Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malicious background activity keeps reinstalling virus malware


  • This topic is locked This topic is locked
1 reply to this topic

#1 pr0tox

pr0tox

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:32 AM

Posted 11 April 2017 - 08:20 AM

Hello, my laptop has been infected with some malicious virus that keeps reinstall other malware whenever i remove it, so it must be running in the background that my security programs can not detect.

I have tried many suggested programs out there when you google to remove this but same things keep happening and viruses keeps reappearing without me downloading anything to the computer. I am now at a point where i run Malwarebytes and HitmanPro everyday and they find same virus/malware appear almost everyday i remove them.. Other programs i have used are also AdwCleaner and even run rkill before going through all those scans as well but it still keeps happening.

 

I stumbled upon this thread which sounds very similar to the virus I have been hit with.

https://www.bleepingcomputer.com/forums/t/643130/shady-services-running-in-background-unattended-installations-etc/

I have the same problem where the virus suddenly close my main web browser: google chrome and then reinstalls, what i assume to be malicious version of google chrome as well as firefox. Whenever that happens i always run my security scans and always find A LOT of malware to remove but it happens over again after a day or two. I am not super tech savvy but i know my way around a computer decently. 

 

I am fairly certain that all of this stems from a p2p torrent i downloaded, which i was already aware of is a big security risk, but i have been very careful when using it and have not had any problems for 3 years using it. I am aware you do not reccommend the use of p2p torrenting and I have not used it since my last scan and will stop using it from now on. 

 

I have also had my external drive connected to my laptop several times while being infected, should i worried about this?

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by William (administrator) on LILLITH (11-04-2017 14:49:28)
Running from C:\Users\William\Downloads
Loaded Profiles: William (Available Profiles: William)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\HPWA\iBTAudioSrv.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
(Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hammer & Chisel, Inc.) C:\Users\William\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\William\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\William\AppData\Local\Discord\app-0.0.297\Discord.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17022.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
() C:\Program Files (x86)\Nasitain\_ALLOWDEL_48073a6\Kyubey.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Antanna\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3936936 2015-06-29] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-03-02] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-03-23] (Valve Corporation)
HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\Run: [f.lux] => C:\Users\William\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-03-28] (Nota Inc.)
HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\Run: [Discord] => C:\Users\William\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\Run: [Chromium] => c:\users\william\appdata\local\chromium\application\chrome.exe [1035264 2016-03-17] (The Chromium Authors)
HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4001848 2016-12-16] (Tonec Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} =>  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iBTAudioMon.lnk [2017-03-21]
ShortcutTarget: iBTAudioMon.lnk -> C:\Program Files (x86)\Intel\HPWA\iBTAudioMon.exe (Intel Corporation)
Startup: C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-04-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.18.21.2 172.18.21.34
Tcpip\..\Interfaces\{289fbf3b-24f3-41bd-8c77-bf16a7506180}: [DhcpNameServer] 172.18.21.2 172.18.21.34
Tcpip\..\Interfaces\{66d80053-0a0c-4e37-be4c-8caafe084274}: [DhcpNameServer] 10.20.20.22 172.18.0.36 10.20.20.21
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-03-06] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-04] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-03-06] (Microsoft Corporation)
 
Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-1900891476-2876526225-988112129-1001 -> hxxp://www.google.com
 
