 - 2016-10-14 20:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 13:33 - 2016-10-14 20:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 13:33 - 2016-10-14 20:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-27 13:33 - 2016-10-14 20:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-27 13:33 - 2016-10-14 20:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 13:33 - 2016-10-14 20:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 13:33 - 2016-10-14 20:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 13:33 - 2016-10-14 20:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-27 13:33 - 2016-10-14 20:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-27 13:33 - 2016-10-14 20:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-27 13:33 - 2016-10-14 20:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 13:33 - 2016-10-14 20:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 13:33 - 2016-10-14 20:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 13:33 - 2016-10-14 20:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-27 13:33 - 2016-10-14 20:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 13:33 - 2016-10-14 20:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-27 13:33 - 2016-10-14 20:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 13:33 - 2016-10-14 20:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 13:33 - 2016-10-14 20:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-27 13:33 - 2016-10-14 20:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-27 13:33 - 2016-10-14 20:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 13:33 - 2016-10-14 20:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 13:33 - 2016-10-14 20:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 13:33 - 2016-10-14 20:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-27 13:33 - 2016-10-14 20:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 13:33 - 2016-10-14 20:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 13:33 - 2016-10-14 20:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 13:33 - 2016-10-14 20:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 13:33 - 2016-10-14 20:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-27 13:33 - 2016-10-14 20:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 13:33 - 2016-10-14 20:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 13:33 - 2016-10-14 20:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 13:33 - 2016-10-14 20:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-27 13:33 - 2016-10-14 20:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-27 13:33 - 2016-10-14 20:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-27 13:33 - 2016-10-14 20:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 13:33 - 2016-10-14 20:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 13:33 - 2016-10-14 20:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-27 13:33 - 2016-10-14 20:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 13:33 - 2016-10-14 20:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 13:33 - 2016-10-14 20:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 13:33 - 2016-10-14 20:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-27 13:33 - 2016-10-14 20:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-27 13:33 - 2016-10-14 20:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 13:33 - 2016-10-14 20:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-27 13:33 - 2016-10-14 20:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-27 13:33 - 2016-10-14 20:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 13:33 - 2016-10-14 20:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 13:33 - 2016-10-14 20:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-27 13:33 - 2016-10-14 20:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 13:33 - 2016-10-14 20:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-27 13:33 - 2016-10-14 20:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 13:33 - 2016-10-14 20:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 13:33 - 2016-09-10 06:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 13:33 - 2016-08-26 22:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 13:33 - 2016-08-05 21:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-24 20:43 - 2016-10-24 20:43 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 00000000 ____D C:\Users\Johnsory\usb_driver
2016-10-24 15:13 - 2016-10-24 15:13 - 00062676 _____ C:\Users\Johnsory\Desktop\Addition.txt
2016-10-24 15:09 - 2016-10-29 11:11 - 00028785 _____ C:\Users\Johnsory\Desktop\FRST.txt
2016-10-24 15:01 - 2016-10-23 23:17 - 00448512 _____ (OldTimer Tools) C:\Users\Johnsory\Desktop\TFC.exe
2016-10-24 15:01 - 2016-10-23 22:47 - 03910208 _____ C:\Users\Johnsory\Desktop\AdwCleaner.exe
2016-10-24 15:01 - 2016-10-23 18:29 - 11579432 _____ (SurfRight B.V.) C:\Users\Johnsory\Desktop\hitmanpro_x64.exe
2016-10-24 15:00 - 2016-10-29 11:10 - 02408448 _____ (Farbar) C:\Users\Johnsory\Desktop\FRST64.exe
2016-10-24 14:58 - 2016-10-29 11:10 - 00000000 ____D C:\FRST
2016-10-24 14:48 - 2016-10-24 16:18 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-10-24 00:22 - 2016-08-22 07:51 - 06910841 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-10-24 00:22 - 2016-08-22 07:51 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-10-24 00:22 - 2016-08-22 07:51 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 01745672 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\MBAPO232.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-10-24 00:22 - 2016-08-22 07:51 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-10-23 22:47 - 2016-10-24 02:07 - 00000000 ____D C:\AdwCleaner
2016-10-23 22:17 - 2016-10-24 01:19 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\ProcessLasso
2016-10-23 22:17 - 2016-10-24 01:19 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Process Lasso
2016-10-23 22:17 - 2016-10-23 22:17 - 00000000 ____D C:\ProgramData\ProcessLasso
2016-10-23 19:03 - 2016-10-23 19:09 - 00288104 _____ C:\TDSSKiller.3.1.0.11_23.10.2016_19.03.46_log.txt
2016-10-23 18:52 - 2016-10-23 19:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-23 18:50 - 2016-10-24 01:19 - 00000000 ____D C:\Users\Johnsory\Desktop\mbar
2016-10-23 18:29 - 2016-10-24 01:19 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-23 16:46 - 2016-10-24 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-22 20:59 - 2016-10-22 20:59 - 00000000 ____D C:\Users\Johnsory\Documents\Dolphin Emulator
2016-10-22 20:58 - 2016-10-22 20:58 - 00001056 _____ C:\Users\Public\Desktop\Dolphin.lnk
2016-10-22 20:58 - 2016-10-22 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
2016-10-22 20:53 - 2016-10-22 20:53 - 00000000 ____D C:\Users\Johnsory\Desktop\SSBM
2016-10-22 03:59 - 2016-10-22 03:59 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-10-22 03:59 - 2016-10-22 03:59 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-10-22 03:59 - 2016-10-22 03:59 - 00044952 _____ () C:\WINDOWS\system32\Drivers\staport.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-10-22 03:59 - 2016-10-22 03:59 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-10-22 03:59 - 2016-10-22 03:59 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-10-22 03:59 - 2016-10-22 03:59 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-10-22 03:40 - 2016-10-22 03:40 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\AVAST Software
2016-10-22 03:39 - 2016-10-22 03:58 - 00000000 ____D C:\Program Files\AVAST Software
2016-10-22 03:36 - 2016-10-22 03:36 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-22 01:38 - 2016-10-22 01:38 - 00000000 ____D C:\WINDOWS\system32\lyqr
2016-10-22 01:36 - 2016-10-22 03:10 - 00000000 ____D C:\a
2016-10-22 01:36 - 2016-10-22 02:02 - 00000000 ____D C:\Program Files (x86)\Foul
2016-10-22 01:36 - 2016-10-22 01:36 - 00000000 ____D C:\Users\Johnsory\AppData\Local\MicrosoftEdge
2016-10-22 01:35 - 2016-10-22 02:02 - 00000000 ____D C:\Users\Johnsory\AppData\LocalLow\Company
2016-10-22 01:35 - 2016-10-22 01:36 - 00000000 _____ C:\Users\Johnsory\AppData\Local\stxtname.txt
2016-10-22 01:35 - 2016-10-22 01:35 - 00000003 _____ C:\Users\Johnsory\AppData\Local\run1.txt
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\c
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Tempfolder
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Corporation
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 _____ C:\Users\Johnsory\AppData\Local\run.txt
2016-10-22 01:34 - 2016-10-22 03:10 - 00000000 ____D C:\Program Files (x86)\sysonem
2016-10-22 01:34 - 2016-10-22 01:34 - 00000000 _____ C:\TOSTACK
2016-10-22 01:19 - 2016-10-22 20:58 - 00000000 ____D C:\Program Files (x86)\Dolphin
2016-10-11 11:27 - 2016-10-05 03:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-11 11:27 - 2016-10-05 03:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 11:27 - 2016-10-05 03:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-11 11:27 - 2016-10-05 03:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-11 11:27 - 2016-10-05 03:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-11 11:27 - 2016-10-05 03:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-11 11:27 - 2016-10-05 03:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-11 11:27 - 2016-10-05 03:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-11 11:27 - 2016-10-05 03:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-11 11:27 - 2016-10-05 03:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-11 11:27 - 2016-10-05 03:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-11 11:27 - 2016-10-05 03:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-11 11:27 - 2016-10-05 03:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-11 11:27 - 2016-10-05 03:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-11 11:27 - 2016-10-05 02:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 11:27 - 2016-10-05 02:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 11:27 - 2016-10-05 02:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-11 11:27 - 2016-10-05 02:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-11 11:27 - 2016-10-05 02:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-11 11:27 - 2016-10-05 02:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-11 11:27 - 2016-10-05 02:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-11 11:27 - 2016-10-05 02:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-11 11:27 - 2016-10-05 02:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 11:27 - 2016-10-05 02:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-11 11:27 - 2016-10-05 02:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 11:27 - 2016-10-05 02:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 11:27 - 2016-10-05 02:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-11 11:27 - 2016-10-05 02:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-11 11:27 - 2016-10-05 02:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-11 11:27 - 2016-10-05 02:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-11 11:27 - 2016-10-05 02:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-11 11:27 - 2016-10-05 02:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 11:27 - 2016-10-05 02:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-11 11:27 - 2016-10-05 02:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-11 11:27 - 2016-10-05 02:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-11 11:27 - 2016-10-05 02:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 11:27 - 2016-10-05 02:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-11 11:27 - 2016-10-05 02:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 11:27 - 2016-10-05 02:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-11 11:27 - 2016-10-05 02:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-11 11:27 - 2016-10-05 02:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-11 11:27 - 2016-10-05 02:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 11:27 - 2016-10-05 02:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-11 11:27 - 2016-10-05 02:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-11 11:27 - 2016-10-05 02:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-11 11:27 - 2016-10-05 02:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-11 11:27 - 2016-10-05 02:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 11:27 - 2016-10-05 02:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-11 11:27 - 2016-10-05 02:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-11 11:27 - 