FireFox:
========
FF DefaultProfile: u40p4y9i.default
FF ProfilePath: C:\Users\William\AppData\Roaming\Firefox\Firefox\Profiles\u40p4y9i.default [2017-04-11]
FF HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\William\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\William\AppData\Roaming\IDM\idmmzcc5 [2017-04-11] [not signed]
FF HKU\S-1-5-21-1900891476-2876526225-988112129-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-11-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2016-06-24] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-11] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1900891476-2876526225-988112129-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\William\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.161\npGatewayNpapi.dll [2016-12-14] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1900891476-2876526225-988112129-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\William\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.161\npGatewayNpapi-x64.dll [2016-12-14] (Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-10] <==== ATTENTION
CHR Extension: (Google Dokumenter) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-01]
CHR Extension: (Google Drev) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-01]
CHR Extension: (YouTube) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-01]
CHR Extension: (Honey) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-04-08]
CHR Extension: (uBlock Origin) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-02]
CHR Extension: (Google Docs Offline) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-01]
CHR Extension: (OneNote Web Clipper) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gojbdfnpnhogfdgjbigejoaolejmgdhk [2017-04-07]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-04-02]
CHR Extension: (The Great Suspender) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2017-04-02]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-04-02]
CHR Extension: (Ghostery) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-04-02]
CHR Extension: (Betalinger i Chrome Webshop) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-01]
CHR Extension: (Gmail) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\William\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-01]
CHR Profile: C:\Users\William\AppData\Local\Google\Chrome\User Data\Default [2017-03-21]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-15]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-15]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-15]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-15]
CHR Extension: (Adblock Plus) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Pushbullet) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2016-11-02]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-15]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-15]
CHR Extension: (Reddit votes) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\geedigenhgnhbebebbjlidlalocdggjl [2016-02-15]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-08]
CHR Extension: (Old /r/leagueoflegends Theme) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphhelabfkiefgapcfagibfcopbebfbd [2016-02-15]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-02-23]
CHR Extension: (StayFocusd) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji [2016-02-15]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-05-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-19]
CHR Extension: (No Name) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-15]
CHR Extension: (Chrome Media Router) - C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-23]
CHR HKLM\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-1900891476-2876526225-988112129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bpmmandcadflhnnaiclipadomfmdbjbp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3737792 2017-03-26] (Microsoft Corporation)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-09] ()
S4 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-16] (GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-16] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2016-05-23] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 iBTAudioSrv; C:\Program Files (x86)\Intel\HPWA\iBTAudioSrv.exe [560584 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-10] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2014-04-10] (Intel Corporation)
R2 MVCSrv; C:\ProgramData\Package Cache\{2A002F88-FD5D-379B-A350-A25D84AF128B}v14.0.25420\packages\VisualC_D14\VC_IDE.Base\VC_IDE_Base.dll [105984 2017-03-28] () [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69768 2017-03-21] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-06-29] (Synaptics Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-09] ()
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2017-03-29] (Bitdefender)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-09] ()
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2017-03-29] (Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2017-03-29] (Bitdefender)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-07-18] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [342016 2016-12-13] (BitDefender S.R.L. Bucharest, ROMANIA)
S3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [28648 2015-09-11] (ELECOM)
S3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [27624 2015-09-11] (ELECOM)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216 2017-04-11] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2014-04-10] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3515664 2016-01-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvrzwu.inf_amd64_c4003218aed4ab4f\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows ® Win 7 DDK provider)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [48296 2015-06-29] (Synaptics Incorporated)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
U0 ypwyrwlu; C:\WINDOWS\System32\drivers\hdrbyg.sys [79064 2017-04-11] (Malwarebytes)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-11 14:49 - 2017-04-11 14:49 - 00034265 _____ C:\Users\William\Downloads\FRST.txt
2017-04-11 14:46 - 2017-04-11 14:49 - 00000000 ____D C:\FRST
2017-04-11 14:45 - 2017-04-11 14:45 - 02424832 _____ (Farbar) C:\Users\William\Downloads\FRST64.exe
2017-04-11 14:10 - 2017-04-11 14:11 - 00000000 ____D C:\Users\William\Downloads\UnlicensedMusic
2017-04-11 14:02 - 2017-04-11 14:02 - 01247298 _____ C:\Users\William\Downloads\Lektion 1 Strategi forelæsning 1 Introduktion f2017.pptx
2017-04-11 14:02 - 2017-04-11 14:02 - 00000165 ____H C:\Users\William\Downloads\~$Lektion 1 Strategi forelæsning 1 Introduktion f2017.pptx
2017-04-11 14:00 - 2017-04-11 14:00 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\hdrbyg.sys
2017-04-11 12:35 - 2017-04-11 13:31 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-04-11 12:35 - 2017-04-11 12:45 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-04-11 12:35 - 2017-04-11 12:35 - 00000000 ____D C:\Users\William\AppData\Roaming\Firefox
2017-04-11 12:35 - 2017-04-11 12:35 - 00000000 ____D C:\Users\William\AppData\Local\Firefox
2017-04-11 11:21 - 2017-04-11 13:00 - 00000000 ____D C:\Users\William\AppData\Roaming\WinSAPSvc
2017-04-11 11:21 - 2017-04-11 13:00 - 00000000 ____D C:\Users\William\AppData\Local\SNARER
2017-04-11 04:06 - 2017-04-11 04:06 - 00000000 ___RD C:\Users\William\Creative Cloud Files
2017-04-11 04:04 - 2017-04-11 04:04 - 00001303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-04-11 04:04 - 2017-04-11 04:04 - 00001291 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-04-11 04:03 - 2017-04-11 04:03 - 00814168 _____ (Adobe Systems Incorporated) C:\Users\William\Downloads\CreativeCloudSet-Up.exe
2017-04-10 23:15 - 2017-04-10 23:15 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2017-04-10 23:02 - 2017-04-10 23:04 - 00000000 ____D C:\Users\William\Desktop\pro
2017-04-10 16:03 - 2017-04-11 12:35 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-04-10 16:00 - 2017-04-10 16:00 - 00029372 _____ C:\ProgramData\agent.update.1491832852.bdinstall.bin
2017-04-10 15:45 - 2017-04-10 16:01 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-10 15:39 - 2017-04-10 15:39 - 00079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\lwgifa.sys
2017-04-10 15:22 - 2017-04-11 12:35 - 00002074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-10 15:22 - 2017-04-10 15:22 - 00000000 ____D C:\Users\William\AppData\Local\Antanna
2017-04-10 15:22 - 2017-04-10 15:22 - 00000000 ____D C:\ProgramData\common
2017-04-10 15:21 - 2017-04-10 15:21 - 00000000 ____D C:\Program Files (x86)\Antanna
2017-04-08 21:48 - 2017-04-10 16:04 - 00000549 _____ C:\Users\William\Desktop\JRT.txt
2017-04-08 21:31 - 2017-04-08 21:31 - 04089296 _____ C:\Users\William\Downloads\adwcleaner_6.045.exe
2017-04-08 21:29 - 2017-04-11 13:09 - 00004992 _____ C:\Users\William\Desktop\Rkill.txt
2017-04-08 21:29 - 2017-04-08 21:29 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\William\Downloads\rkill.com
2017-04-08 21:27 - 2017-04-08 21:27 - 00000000 ___HD C:\OneDriveTemp
2017-04-07 22:03 - 2017-04-11 04:06 - 00000000 ____D C:\Users\William\AppData\Roaming\Adobe
2017-04-07 22:03 - 2017-04-11 04:06 - 00000000 ____D C:\ProgramData\Adobe
2017-04-07 22:03 - 2017-04-07 22:03 - 00000000 ____D C:\Users\William\AppData\Local\Adobe
2017-04-07 22:03 - 2017-04-07 22:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-04-07 15:42 - 2017-04-08 16:10 - 00000000 _____ C:\WINDOWS\SysWOW64\1
2017-04-07 09:31 - 2017-04-07 09:31 - 00000000 ____D C:\Program Files (x86)\MIO
2017-04-07 05:36 - 2017-04-07 05:36 - 00084548 ____H C:\Users\William\Desktop\~WRL4001.tmp
2017-04-03 06:14 - 2017-04-03 06:14 - 00000000 ____D C:\Users\William\AppData\Local\Adobe-BackupByPhotoshopCS6Portable
2017-04-03 06:14 - 2017-04-03 06:14 - 00000000 ____D C:\ProgramData\Adobe-BackupByPhotoshopCS6Portable
2017-04-03 06:14 - 2017-04-03 06:14 - 00000000 ____D C:\Program Files\Common Files\Adobe-BackupByPhotoshopCS6Portable
2017-04-02 23:05 - 2017-04-02 23:14 - 00000000 ____D C:\WINDOWS\LastGood
2017-04-02 22:58 - 2017-04-02 22:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2017-04-01 21:35 - 2017-04-01 21:35 - 00000000 _____ C:\autoexec.bat
2017-03-31 15:05 - 2017-04-01 16:45 - 00000000 _____ C:\WINDOWS\SysWOW64\3
2017-03-31 01:00 - 2017-03-31 01:00 - 00000000 ____D C:\Update
2017-03-29 20:26 - 2017-03-29 20:26 - 00028889 _____ C:\Users\William\Desktop\xyz (1).pdf
2017-03-29 04:25 - 2017-03-29 04:25 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-29 04:25 - 2017-03-29 04:25 - 00000000 ____D C:\ProgramData\RzSurroundVAD_1.1.62.0
2017-03-29 04:25 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2017-03-28 17:13 - 2017-04-11 12:36 - 00000000 ____D C:\Users\William\AppData\LocalLow\Mozilla
2017-03-28 17:13 - 2017-03-28 17:13 - 00000000 ____D C:\Users\William\AppData\Roaming\Mozilla
2017-03-27 02:59 - 2017-03-27 02:59 - 00000000 ____D C:\WINDOWS\Panther
2017-03-26 10:23 - 2017-03-26 10:23 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-03-21 16:58 - 2017-03-21 16:58 - 00000000 ____D C:\Users\William\Documents\OneNote Notebooks
2017-03-21 14:54 - 2017-04-01 17:28 - 00000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-03-21 14:54 - 2017-04-01 16:50 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\subinacl.exe
2017-03-21 05:12 - 2017-03-21 05:12 - 00105088 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2017-03-21 05:12 - 2017-03-21 05:12 - 00048776 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzAPIChromaSDK.dll
2017-03-21 05:11 - 2017-03-21 05:11 - 00114816 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2017-03-21 01:40 - 2017-04-10 16:00 - 00000000 ____D C:\AdwCleaner
2017-03-21 01:15 - 2017-04-10 01:44 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2017-03-21 01:15 - 2017-03-21 01:15 - 00001409 _____ C:\WINDOWS\QTFont.for
2017-03-21 00:45 - 2017-03-21 00:45 - 00001197 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2017-03-21 00:45 - 2017-03-21 00:45 - 00000000 ____D C:\Users\William\AppData\Local\Bitdefender Antivirus Free
2017-03-21 00:45 - 2016-03-14 23:04 - 00023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-03-21 00:44 - 2017-03-21 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free
2017-03-21 00:44 - 2017-03-21 00:44 - 00000000 ____D C:\ProgramData\Bitdefender
2017-03-21 00:44 - 2016-12-13 19:18 - 00342016 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\edrsensor.sys
2017-03-21 00:44 - 2016-10-29 10:54 - 00182944 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-03-21 00:44 - 2016-09-20 05:17 - 01605376 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-03-21 00:44 - 2016-09-20 05:16 - 00878072 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2017-03-21 00:44 - 2016-06-22 16:40 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-03-21 00:42 - 2017-04-11 14:33 - 00000000 ____D C:\Program Files\Bitdefender Antivirus Free
2017-03-21 00:40 - 2017-03-21 00:40 - 00028778 _____ C:\ProgramData\agent.1490049627.bdinstall.bin
2017-03-21 00:32 - 2017-04-11 13:10 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-21 00:32 - 2017-04-01 22:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-03-21 00:32 - 2017-03-21 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-03-21 00:32 - 2016-03-10 15:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-21 00:32 - 2016-03-10 15:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-03-21 00:32 - 2016-03-10 15:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-21 00:29 - 2017-03-21 00:29 - 00000258 __RSH C:\Users\William\ntuser.pol
2017-03-21 00:23 - 2017-03-21 00:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\temp
2017-03-21 00:18 - 2017-03-21 00:18 - 00003644 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-03-21 00:03 - 2017-03-21 00:29 - 00000000 ___HD C:\ProgramData\385i856i960T208
2017-03-21 00:03 - 2017-03-21 00:09 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-03-21 00:02 - 2017-04-11 13:00 - 00000000 ____D C:\Program Files (x86)\Nasitain
2017-03-21 00:02 - 2017-03-21 00:29 - 00000000 ____D C:\Users\William\AppData\Roaming\Phaveshplermaent
2017-03-21 00:02 - 2017-03-21 00:02 - 00006122 _____ C:\WINDOWS\System32\Tasks\Clipospnefuent Helper
2017-03-21 00:02 - 2017-03-21 00:02 - 00000000 ____D C:\Users\William\AppData\Local\Tidotyatqerk
2017-03-21 00:00 - 2017-03-21 00:00 - 00021590 _____ C:\WINDOWS\System32\Tasks\NHXsy3kcAoIn
2017-03-20 19:08 - 2017-03-20 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2017-03-20 06:38 - 2017-03-20 06:38 - 00003274 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2017-03-20 06:16 - 2017-03-21 00:21 - 00001440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-03-20 06:16 - 2017-03-21 00:21 - 00001371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-03-20 06:16 - 2017-03-20 06:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2017-03-20 06:16 - 2017-03-20 06:16 - 00000000 ____D C:\Program Files (x86)\Windows Movie Maker