2016-10-05 02:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-11 11:27 - 2016-10-05 02:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-11 11:27 - 2016-10-05 02:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-11 11:27 - 2016-10-05 02:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-11 11:27 - 2016-10-05 02:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 11:27 - 2016-10-05 02:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-11 11:27 - 2016-10-05 02:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 11:27 - 2016-10-05 02:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-11 11:27 - 2016-10-05 02:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-11 11:27 - 2016-10-05 02:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 11:27 - 2016-10-05 02:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-11 11:27 - 2016-10-05 02:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-11 11:27 - 2016-10-05 02:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-11 11:27 - 2016-10-05 02:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 11:27 - 2016-10-05 02:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 11:27 - 2016-10-05 02:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-11 11:27 - 2016-10-05 02:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-11 11:27 - 2016-10-05 02:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-11 11:27 - 2016-10-05 02:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-11 11:27 - 2016-10-05 02:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-11 11:27 - 2016-10-05 02:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 11:27 - 2016-10-04 17:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-11 11:27 - 2016-09-06 22:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-29 11:12 - 2016-09-15 10:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-29 11:12 - 2016-09-15 10:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-29 11:12 - 2016-09-15 10:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-29 11:12 - 2016-09-15 10:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-29 11:12 - 2016-09-15 10:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-29 11:12 - 2016-09-15 10:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-29 11:12 - 2016-09-15 10:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-29 11:12 - 2016-09-15 10:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-29 11:12 - 2016-09-15 10:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-29 11:12 - 2016-09-15 10:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-29 11:12 - 2016-09-15 10:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-29 11:12 - 2016-09-15 10:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-29 11:12 - 2016-09-15 10:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-29 11:12 - 2016-09-15 10:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 11:12 - 2016-09-15 10:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-29 11:12 - 2016-09-15 10:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-29 11:12 - 2016-09-15 10:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-29 11:12 - 2016-09-15 10:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-29 11:12 - 2016-09-15 10:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-29 11:12 - 2016-09-15 10:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-29 11:12 - 2016-09-15 10:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-29 11:12 - 2016-09-15 10:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-29 11:12 - 2016-09-15 10:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-29 11:12 - 2016-09-15 10:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-29 11:12 - 2016-09-15 10:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-29 11:12 - 2016-09-15 10:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-29 11:12 - 2016-09-15 10:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-29 11:12 - 2016-09-15 10:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-29 11:12 - 2016-09-15 10:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-29 11:12 - 2016-09-15 10:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-29 11:12 - 2016-09-15 10:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-29 11:12 - 2016-09-15 10:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-29 11:12 - 2016-09-15 10:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-29 11:12 - 2016-09-15 10:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-29 11:12 - 2016-09-15 10:03 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-09-29 11:12 - 2016-09-15 10:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-29 11:12 - 2016-09-15 10:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-29 11:12 - 2016-09-15 09:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-29 11:12 - 2016-09-15 09:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-29 11:12 - 2016-09-15 09:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-29 11:12 - 2016-09-15 09:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-29 11:12 - 2016-09-15 09:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-29 11:12 - 2016-09-15 09:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-29 11:12 - 2016-09-15 09:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-29 11:12 - 2016-09-15 09:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-29 11:12 - 2016-09-15 09:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-29 11:12 - 2016-09-15 09:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-29 11:12 - 2016-09-15 09:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-29 11:12 - 2016-09-15 09:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-29 11:12 - 2016-09-15 09:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-29 11:12 - 2016-09-15 09:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-29 11:12 - 2016-09-15 09:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-29 11:12 - 2016-09-15 09:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-29 11:12 - 2016-09-15 09:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-29 11:12 - 2016-09-15 09:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-29 11:12 - 2016-09-15 09:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-29 11:12 - 2016-09-15 09:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-29 11:12 - 2016-09-15 09:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-29 11:12 - 2016-09-15 09:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-29 11:12 - 2016-09-15 09:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-29 11:12 - 2016-09-15 09:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-29 11:12 - 2016-09-15 09:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-29 11:12 - 2016-09-15 09:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-29 11:12 - 2016-09-15 09:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-29 11:12 - 2016-09-15 09:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-29 11:12 - 2016-09-15 09:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-29 11:12 - 2016-09-15 09:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-29 11:12 - 2016-09-15 09:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-29 11:12 - 2016-09-15 09:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-29 11:12 - 2016-09-15 09:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-29 11:12 - 2016-09-15 09:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-29 11:12 - 2016-09-15 09:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-29 11:12 - 2016-09-15 09:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-29 11:12 - 2016-09-15 09:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-29 11:12 - 2016-09-15 09:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-29 11:12 - 2016-09-15 09:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-29 11:12 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-29 11:12 - 2016-09-15 09:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-29 11:12 - 2016-09-15 09:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-29 11:12 - 2016-09-15 09:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-29 11:12 - 2016-09-15 09:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-29 11:12 - 2016-09-15 09:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-29 11:12 - 2016-09-15 09:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-29 11:12 - 2016-09-15 09:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-29 11:12 - 2016-09-15 09:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-29 11:12 - 2016-09-15 09:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-29 11:12 - 2016-09-15 09:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-29 11:12 - 2016-09-15 09:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-29 11:12 - 2016-09-15 09:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-29 11:12 - 2016-09-15 09:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-29 11:12 - 2016-09-15 09:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-29 11:12 - 2016-09-15 09:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-29 11:12 - 2016-09-15 09:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-29 11:12 - 2016-09-15 09:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-29 11:12 - 2016-09-15 09:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-29 11:12 - 2016-09-15 09:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-29 11:12 - 2016-09-15 09:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-29 11:12 - 2016-09-15 09:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-29 11:12 - 2016-09-15 09:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-29 11:12 - 2016-09-15 09:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-29 11:12 - 2016-09-15 09:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-29 11:12 - 2016-09-15 09:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-29 11:12 - 2016-09-15 09:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-29 11:12 - 2016-09-15 09:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-29 11:12 - 2016-09-15 09:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-29 11:12 - 2016-09-15 09:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-29 11:12 - 2016-09-15 09:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-29 11:12 - 2016-09-15 09:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-29 11:12 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-29 11:11 - 2016-09-15 10:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-29 11:11 - 2016-09-15 10:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-29 11:11 - 2016-09-15 10:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-29 11:11 - 2016-09-15 10:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-29 11:11 - 2016-09-15 10:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-29 11:11 - 2016-09-15 10:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-29 11:11 - 2016-09-15 10:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-29 11:11 - 2016-09-15 10:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-29 11:11 - 2016-09-15 10:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-29 11:11 - 2016-09-15 10:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-29 11:11 - 2016-09-15 10:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-29 11:11 - 2016-09-15 10:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-29 11:11 - 2016-09-15 10:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-29 11:11 - 2016-09-15 10:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-29 11:11 - 2016-09-15 10:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-29 11:11 - 2016-09-15 10:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-29 11:11 - 2016-09-15 10:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-29 11:11 - 2016-09-15 10:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-29 11:11 - 2016-09-15 10:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-29 11:11 - 2016-09-15 10:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-29 11:11 - 2016-09-15 10:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-29 11:11 - 2016-09-15 10:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-29 11:11 - 2016-09-15 10:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-29 11:11 - 2016-09-15 10:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-29 11:11 - 2016-09-15 10:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-29 11:11 - 2016-09-15 10:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-29 11:11 - 2016-09-15 10:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-29 11:11 - 2016-09-15 10:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-29 11:11 - 2016-09-15 09:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-29 11:11 - 2016-09-15 09:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-29 11:11 - 2016-09-15 09:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-29 11:11 - 2016-09-15 09:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-29 11:11 - 2016-09-15 09:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-29 11:11 - 2016-09-15 09:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-29 11:11 - 2016-09-15 09:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-29 11:11 - 2016-09-15 09:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-29 11:11 - 2016-09-15 09:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-29 11:11 - 2016-09-15 09:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-29 11:11 - 2016-09-15 09:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-29 11:11 - 2016-09-15 09:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-29 11:11 - 2016-09-15 09:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-29 11:11 - 2016-09-15 09:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-29 11:11 - 2016-09-15 09:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-29 11:11 - 2016-09-15 09:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-29 11:11 - 2016-09-15 09:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-29 11:11 - 2016-09-15 09:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-29 11:11 - 2016-09-15 09:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-29 11:11 - 2016-09-15 09:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-29 11:11 - 2016-09-15 09:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-29 11:11 - 2016-09-15 09:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-29 11:11 - 2016-09-15 09:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-29 11:11 - 2016-09-15 09:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-29 11:11 - 2016-09-15 09:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-29 11:11 - 2016-09-15 09:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-29 11:11 - 2016-09-15 09:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-29 11:11 - 2016-09-15 09:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-29 11:11 - 2016-09-15 09:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-29 11:11 - 2016-09-15 09:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-29 11:11 - 2016-09-15 09:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-29 11:11 - 2016-09-15 09:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-29 11:11 - 2016-09-15 09:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-29 11:11 - 2016-09-15 09:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-29 11:11 - 2016-09-15 09:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-29 11:11 - 2016-09-15 09:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-29 11:11 - 2016-09-15 09:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-29 11:11 - 2016-09-15 09:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-29 11:11 - 2016-09-15 09:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-29 11:11 - 2016-09-15 09:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-29 11:11 - 2016-09-15 09:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-29 11:11 - 2016-09-15 09:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-29 11:11 - 2016-09-15 09:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-29 11:11 - 2016-09-15 09:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-29 11:11 - 2016-09-15 09:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-29 11:11 - 2016-09-15 09:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-29 11:11 - 2016-09-15 09:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-29 11:11 - 2016-09-15 09:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-29 11:11 - 2016-09-15 09:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-29 11:11 - 2016-09-15 09:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-29 11:11 - 2016-09-15 09:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-29 11:11 - 2016-09-15 09:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-29 11:11 - 2016-09-15 09:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-29 11:11 - 2016-09-15 09:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-29 11:11 - 2016-09-15 09:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-29 11:11 - 2016-09-15 09:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-29 11:11 - 2016-09-15 09:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-29 11:11 - 2016-09-15 09:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-29 11:11 - 2016-09-15 09:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-29 11:11 - 2016-09-15 09:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-29 11:11 - 2016-09-15 09:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-29 11:11 - 2016-09-15 09:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-29 11:11 - 2016-09-15 09:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-29 11:11 - 2016-09-15 09:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-29 11:11 - 2016-09-15 09:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-29 11:11 - 2016-09-15 09:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-29 11:11 - 2016-09-15 09:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-29 11:11 - 2016-08-05 20:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-29 11:11 - 2016-08-05 20:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-29 11:11 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 11:02 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-29 11:00 - 2016-09-22 09:37 - 00000000 ____D C:\Users\Johnsory
2016-10-29 11:00 - 2015-06-14 23:28 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-29 10:59 - 2016-09-22 09:37 - 01824996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-29 10:56 - 2016-09-22 09:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-29 10:52 - 2016-09-22 09:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-29 10:52 - 2016-09-22 09:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-29 10:52 - 2015-06-15 21:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-29 01:10 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-28 22:45 - 2015-06-17 23:36 - 00000000 ____D C:\Users\Johnsory\Documents\ShareX
2016-10-28 18:19 - 2016-05-04 19:29 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Battle.net
2016-10-28 17:04 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-28 16:36 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-28 16:36 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-27 19:07 - 2016-02-13 06:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-27 19:06 - 2016-09-22 09:35 - 00343256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-27 19:06 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-27 15:47 - 2016-07-15 23:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-27 15:46 - 2016-07-16 04:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-27 15:46 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-27 15:46 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-27 15:46 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-27 15:46 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-27 15:14 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-26 10:29 - 2015-06-14 23:28 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-26 10:29 - 2015-06-14 23:28 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-24 20:43 - 2015-11-19 21:51 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-10-24 20:36 - 2015-06-17 20:21 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-24 16:30 - 2016-07-16 04:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-24 16:30 - 2016-07-16 04:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-24 15:58 - 2016-05-01 19:12 - 00000000 ____D C:\Program Files\Waterfox
2016-10-24 01:49 - 2015-07-08 20:26 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\vlc
2016-10-24 01:19 - 2016-09-22 09:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-10-24 01:19 - 2016-09-22 09:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-10-24 01:19 - 2016-09-22 09:37 - 00000000 ____D C:\Users\DefaultAppPool
2016-10-24 01:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\registration
2016-10-24 01:19 - 2016-06-26 01:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-10-24 01:19 - 2016-05-04 19:48 - 00000000 ____D C:\Users\Johnsory\Documents\Overwatch
2016-10-24 01:19 - 2016-05-04 19:27 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Battle.net
2016-10-24 01:19 - 2015-06-15 00:52 - 00000000 ____D C:\MSI
2016-10-24 01:19 - 2015-06-15 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2016-10-24 01:19 - 2015-06-15 00:51 - 00000000 ____D C:\Program Files (x86)\MSI
2016-10-24 01:19 - 2015-06-14 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-24 01:19 - 2015-06-14 23:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-24 01:19 - 2015-06-14 23:28 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Macromedia
2016-10-24 00:22 - 2016-09-22 09:37 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-10-24 00:22 - 2015-06-15 00:43 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-22 04:53 - 2016-09-12 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-10-22 04:53 - 2016-09-12 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI® Intel® Extreme Tuning Utility
2016-10-22 04:53 - 2016-08-27 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2016-10-22 04:53 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-22 04:53 - 2016-06-05 18:38 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-10-22 04:53 - 2016-05-26 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-22 04:53 - 2016-05-04 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-10-22 04:53 - 2016-05-04 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-10-22 04:53 - 2016-02-15 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-22 04:53 - 2016-02-03 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-10-22 04:53 - 2015-12-18 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-10-22 04:53 - 2015-10-09 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2016-10-22 04:53 - 2015-10-07 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-10-22 04:53 - 2015-08-02 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radiant
2016-10-22 04:53 - 2015-07-18 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-22 04:53 - 2015-07-11 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack
2016-10-22 04:53 - 2015-06-23 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-10-22 04:53 - 2015-06-17 00:19 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-10-22 04:53 - 2015-06-15 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair
2016-10-22 04:53 - 2015-06-15 00:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-10-22 04:53 - 2015-06-14 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-10-22 04:53 - 2015-06-14 23:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-22 04:53 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-22 04:11 - 2015-10-07 20:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-10-18 11:26 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-15 22:01 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-13 19:46 - 2016-09-22 09:45 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-13 19:46 - 2016-01-24 22:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-12 10:17 - 2016-02-15 01:07 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 10:17 - 2016-02-15 01:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-11 23:51 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-11 23:17 - 2016-05-26 23:25 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Packages
2016-10-11 16:36 - 2016-09-22 09:45 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-10-11 12:17 - 2015-06-17 20:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-11 12:14 - 2015-06-17 20:06 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 10:32 - 2016-07-16 04:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 10:32 - 2016-07-16 04:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-07 15:57 - 2015-06-14 23:54 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\Skype
2016-10-04 10:50 - 2016-09-22 10:33 - 00000000 ____D C:\Windows.old
2016-10-02 09:57 - 2016-06-05 18:38 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\discord
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-29 19:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-29 19:05 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-29 19:05 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism

==================== Files in the root of some directories =======

2016-10-22 01:35 - 2016-10-22 01:35 - 0000000 _____ () C:\Users\Johnsory\AppData\Local\run.txt
2016-10-22 01:35 - 2016-10-22 01:35 - 0000003 _____ () C:\Users\Johnsory\AppData\Local\run1.txt
2016-10-22 01:35 - 2016-10-22 01:36 - 0000000 _____ () C:\Users\Johnsory\AppData\Local\stxtname.txt

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-24 01:39

==================== End of FRST.txt ============================

Attached Files


Edited by ollyoxen, 29 October 2016 - 01:18 PM.


#7 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:12 AM

Posted 31 October 2016 - 02:56 AM

Hi Ollyoxen & Welcome to the forums ^_^,

 

 

Sorry for the delayed response. Too much load ;)

I would be helping you with your computer problems. Right now, I am a trainee at the Bleeping Computer Malware Removal Study Hall.
I am Pranav and now that we are friends, I would like to call you by your first name if that is fine with you   :hug:

All of my proposed fixes and suggestions must be approved by a fully-qualified Malware Removal Instructor. This will delay response times somewhat, but I will endeavor to respond within a reasonable time, normally 48 hours after your last post.

I will need some time to review your FRST logs and consult with the Malware Response Instructor (MRI) who will be assigned to supervise this topic. That could take a few days. Once I have reviewed my proposed response with the assigned MRI, I will reply to you with initial instructions.

While you wait for further instructions, kindly do not run any additional tools as that might complicate the process of fixing your computer and cause delays.

Have a nice day!

Regards,
Pranav 


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#8 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 31 October 2016 - 12:16 PM

Hi Pranav!

 

No worries about the delayed response, I understand that help wanted is in high demand. You can call me Ryan if you'd like, otherwise my username is totally fine too.

 

Thank you so much for taking the time to look over my logs! Looking forward to your next instructions.