2017-03-20 06:16 - 2017-03-20 06:16 - 00000000 ____D C:\Program Files (x86)\Windows Live
2017-03-20 05:54 - 2017-03-21 14:48 - 00000000 ___RD C:\Users\William\Creative Cloud Files (archived) (1)
2017-03-20 05:34 - 2017-04-02 18:55 - 00000000 ____D C:\Program Files\Adobe
2017-03-20 05:23 - 2017-04-11 01:17 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-03-20 04:37 - 2017-03-20 04:37 - 00000000 ____D C:\Users\William\AppData\Roaming\MPEG Streamclip
2017-03-20 04:37 - 2017-03-20 04:37 - 00000000 ____D C:\ProgramData\Apple Computer
2017-03-20 04:37 - 2017-03-20 04:37 - 00000000 _____ C:\Users\William\AppData\LocalLow\QuickTime.qtp
2017-03-20 04:37 - 2007-04-27 10:42 - 00065536 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTimeVR.qtx
2017-03-20 04:37 - 2007-04-27 10:42 - 00049152 _____ (Apple Inc.) C:\WINDOWS\SysWOW64\QuickTime.qts
2017-03-20 04:36 - 2017-03-20 04:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime Alternative
2017-03-20 04:36 - 2017-03-20 04:37 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative
2017-03-20 04:36 - 2017-03-20 04:36 - 00000000 ____D C:\Program Files (x86)\Media Player Classic
2017-03-20 04:33 - 2017-03-20 04:33 - 00000000 ____D C:\Users\William\AppData\LocalLow\Apple Computer
2017-03-20 04:31 - 2017-04-07 18:30 - 00000000 ____D C:\Users\William\Downloads\Compressed
2017-03-20 03:16 - 2017-03-20 03:16 - 00000000 ____D C:\Users\William\Documents\Adobe
2017-03-18 01:49 - 2017-03-18 01:49 - 00003338 _____ C:\WINDOWS\System32\Tasks\{1BE46EF7-C934-4457-8078-57584432D6C8}
2017-03-15 00:20 - 2017-03-04 08:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 00:20 - 2017-03-04 08:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-15 00:20 - 2017-03-04 08:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-15 00:20 - 2017-03-04 08:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-15 00:20 - 2017-03-04 08:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-15 00:20 - 2017-03-04 08:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-15 00:20 - 2017-03-04 08:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-15 00:20 - 2017-03-04 08:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-15 00:20 - 2017-03-04 08:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-15 00:20 - 2017-03-04 08:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-15 00:20 - 2017-03-04 08:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-15 00:20 - 2017-03-04 08:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-15 00:20 - 2017-03-04 08:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 00:20 - 2017-03-04 08:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-15 00:20 - 2017-03-04 08:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 00:20 - 2017-03-04 08:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-15 00:20 - 2017-03-04 08:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-15 00:20 - 2017-03-04 08:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-15 00:20 - 2017-03-04 08:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-15 00:20 - 2017-03-04 08:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-15 00:20 - 2017-03-04 08:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-15 00:20 - 2017-03-04 08:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-15 00:20 - 2017-03-04 08:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 00:20 - 2017-03-04 08:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-15 00:20 - 2017-03-04 08:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 00:20 - 2017-03-04 08:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-15 00:20 - 2017-03-04 08:05 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-03-15 00:20 - 2017-03-04 08:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 00:20 - 2017-03-04 08:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 00:20 - 2017-03-04 08:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 00:20 - 2017-03-04 08:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-15 00:20 - 2017-03-04 08:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-15 00:20 - 2017-03-04 08:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-15 00:20 - 2017-03-04 08:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-15 00:20 - 2017-03-04 08:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 00:20 - 2017-03-04 08:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 00:20 - 2017-03-04 08:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-15 00:20 - 2017-03-04 08:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-15 00:19 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-15 00:19 - 2017-03-04 09:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-15 00:19 - 2017-03-04 09:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-15 00:19 - 2017-03-04 09:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 00:19 - 2017-03-04 09:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 00:19 - 2017-03-04 09:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 00:19 - 2017-03-04 09:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 00:19 - 2017-03-04 09:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 00:19 - 2017-03-04 09:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 00:19 - 2017-03-04 09:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 00:19 - 2017-03-04 09:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 00:19 - 2017-03-04 09:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 00:19 - 2017-03-04 09:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 00:19 - 2017-03-04 09:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 00:19 - 2017-03-04 09:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 00:19 - 2017-03-04 09:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 00:19 - 2017-03-04 09:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 00:19 - 2017-03-04 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 00:19 - 2017-03-04 09:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 00:19 - 2017-03-04 09:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 00:19 - 2017-03-04 09:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 00:19 - 2017-03-04 09:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 00:19 - 2017-03-04 09:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 00:19 - 2017-03-04 09:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 00:19 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 00:19 - 2017-03-04 09:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 00:19 - 2017-03-04 09:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 00:19 - 2017-03-04 09:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 00:19 - 2017-03-04 09:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 00:19 - 2017-03-04 09:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 00:19 - 2017-03-04 09:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 00:19 - 2017-03-04 09:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 00:19 - 2017-03-04 09:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 00:19 - 2017-03-04 09:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 00:19 - 2017-03-04 09:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 00:19 - 2017-03-04 09:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-15 00:19 - 2017-03-04 09:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 00:19 - 2017-03-04 09:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-15 00:19 - 2017-03-04 09:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 00:19 - 2017-03-04 09:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 00:19 - 2017-03-04 09:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 00:19 - 2017-03-04 09:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 00:19 - 2017-03-04 09:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 00:19 - 2017-03-04 09:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 00:19 - 2017-03-04 09:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 00:19 - 2017-03-04 08:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 00:19 - 2017-03-04 08:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-15 00:19 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-15 00:19 - 2017-03-04 08:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 00:19 - 2017-03-04 08:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 00:19 - 2017-03-04 08:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-15 00:19 - 2017-03-04 08:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-15 00:19 - 2017-03-04 08:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-15 00:19 - 2017-03-04 08:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-15 00:19 - 2017-03-04 08:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 00:19 - 2017-03-04 08:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-15 00:19 - 2017-03-04 08:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 00:19 - 2017-03-04 08:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 00:19 - 2017-03-04 08:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-15 00:19 - 2017-03-04 08:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-15 00:19 - 2017-03-04 08:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-15 00:19 - 2017-03-04 08:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 00:19 - 2017-03-04 08:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 00:19 - 2017-03-04 08:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 00:19 - 2017-03-04 08:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 00:19 - 2017-03-04 08:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-15 00:19 - 2017-03-04 08:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-15 00:19 - 2017-03-04 08:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-15 00:19 - 2017-03-04 08:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-15 00:19 - 2017-03-04 08:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 00:19 - 2017-03-04 08:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 00:19 - 2017-03-04 08:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 00:19 - 2017-03-04 08:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 00:19 - 2017-03-04 08:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 00:19 - 2017-03-04 08:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 00:19 - 2017-03-04 08:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 00:19 - 2017-03-04 08:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 00:19 - 2017-03-04 08:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 00:19 - 2017-03-04 08:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 00:19 - 2017-03-04 08:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 00:19 - 2017-03-04 08:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 00:19 - 2017-03-04 08:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 00:19 - 2017-03-04 08:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 00:19 - 2017-03-04 08:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-15 00:19 - 2017-03-04 08:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 00:19 - 2017-03-04 08:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 00:19 - 2017-03-04 08:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 00:19 - 2017-03-04 08:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 00:19 - 2017-03-04 08:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 00:19 - 2017-03-04 08:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 00:19 - 2017-03-04 08:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 00:19 - 2017-03-04 08:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 00:19 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 00:19 - 2017-03-04 08:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 00:19 - 2017-03-04 08:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 00:19 - 2017-03-04 08:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 00:19 - 2017-03-04 08:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 00:19 - 2017-03-04 08:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 00:19 - 2017-03-04 08:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 00:19 - 2017-03-04 08:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 00:19 - 2017-03-04 08:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-15 00:19 - 2017-03-04 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 00:19 - 2017-03-04 08:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 00:19 - 2017-03-04 08:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 00:19 - 2017-03-04 08:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 00:19 - 2017-03-04 08:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 00:19 - 2017-03-04 08:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 00:19 - 2017-03-04 08:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 00:19 - 2017-03-04 08:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 00:19 - 2017-03-04 08:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 00:19 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-15 00:19 - 2017-03-04 08:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 00:19 - 2017-03-04 08:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 00:19 - 2017-03-04 08:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 00:19 - 2017-03-04 08:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 00:19 - 2017-03-04 08:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 00:19 - 2017-03-04 08:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-15 00:19 - 2017-03-04 08:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-15 00:19 - 2017-03-04 08:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 00:19 - 2017-03-04 08:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-15 00:19 - 2017-03-04 08:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 00:19 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 00:19 - 2017-03-04 08:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 00:19 - 2017-03-04 08:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-15 00:19 - 2017-03-04 08:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 00:19 - 2017-03-04 08:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 00:19 - 2017-03-04 08:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 00:19 - 2017-03-04 08:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 00:19 - 2017-03-04 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 00:19 - 2017-03-04 08:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 00:19 - 2017-03-04 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 00:19 - 2017-03-04 08:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 02221056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 00:19 - 2017-03-04 08:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-15 00:19 - 2017-03-04 08:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 00:19 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 00:19 - 2017-03-04 08:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-15 00:19 - 2017-03-04 08:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-15 00:19 - 2017-03-04 08:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 00:19 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 00:19 - 2017-03-04 08:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-15 