#9 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:12 AM

Posted 02 November 2016 - 11:49 AM

Hi Ryan ^_^,

 

Before we start dealing with the problems you are experiencing, I would ask that you to take note of the following points:

  • I am a Bleeping Computer volunteer, so I ask you to be patient. I know it is frustrating when your computer is not working properly, but malware removal takes time.
  • Please also remember that I only dedicate a limited number of hours a day to helping people. We may live in different time zones, which may cause delays in responding.
  • If I have not responded to you within 48 hours, please send me a personal message. Likewise, I expect you to respond within 48 hours, and sooner is better because we can fix your computer faster.
  • If I have not heard from you in three days, I will "bump" your post. After five days of no response, I will consider that you no longer need my assistance and this thread will be closed.
  • Logs can take a while to research, so please be patient.
  • Some issues just cannot be solved so you must be prepared for this.
  • Please read and follow the instructions in the exact sequence that they are posted to avoid making a bad situation worse.
  • Please print or copy and save the instructions.
  • Back up all your data and important files on another (external) drive before starting to run malware removal tools.
  • You should try to limit your browsing with this computer until you are given the "All Clear." Some malware applications steal passwords.
  • Please do not install or uninstall any applications, unless directed. Don't run any scripts or tools on your own because unsupervised usage may cause more harm than good.
  • Please use only that tools you have been instructed to use.
  • If you are using CD/DVD emulation software, this should be uninstalled or disabled as it can interfere with the removal of some malware. It can be turned off with Defogger and then turned back on when you get the "All Clear."
  • Please copy and paste the requested log files inside your post, unless otherwise instructed.
  • There are no silly questions. Ask for clarification, if you have any questions or concerns.
  • Bleeping Computer does not support any piracy. Evidence of illegal OS, software, cracks/keygens, etc., will be revealed by scan logs, and if found, further assistance may be suspended. Uninstall such software before proceeding!
  • Any P2P software such as uTorrent, BitTorrent, Kazaa, etc. must be uninstalled or completely disabled. P2P software is a major security risk to your computer and that may have been the route the malware used to infect your computer. Do not use any P2P software until we conclude your topic.
  • Failure to follow these guidelines may result in assistance being withdrawn and your thread being closed.
  • I am volunteering my time to help you, and I will need you to help me. Together, we can, hopefully, disinfect your computer and get if functioning properly again. That is my only aim.

Let's begin!

 

 

 

Going over your logs I noticed that you have qbittorrent installed
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs as this is by far the most likely reason you were infected!
  • Files that are downloaded from these website are most likely infected, and even though they may appear to be what you wanted, they may infect your computer at the same time! Do not download files from your p2p client and if you do always scan the file with your anti-virus before executing them!
  • Websites that contain links to download are also highly likely to try and infect your computer! Please avoid them as much as possible and if pop-up boxes appear, always try and close them by clicking the cross at the top right of the window or terminating the browser!
  • The best way to eliminate the risk of infection from p2p applications are to avoid these types of web sites and not use any P2P applications.
  • It is pretty much certain that if you continue to use P2P programs, you will get infected again.
 
I would recommend that you uninstall qbittorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it, and remove all files downloaded from it until your computer is cleaned! After your computer is cleaned, please Practice Safe Internet and always scan downloaded files with an anti-virus before executing to minimize risk!
 
 
 
Download attached fixlist.txt file and save it to the Desktop.
 
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Have a nice day!

 

Regards,

Pranav

 

Attached Files


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#10 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 04 November 2016 - 01:35 PM

Hi Pranav,

 

Thanks for your help. I have uninstalled qbittorrent per your request and made sure that all emulation software has been disabled through Defogger. Here is the fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by Johnsory (04-11-2016 11:29:55) Run:1
Running from C:\Users\Johnsory\Desktop
Loaded Profiles: Johnsory (Available Profiles: Johnsory & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicy: Restriction <======= ATTENTION

CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?site=shyos&prd=set_ch&q={searchTerms}&s=GAMzftpbl0cshmoAU,f596b095-a37e-4cb5-9b63-18501afea0d1,
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}

U3 idsvc; no ImagePath

Folder: C:\Users\Johnsory\usb_driver
Folder: C:\WINDOWS\system32\lyqr
Folder: C:\a
Folder: C:\Program Files (x86)\Foul
Folder: C:\Users\Johnsory\AppData\LocalLow\Company
Folder: C:\Users\Johnsory\AppData\Roaming\c
Folder: C:\Users\Johnsory\AppData\Local\Tempfolder
Folder: C:\Program Files (x86)\sysonem
Folder: C:\TOSTACK
Folder: C:\Program Files (x86)\Temp

C:\Users\Johnsory\AppData\Local\stxtname.txt
C:\Users\Johnsory\AppData\Local\run1.txt
C:\Users\Johnsory\AppData\Local\run.txt

Task: {2762F9C5-5B3C-42B4-BE85-36861CB00919} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4E18BD82-A5B9-4231-8B4C-91EF878FBD11} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4EC63DED-DF87-4C66-8F4C-5A9E6E24EEDA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {4F3F174B-FCAC-46D6-BD85-D0A1C358F439} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {54E69766-19A6-455E-873B-BA09F7C0DD51} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {7679FDAC-4F15-4E65-896E-9E94480B9AAF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {84313A81-695D-4A2D-B4BD-09947DA6CA42} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8737B593-7C15-4F5B-9B52-BF6E8E63C65A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {88A22BAE-3485-49C1-8105-612FBCCEF4AD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {9979CF8D-8A45-481A-9DCD-5C5F411EE846} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A33A6A5F-93B5-4E7F-8822-C5415FE429E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A84BFD78-E9D6-4FFC-BB68-3B8A60E235F5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B5235D6B-55E4-4FC5-935E-3BF8A8DC3D65} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BA5E5FBC-3AB6-40DD-A4E7-5A51A7592738} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BDD068D4-4D34-4E2F-A93D-D0BB13D9DC48} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {D34C1ECD-3342-496E-89B7-6AA1D61C5B02} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FF2F5868-7125-4086-9188-3BEBC8A023D7} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
idsvc => service removed successfully

========================= Folder: C:\Users\Johnsory\usb_driver ========================