00:19 - 2017-03-04 08:13 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-03-15 00:19 - 2017-03-04 08:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 00:19 - 2017-03-04 08:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 00:19 - 2017-03-04 08:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-15 00:19 - 2017-03-04 08:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 00:19 - 2017-03-04 08:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 00:19 - 2017-03-04 08:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 00:19 - 2017-03-04 08:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 00:19 - 2017-03-04 08:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 00:19 - 2017-03-04 08:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 00:19 - 2017-03-04 08:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 00:19 - 2017-03-04 08:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 00:19 - 2017-03-04 08:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-15 00:19 - 2017-03-04 08:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 00:19 - 2017-03-04 08:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-15 00:19 - 2017-03-04 08:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 00:19 - 2017-03-04 08:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 00:19 - 2017-03-04 08:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 00:19 - 2017-03-04 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-15 00:19 - 2017-03-04 08:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-15 00:19 - 2017-03-04 08:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-15 00:19 - 2017-03-04 08:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 00:19 - 2017-03-04 08:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 00:19 - 2017-03-04 08:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-15 00:19 - 2017-03-04 08:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-15 00:19 - 2017-03-04 08:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-15 00:19 - 2017-03-04 08:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 00:19 - 2017-03-04 08:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-15 00:19 - 2017-03-04 08:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 00:19 - 2017-03-04 08:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 00:19 - 2017-03-04 08:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 00:19 - 2017-03-04 08:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 00:19 - 2017-03-04 08:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 00:19 - 2017-03-04 08:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-15 00:19 - 2017-03-04 08:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-15 00:19 - 2017-03-04 08:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 00:19 - 2017-03-04 08:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-15 00:19 - 2017-03-04 07:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 00:19 - 2017-03-04 07:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 00:19 - 2017-03-04 07:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-15 00:19 - 2017-03-04 07:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-15 00:19 - 2017-03-04 07:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 00:19 - 2017-03-04 07:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-15 00:19 - 2017-03-04 07:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-15 00:19 - 2017-02-22 04:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 00:18 - 2017-03-04 09:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 00:18 - 2017-03-04 09:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 00:18 - 2017-03-04 09:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 00:18 - 2017-03-04 09:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 00:18 - 2017-03-04 09:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 00:18 - 2017-03-04 09:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 00:18 - 2017-03-04 09:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 00:18 - 2017-03-04 09:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 00:18 - 2017-03-04 09:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 00:18 - 2017-03-04 09:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 00:18 - 2017-03-04 09:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 00:18 - 2017-03-04 09:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 00:18 - 2017-03-04 09:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 00:18 - 2017-03-04 09:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 00:18 - 2017-03-04 09:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 00:18 - 2017-03-04 09:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 00:18 - 2017-03-04 09:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 00:18 - 2017-03-04 09:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-15 00:18 - 2017-03-04 09:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 00:18 - 2017-03-04 09:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 00:18 - 2017-03-04 09:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 00:18 - 2017-03-04 09:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-15 00:18 - 2017-03-04 09:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 00:18 - 2017-03-04 09:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 00:18 - 2017-03-04 09:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-15 00:18 - 2017-03-04 09:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-15 00:18 - 2017-03-04 09:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 00:18 - 2017-03-04 09:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 00:18 - 2017-03-04 09:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 00:18 - 2017-03-04 09:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 00:18 - 2017-03-04 09:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 00:18 - 2017-03-04 09:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 00:18 - 2017-03-04 09:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 00:18 - 2017-03-04 09:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 00:18 - 2017-03-04 09:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 00:18 - 2017-03-04 09:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 00:18 - 2017-03-04 09:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 00:18 - 2017-03-04 08:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 00:18 - 2017-03-04 08:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 00:18 - 2017-03-04 08:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 00:18 - 2017-03-04 08:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 00:18 - 2017-03-04 08:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 00:18 - 2017-03-04 08:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 00:18 - 2017-03-04 08:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 00:18 - 2017-03-04 08:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 00:18 - 2017-03-04 08:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 00:18 - 2017-03-04 08:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 00:18 - 2017-03-04 08:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 00:18 - 2017-03-04 08:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 00:18 - 2017-03-04 08:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 00:18 - 2017-03-04 08:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 00:18 - 2017-03-04 08:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 00:18 - 2017-03-04 08:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 00:18 - 2017-03-04 08:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 00:18 - 2017-03-04 08:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 00:18 - 2017-03-04 08:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 00:18 - 2017-03-04 08:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 00:18 - 2017-03-04 08:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 00:18 - 2017-03-04 08:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 00:18 - 2017-03-04 08:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 00:18 - 2017-03-04 08:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 00:18 - 2017-03-04 08:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-15 00:18 - 2017-03-04 08:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 00:18 - 2017-03-04 08:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 00:18 - 2017-03-04 08:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 00:18 - 2017-03-04 08:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 00:18 - 2017-03-04 08:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 00:18 - 2017-03-04 08:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 00:18 - 2017-03-04 08:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 00:18 - 2017-03-04 08:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 00:18 - 2017-03-04 08:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-15 00:18 - 2017-03-04 08:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 00:18 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 00:18 - 2017-03-04 08:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 00:18 - 2017-03-04 08:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 00:18 - 2017-03-04 08:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 00:18 - 2017-03-04 08:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 00:18 - 2017-03-04 08:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 00:18 - 2017-03-04 08:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-15 00:18 - 2017-03-04 08:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 00:18 - 2017-03-04 08:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 00:18 - 2017-03-04 08:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 00:18 - 2017-03-04 08:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 00:18 - 2017-03-04 08:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 00:18 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 00:18 - 2017-03-04 08:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 00:18 - 2017-03-04 08:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 00:18 - 2017-03-04 08:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 00:18 - 2017-03-04 08:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 00:18 - 2017-03-04 08:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 00:18 - 2017-03-04 08:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-15 00:18 - 2017-03-04 08:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 00:18 - 2017-03-04 08:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 00:18 - 2017-03-04 08:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 00:18 - 2017-03-04 08:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 00:18 - 2017-03-04 08:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 00:18 - 2017-03-04 08:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 00:18 - 2017-03-04 08:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 00:18 - 2017-03-04 08:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 00:18 - 2017-03-04 08:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 00:18 - 2017-03-04 08:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 00:18 - 2017-03-04 08:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 00:18 - 2017-03-04 08:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 00:18 - 2017-03-04 08:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 00:18 - 2017-03-04 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 00:18 - 2017-03-04 08:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 00:18 - 2017-03-04 08:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 00:18 - 2017-03-04 08:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 00:18 - 2017-03-04 08:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 00:18 - 2017-03-04 08:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 00:18 - 2017-03-04 08:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 00:18 - 2017-03-04 08:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 00:18 - 2017-03-04 08:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 00:18 - 2017-03-04 08:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 00:18 - 2017-03-04 08:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 00:18 - 2017-03-04 08:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 00:18 - 2017-03-04 08:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-15 00:18 - 2017-03-04 08:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 00:18 - 2017-03-04 08:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 00:18 - 2017-03-04 08:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 00:18 - 2017-03-04 08:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 00:18 - 2017-03-04 08:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 00:18 - 2017-03-04 08:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 00:18 - 2017-03-04 08:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-15 00:18 - 2017-03-04 08:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 00:18 - 2017-03-04 08:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 00:18 - 2017-03-04 08:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 00:18 - 2017-03-04 08:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 00:18 - 2017-03-04 08:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 00:18 - 2017-03-04 08:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 00:18 - 2017-03-04 08:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 00:18 - 2017-03-04 08:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 00:18 - 2017-03-04 08:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 00:18 - 2017-03-04 08:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 00:18 - 2017-03-04 08:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 00:18 - 2017-03-04 08:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 00:18 - 2017-03-04 08:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 00:18 - 2017-03-04 08:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 00:18 - 2017-03-04 08:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 00:18 - 2017-03-04 08:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 00:18 - 2017-03-04 08:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 00:18 - 2017-03-04 08:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 00:18 - 2017-03-04 08:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 00:18 - 2017-03-04 08:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 00:18 - 2017-03-04 08:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 00:18 - 2017-03-04 08:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 00:18 - 2017-03-04 08:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 00:18 - 2017-03-04 08:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 00:18 - 2017-03-04 08:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 00:18 - 2017-03-04 08:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 00:18 - 2017-03-04 08:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 00:18 - 2017-03-04 08:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 00:18 - 2017-03-04 08:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 00:18 - 2017-03-04 08:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 00:18 - 2017-03-04 08:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-15 00:18 - 2017-03-04 08:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 00:18 - 2017-03-04 08:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 00:18 - 2017-03-04 08:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 00:18 - 2016-07-16 04:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 00:18 - 2016-07-16 04:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 00:18 - 2016-07-16 04:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 00:18 - 2016-05-29 20:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-13 17:32 - 2017-03-13 17:33 - 10004461 _____ C:\Users\William\Desktop\Celesti Pitch Deck DanBan Angels.ppsx