2016-10-24 20:43 - 2016-10-24 20:43 - 0154113 _____ () C:\Users\Johnsory\usb_driver\installer_x64.exe
2016-10-24 20:43 - 2016-10-24 20:43 - 0129329 _____ () C:\Users\Johnsory\usb_driver\installer_x86.exe
2016-10-24 20:43 - 2016-10-24 20:43 - 0003886 _____ () C:\Users\Johnsory\usb_driver\WUP-028.cat
2016-10-24 20:43 - 2016-10-24 20:43 - 0004530 _____ () C:\Users\Johnsory\usb_driver\WUP-028.inf
2016-10-24 20:43 - 2016-10-24 20:43 - 0000000 ____D () C:\Users\Johnsory\usb_driver\amd64
2016-10-24 20:43 - 2016-10-24 20:43 - 0044544 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\install-filter.exe
2016-10-24 20:43 - 2016-10-24 20:43 - 0076384 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\libusb0.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0052832 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\libusb0.sys
2016-10-24 20:43 - 2016-10-24 20:43 - 0046592 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\libusb0_x86.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0099128 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\libusbK.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0047928 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\libusbK.sys
2016-10-24 20:43 - 2016-10-24 20:43 - 0084280 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\amd64\libusbK_x86.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 1795952 _____ (Microsoft Corporation) C:\Users\Johnsory\usb_driver\amd64\WdfCoInstaller01011.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 1002728 _____ (Microsoft Corporation) C:\Users\Johnsory\usb_driver\amd64\winusbcoinstaller2.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0000000 ____D () C:\Users\Johnsory\usb_driver\license
2016-10-24 20:43 - 2016-10-24 20:43 - 0000000 ____D () C:\Users\Johnsory\usb_driver\license\libusb0
2016-10-24 20:43 - 2016-10-24 20:43 - 0044153 _____ () C:\Users\Johnsory\usb_driver\license\libusb0\installer_license.txt
2016-10-24 20:43 - 2016-10-24 20:43 - 0000000 ____D () C:\Users\Johnsory\usb_driver\x86
2016-10-24 20:43 - 2016-10-24 20:43 - 0046592 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\x86\install-filter.exe
2016-10-24 20:43 - 2016-10-24 20:43 - 0046592 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\x86\libusb0.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0042592 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\x86\libusb0.sys
2016-10-24 20:43 - 2016-10-24 20:43 - 0067680 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\x86\libusb0_x86.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0084280 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\x86\libusbK.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0042552 _____ (http://libusb-win32.sourceforge.net) C:\Users\Johnsory\usb_driver\x86\libusbK.sys
2016-10-24 20:43 - 2016-10-24 20:43 - 1629040 _____ (Microsoft Corporation) C:\Users\Johnsory\usb_driver\x86\WdfCoInstaller01011.dll
2016-10-24 20:43 - 2016-10-24 20:43 - 0851176 _____ (Microsoft Corporation) C:\Users\Johnsory\usb_driver\x86\winusbcoinstaller2.dll

====== End of Folder: ======


========================= Folder: C:\WINDOWS\system32\lyqr ========================

2016-10-22 01:38 - 2016-10-22 02:02 - 0000000 ____D () C:\WINDOWS\system32\lyqr\ike

====== End of Folder: ======


========================= Folder: C:\a ========================

2016-10-22 01:36 - 2016-10-22 01:36 - 0000011 _____ () C:\a\ayyyyy.txt
2016-10-22 01:36 - 2016-10-22 01:36 - 0000001 _____ () C:\a\install.txt

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\Foul ========================


====== End of Folder: ======


========================= Folder: C:\Users\Johnsory\AppData\LocalLow\Company ========================


====== End of Folder: ======


========================= Folder: C:\Users\Johnsory\AppData\Roaming\c ========================


====== End of Folder: ======


========================= Folder: C:\Users\Johnsory\AppData\Local\Tempfolder ========================


====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\sysonem ========================

2016-07-27 10:30 - 2016-07-27 10:30 - 2749972 _____ () C:\Program Files (x86)\sysonem\cef.pak
2016-07-27 10:30 - 2016-07-27 10:30 - 0146067 _____ () C:\Program Files (x86)\sysonem\cef_100_percent.pak
2016-07-27 10:30 - 2016-07-27 10:30 - 0235262 _____ () C:\Program Files (x86)\sysonem\cef_200_percent.pak
2016-07-27 10:30 - 2016-07-27 10:30 - 4409164 _____ () C:\Program Files (x86)\sysonem\cef_extensions.pak
2016-07-27 10:30 - 2016-07-27 10:30 - 4740603 _____ () C:\Program Files (x86)\sysonem\devtools_resources.pak
2016-07-27 10:30 - 2016-07-27 10:30 - 10127152 _____ () C:\Program Files (x86)\sysonem\icudtl.dat
2016-07-27 10:30 - 2016-07-27 10:30 - 0415533 _____ () C:\Program Files (x86)\sysonem\natives_blob.bin
2016-07-27 10:30 - 2016-07-27 10:30 - 0517976 _____ () C:\Program Files (x86)\sysonem\snapshot_blob.bin
2016-10-22 01:35 - 2016-10-22 02:05 - 0000000 ____D () C:\Program Files (x86)\sysonem\che
2016-10-22 01:35 - 2016-10-22 02:05 - 0007168 _____ () C:\Program Files (x86)\sysonem\che\Cookies
2016-10-22 01:35 - 2016-10-22 02:05 - 0000000 _____ () C:\Program Files (x86)\sysonem\che\Cookies-journal
2016-10-22 01:37 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che\data_0
2016-10-22 01:37 - 2016-10-22 02:05 - 0270336 _____ () C:\Program Files (x86)\sysonem\che\data_1
2016-10-22 01:37 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che\data_2
2016-10-22 01:37 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che\data_3
2016-10-22 01:37 - 2016-10-22 02:05 - 0524656 _____ () C:\Program Files (x86)\sysonem\che\index
2016-10-22 01:35 - 2016-10-22 02:05 - 0131072 _____ () C:\Program Files (x86)\sysonem\che\Visited Links
2016-10-22 02:05 - 2016-10-22 02:05 - 0000000 ____D () C:\Program Files (x86)\sysonem\che\GPUCache
2016-10-22 02:05 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che\GPUCache\data_0
2016-10-22 02:05 - 2016-10-22 02:05 - 0270336 _____ () C:\Program Files (x86)\sysonem\che\GPUCache\data_1
2016-10-22 02:05 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che\GPUCache\data_2
2016-10-22 02:05 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che\GPUCache\data_3
2016-10-22 02:05 - 2016-10-22 02:05 - 0262512 _____ () C:\Program Files (x86)\sysonem\che\GPUCache\index
2016-10-22 01:35 - 2016-10-22 02:05 - 0000000 ____D () C:\Program Files (x86)\sysonem\che1
2016-10-22 01:35 - 2016-10-22 02:05 - 0007168 _____ () C:\Program Files (x86)\sysonem\che1\Cookies
2016-10-22 01:35 - 2016-10-22 02:05 - 0000000 _____ () C:\Program Files (x86)\sysonem\che1\Cookies-journal
2016-10-22 01:37 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che1\data_0
2016-10-22 01:37 - 2016-10-22 02:05 - 0270336 _____ () C:\Program Files (x86)\sysonem\che1\data_1
2016-10-22 01:37 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che1\data_2
2016-10-22 01:37 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che1\data_3
2016-10-22 01:37 - 2016-10-22 02:05 - 0524656 _____ () C:\Program Files (x86)\sysonem\che1\index
2016-10-22 01:35 - 2016-10-22 02:06 - 0131072 _____ () C:\Program Files (x86)\sysonem\che1\Visited Links
2016-10-22 02:05 - 2016-10-22 02:05 - 0000000 ____D () C:\Program Files (x86)\sysonem\che1\GPUCache
2016-10-22 02:05 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che1\GPUCache\data_0
2016-10-22 02:05 - 2016-10-22 02:05 - 0270336 _____ () C:\Program Files (x86)\sysonem\che1\GPUCache\data_1
2016-10-22 02:05 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che1\GPUCache\data_2
2016-10-22 02:05 - 2016-10-22 02:05 - 0008192 _____ () C:\Program Files (x86)\sysonem\che1\GPUCache\data_3
2016-10-22 02:05 - 2016-10-22 02:05 - 0262512 _____ () C:\Program Files (x86)\sysonem\che1\GPUCache\index
2016-10-22 01:35 - 2016-10-22 01:35 - 0000000 ____D () C:\Program Files (x86)\sysonem\locales
2016-07-27 09:05 - 2016-07-27 09:05 - 0077527 _____ () C:\Program Files (x86)\sysonem\locales\am.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0076375 _____ () C:\Program Files (x86)\sysonem\locales\ar.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0086110 _____ () C:\Program Files (x86)\sysonem\locales\bg.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0114883 _____ () C:\Program Files (x86)\sysonem\locales\bn.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055675 _____ () C:\Program Files (x86)\sysonem\locales\ca.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055671 _____ () C:\Program Files (x86)\sysonem\locales\cs.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0051068 _____ () C:\Program Files (x86)\sysonem\locales\da.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055396 _____ () C:\Program Files (x86)\sysonem\locales\de.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0096384 _____ () C:\Program Files (x86)\sysonem\locales\el.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0046091 _____ () C:\Program Files (x86)\sysonem\locales\en-GB.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0046171 _____ () C:\Program Files (x86)\sysonem\locales\en-US.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055938 _____ () C:\Program Files (x86)\sysonem\locales\es.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0053969 _____ () C:\Program Files (x86)\sysonem\locales\es-419.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0048380 _____ () C:\Program Files (x86)\sysonem\locales\et.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0075548 _____ () C:\Program Files (x86)\sysonem\locales\fa.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0050631 _____ () C:\Program Files (x86)\sysonem\locales\fi.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0056390 _____ () C:\Program Files (x86)\sysonem\locales\fil.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0058923 _____ () C:\Program Files (x86)\sysonem\locales\fr.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0107875 _____ () C:\Program Files (x86)\sysonem\locales\gu.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0063544 _____ () C:\Program Files (x86)\sysonem\locales\he.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0111058 _____ () C:\Program Files (x86)\sysonem\locales\hi.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0052100 _____ () C:\Program Files (x86)\sysonem\locales\hr.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0056162 _____ () C:\Program Files (x86)\sysonem\locales\hu.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0048968 _____ () C:\Program Files (x86)\sysonem\locales\id.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0053890 _____ () C:\Program Files (x86)\sysonem\locales\it.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0065231 _____ () C:\Program Files (x86)\sysonem\locales\ja.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0123630 _____ () C:\Program Files (x86)\sysonem\locales\kn.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055660 _____ () C:\Program Files (x86)\sysonem\locales\ko.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055901 _____ () C:\Program Files (x86)\sysonem\locales\lt.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0056886 _____ () C:\Program Files (x86)\sysonem\locales\lv.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0134264 _____ () C:\Program Files (x86)\sysonem\locales\ml.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0110576 _____ () C:\Program Files (x86)\sysonem\locales\mr.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0049935 _____ () C:\Program Files (x86)\sysonem\locales\ms.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0050043 _____ () C:\Program Files (x86)\sysonem\locales\nb.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0052308 _____ () C:\Program Files (x86)\sysonem\locales\nl.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0054721 _____ () C:\Program Files (x86)\sysonem\locales\pl.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0054142 _____ () C:\Program Files (x86)\sysonem\locales\pt-BR.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0053929 _____ () C:\Program Files (x86)\sysonem\locales\pt-PT.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0055629 _____ () C:\Program Files (x86)\sysonem\locales\ro.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0084306 _____ () C:\Program Files (x86)\sysonem\locales\ru.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0056091 _____ () C:\Program Files (x86)\sysonem\locales\sk.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0052427 _____ () C:\Program Files (x86)\sysonem\locales\sl.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0082361 _____ () C:\Program Files (x86)\sysonem\locales\sr.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0049750 _____ () C:\Program Files (x86)\sysonem\locales\sv.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0049884 _____ () C:\Program Files (x86)\sysonem\locales\sw.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0127484 _____ () C:\Program Files (x86)\sysonem\locales\ta.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0117722 _____ () C:\Program Files (x86)\sysonem\locales\te.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0104890 _____ () C:\Program Files (x86)\sysonem\locales\th.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0052673 _____ () C:\Program Files (x86)\sysonem\locales\tr.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0087212 _____ () C:\Program Files (x86)\sysonem\locales\uk.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0060615 _____ () C:\Program Files (x86)\sysonem\locales\vi.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0045082 _____ () C:\Program Files (x86)\sysonem\locales\zh-CN.pak
2016-07-27 09:05 - 2016-07-27 09:05 - 0045661 _____ () C:\Program Files (x86)\sysonem\locales\zh-TW.pak
2016-10-22 01:34 - 2016-10-22 01:35 - 0000000 ____D () C:\Program Files (x86)\sysonem\Update

====== End of Folder: ======


========================= Folder: C:\TOSTACK ========================

C:\TOSTACK => File

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\Temp ========================


====== End of Folder: ======

C:\Users\Johnsory\AppData\Local\stxtname.txt => moved successfully
C:\Users\Johnsory\AppData\Local\run1.txt => moved successfully
C:\Users\Johnsory\AppData\Local\run.txt => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2762F9C5-5B3C-42B4-BE85-36861CB00919}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2762F9C5-5B3C-42B4-BE85-36861CB00919}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E18BD82-A5B9-4231-8B4C-91EF878FBD11}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E18BD82-A5B9-4231-8B4C-91EF878FBD11}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EC63DED-DF87-4C66-8F4C-5A9E6E24EEDA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EC63DED-DF87-4C66-8F4C-5A9E6E24EEDA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F3F174B-FCAC-46D6-BD85-D0A1C358F439}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F3F174B-FCAC-46D6-BD85-D0A1C358F439}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54E69766-19A6-455E-873B-BA09F7C0DD51}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54E69766-19A6-455E-873B-BA09F7C0DD51}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7679FDAC-4F15-4E65-896E-9E94480B9AAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7679FDAC-4F15-4E65-896E-9E94480B9AAF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84313A81-695D-4A2D-B4BD-09947DA6CA42}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84313A81-695D-4A2D-B4BD-09947DA6CA42}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8737B593-7C15-4F5B-9B52-BF6E8E63C65A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8737B593-7C15-4F5B-9B52-BF6E8E63C65A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88A22BAE-3485-49C1-8105-612FBCCEF4AD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88A22BAE-3485-49C1-8105-612FBCCEF4AD}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9979CF8D-8A45-481A-9DCD-5C5F411EE846}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9979CF8D-8A45-481A-9DCD-5C5F411EE846}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A33A6A5F-93B5-4E7F-8822-C5415FE429E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A33A6A5F-93B5-4E7F-8822-C5415FE429E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A84BFD78-E9D6-4FFC-BB68-3B8A60E235F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A84BFD78-E9D6-4FFC-BB68-3B8A60E235F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B5235D6B-55E4-4FC5-935E-3BF8A8DC3D65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5235D6B-55E4-4FC5-935E-3BF8A8DC3D65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA5E5FBC-3AB6-40DD-A4E7-5A51A7592738}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA5E5FBC-3AB6-40DD-A4E7-5A51A7592738}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BDD068D4-4D34-4E2F-A93D-D0BB13D9DC48}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDD068D4-4D34-4E2F-A93D-D0BB13D9DC48}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D34C1ECD-3342-496E-89B7-6AA1D61C5B02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D34C1ECD-3342-496E-89B7-6AA1D61C5B02}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF2F5868-7125-4086-9188-3BEBC8A023D7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF2F5868-7125-4086-9188-3BEBC8A023D7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => key removed successfully


The system needed a reboot.

==== End of Fixlog 11:29:56 ====



#11 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:12 AM

Posted 06 November 2016 - 05:05 AM

Hey Ryan ^_^,

 

Looks like the FRST fix has worked as expected. There are still few items which need to be cleaned up.

 

Download attached fixlist.txt file and save it to the Desktop.
 
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 
 
 

Once you are done with the above procedure, I would like you to tell me how your system is running. Are you seeing any problems?
 
Also, do you recognize the below folder and it's contents by any chance?
C:\Program Files (x86)\sysonem
 
Let's see if you are still seeing those popups after the above procedure.
 
Have a nice day!
 
 
Regards,
Pranav

 

Attached Files


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#12 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 07 November 2016 - 01:30 AM

Hi again, Pranav!

 

Thank you so much for your help so far! I have pasted the fixlog below, it seems like everything went through fine. The hourly pop-ups are still persisting however. The FRST fix didn't ask to restart my computer but I may do that and see if it has any effect.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by Johnsory (06-11-2016 15:28:31) Run:2
Running from C:\Users\Johnsory\Desktop
Loaded Profiles: Johnsory (Available Profiles: Johnsory & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
2016-10-22 01:38 - 2016-10-22 01:38 - 00000000 ____D C:\WINDOWS\system32\lyqr
2016-10-22 01:36 - 2016-10-22 03:10 - 00000000 ____D C:\a
2016-10-22 01:36 - 2016-10-22 02:02 - 00000000 ____D C:\Program Files (x86)\Foul
2016-10-22 01:35 - 2016-10-22 02:02 - 00000000 ____D C:\Users\Johnsory\AppData\LocalLow\Company
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Users\Johnsory\AppData\Roaming\c
2016-10-22 01:35 - 2016-10-22 01:35 - 00000000 ____D C:\Users\Johnsory\AppData\Local\Tempfolder
2016-10-22 01:34 - 2016-10-22 01:34 - 00000000 _____ C:\TOSTACK
2016-10-24 00:22 - 2015-06-15 00:43 - 00000000 ___HD C:\Program Files (x86)\Temp

*****************

C:\WINDOWS\system32\lyqr => moved successfully
C:\a => moved successfully
C:\Program Files (x86)\Foul => moved successfully
C:\Users\Johnsory\AppData\LocalLow\Company => moved successfully
C:\Users\Johnsory\AppData\Roaming\c => moved successfully
C:\Users\Johnsory\AppData\Local\Tempfolder => moved successfully
C:\TOSTACK => moved successfully
C:\Program Files (x86)\Temp => moved successfully

==== End of Fixlog 15:28:32 ====

 

 

As for the sysonem folder, I have no idea what it is. In fact, googling sysonem has this thread as the first link. I've taken some screenshots of its contents, maybe you might have an idea.

 

krFjghH.png

 

Update folder is empty

 

RhoFz1K.png

 

che and che1 have the same contents

 

nG0ngKF.png

7DdF5nO.png



#13 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:12 AM

Posted 09 November 2016 - 07:47 AM

Hey Ryan ^_^,

 

Let's remove that folder. Don't worry, we can restore it in case we want it back ;)

 

 

 

Download attached fixlist.txt file and save it to the Desktop.
 
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 
 
 
ESET Online Scanner:
 
Note: You will need to disable your currently installed Anti-Virus, how to do so can be read here.
  • Please go here, download the ESET Smart Installer, and save it to your desktop.
  • Double-click on the esetimage.png you just downloaded.
  • Place a checkmark next to "YES, I accept the Terms of Use" and click the shieldstart.png button.
  • Click "Yes" to the UAC (User Account Control) warning, then ESET will download its components, register itself, and start itself.
  • In the new window that opens, tick the radio button next to Enable detection of potentially unwanted applications.
  • Then click "Advanced settings", and make sure there is a checkmark next to only the following items (uncheck everything else):
  • Remove found threats
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
 
 
  • Now click on: start.png
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. ...The scan may appear to be finished sometimes...if there is a progress bar visible, it is still scanning!
  • When the scan completes, click List Found Threats (only if anything is found).
  • Then click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click back.png, then click finish.png to exit ESET Online Scanner.
 
Don't forget to re-enable your antivirus when finished!
 
 
 
Don't worry about the CMD.exe popping up right now  :)
 
Have a nice day!
 
Regards,
Pranav

 

Attached Files


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/

#14 ollyoxen

ollyoxen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:42 PM

Posted 10 November 2016 - 02:27 AM

Hi Pranav,

 

Here is the fixlog

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by Johnsory (09-11-2016 22:57:14) Run:3
Running from C:\Users\Johnsory\Desktop
Loaded Profiles: Johnsory (Available Profiles: Johnsory & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
2016-10-22 01:34 - 2016-10-22 03:10 - 00000000 ____D C:\Program Files (x86)\sysonem

*****************

C:\Program Files (x86)\sysonem => moved successfully

==== End of Fixlog 22:57:14 ====

 

 

 

I'm having issues with finding the ESET Smart Installer. The link you provided offers these two options:

 

130Zo0A.png

 

I pursued the "FREE DOWNLOAD" option and installed ESET's NOD32 Antivirus that looks like this:

 

wxGc3aC.png

 

 

With the advanced settings being:

 

Qbx2OnF.png

 

To go along with many more tabs of options. I haven't run any scans yet, maybe NOD32 is an updated version compared to your instructions? Also, Should I be uninstalling ESET's antivirus after scanning to prevent issues with my current antivirus?



#15 blueelvis

blueelvis

    Bleep Blop Bleep


  • Malware Response Team
  • 1,666 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:12 AM

Posted 12 November 2016 - 12:09 PM

Greetings ollyoxen ^_^,

 

 

You had to select the "Scan Now" option. Click on that option. Leave the installed version of ESET as it is and we will deal with it later :)

 

 

-Pranav


Member of the Bleeping Computer A.I.I. early response team!


In case I have been helping you and you haven't received a reply from me in 48 hours, please feel free to PM me. Anything else? Still feel free to PM me :)

Did you read this? http://omgdebugging.com/5-tips-for-getting-the-best-bang-for-the-buck-at-fast-food-joints/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users