2017-03-12 16:42 - 2017-03-12 16:56 - 00000000 ____D C:\Users\William\Downloads\Female.Orgasm.Blueprint.2009.English.Orgasm.Arts.Jason.Julius.DVDRip.AVC
2017-03-12 15:57 - 2017-04-11 14:29 - 00000000 ____D C:\Users\William\Downloads\Video
2017-03-12 15:57 - 2017-04-08 21:26 - 00000000 ____D C:\Users\William\AppData\Roaming\DMCache
2017-03-12 15:57 - 2017-03-21 00:02 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-03-12 15:57 - 2017-03-21 00:01 - 00000000 ____D C:\Users\William\AppData\Roaming\IDM
2017-03-12 15:57 - 2017-03-12 15:57 - 00000000 ____D C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-03-12 15:57 - 2017-03-12 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-03-12 15:57 - 2017-03-12 15:57 - 00000000 ____D C:\ProgramData\IDM
2017-03-12 15:34 - 2017-03-12 16:26 - 00000000 ____D C:\Users\William\AppData\Local\MegaDownloader
2017-03-12 15:34 - 2017-03-12 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2017-03-12 15:34 - 2017-03-12 15:34 - 00000000 ____D C:\Program Files\MegaDownloader
2017-03-12 01:14 - 2017-03-12 01:15 - 00000000 ____D C:\Users\William\Downloads\RSD Blueprint Decoded - Tyler [20 DVDs]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-11 14:33 - 2016-05-23 08:07 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-04-11 14:27 - 2017-02-02 00:28 - 00000000 ____D C:\Users\William\Downloads\Adobe Premiere Pro CC 2017 v11.0.2 (x64) Incl Crack + Portable [SadeemPC]
2017-04-11 14:17 - 2016-02-28 09:18 - 00000000 ____D C:\Users\William\Documents\Book
2017-04-11 13:19 - 2016-05-22 07:53 - 00000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-04-11 13:00 - 2017-02-16 16:09 - 00000000 ____D C:\Users\William\AppData\Local\CrashDumps
2017-04-11 12:35 - 2016-02-15 00:24 - 00002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-11 12:33 - 2016-11-24 17:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-04-11 11:59 - 2016-11-24 17:40 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-11 11:59 - 2016-11-24 17:40 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-11 04:16 - 2016-02-25 08:39 - 00000000 ____D C:\Users\William\AppData\Roaming\vlc
2017-04-11 04:06 - 2016-11-24 17:28 - 00000000 ____D C:\Users\William
2017-04-11 04:04 - 2016-06-20 18:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-10 21:45 - 2016-02-14 10:52 - 00000000 ____D C:\Users\William\AppData\Local\Battle.net
2017-04-10 21:45 - 2016-02-14 10:49 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-04-10 20:14 - 2017-01-24 17:21 - 00000000 ____D C:\Program Files (x86)\Overwatch
2017-04-10 16:07 - 2016-11-24 17:28 - 01915358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-10 16:02 - 2016-02-14 09:58 - 00000000 ___RD C:\Users\William\OneDrive
2017-04-10 16:01 - 2016-11-24 17:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-10 16:01 - 2016-11-24 17:28 - 00000000 ____D C:\ProgramData\NVIDIA
2017-04-10 16:01 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-04-10 16:01 - 2016-02-14 09:51 - 00000000 __SHD C:\Users\William\IntelGraphicsProfiles
2017-04-10 12:24 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-10 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-10 01:48 - 2017-01-04 16:22 - 00000000 ____D C:\Users\William\Desktop\Tat
2017-04-08 16:18 - 2016-11-05 00:42 - 00000000 ____D C:\Users\William\AppData\Roaming\discord
2017-04-08 16:14 - 2016-05-23 07:44 - 00000742 _____ C:\WINDOWS\system32\.crusader
2017-04-08 16:00 - 2016-11-24 17:26 - 00445968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-08 16:00 - 2016-04-19 21:28 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-07 22:12 - 2016-02-17 21:48 - 00000132 _____ C:\Users\William\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-04-04 21:20 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-04-03 22:32 - 2016-11-24 17:40 - 00003520 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2017-04-03 22:32 - 2016-11-24 17:40 - 00003384 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2017-04-03 22:32 - 2016-05-01 18:02 - 00000000 ____D C:\Program Files (x86)\Gyazo
2017-04-03 06:14 - 2016-02-18 00:34 - 00000000 ____D C:\Users\William\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable
2017-04-03 03:14 - 2016-02-17 09:04 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2017-04-02 23:14 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-30 05:57 - 2016-02-14 10:36 - 00000000 ____D C:\Program Files (x86)\Steam
2017-03-29 18:49 - 2016-02-28 09:19 - 00000000 ____D C:\Users\William\Documents\Jobansøgninger
2017-03-29 04:30 - 2016-08-10 19:39 - 00000000 ____D C:\Users\William\Desktop\5sp1
2017-03-29 04:25 - 2016-05-22 07:53 - 00000000 _____ C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt
2017-03-28 17:14 - 2014-12-22 10:23 - 00000000 ___HD C:\Program Files (x86)\Temp
2017-03-28 17:13 - 2014-12-22 10:26 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-26 10:23 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-26 10:23 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-03-26 10:06 - 2016-05-23 08:00 - 00000000 ____D C:\Users\William\AppData\Roaming\qBittorrent
2017-03-21 01:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-03-21 00:59 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-21 00:50 - 2017-02-11 01:46 - 00000000 ____D C:\Users\William\AppData\Local\346639BC-E358-CD2C-7A43-1A27B2BAD18D
2017-03-21 00:46 - 2016-11-20 03:45 - 00000000 ____D C:\Users\William\AppData\Roaming\Nohos
2017-03-21 00:21 - 2017-02-17 14:52 - 00002442 _____ C:\Users\Public\Desktop\TI-Nspire CX CAS Student Software.lnk
2017-03-21 00:21 - 2017-02-17 14:41 - 00002402 _____ C:\Users\Public\Desktop\TI-Nspire CAS Student Software.lnk
2017-03-21 00:21 - 2017-02-11 01:47 - 00002387 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-03-21 00:21 - 2017-01-24 17:37 - 00000882 _____ C:\Users\Public\Desktop\Overwatch.lnk
2017-03-21 00:21 - 2016-11-30 02:37 - 00001028 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2017-03-21 00:21 - 2016-11-24 17:38 - 00001564 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-03-21 00:21 - 2016-11-05 00:42 - 00002284 _____ C:\Users\William\Desktop\Discord.lnk
2017-03-21 00:21 - 2016-10-01 14:57 - 00001249 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2017-03-21 00:21 - 2016-08-08 11:23 - 00001206 _____ C:\Users\Public\Desktop\Diablo III.lnk
2017-03-21 00:21 - 2016-08-08 10:43 - 00001293 _____ C:\Users\Public\Desktop\Demonbuddy.lnk
2017-03-21 00:21 - 2016-07-22 09:53 - 00001491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2017-03-21 00:21 - 2016-07-22 09:50 - 00001500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2017-03-21 00:21 - 2016-06-20 18:42 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-03-21 00:21 - 2016-05-22 05:38 - 00001649 _____ C:\Users\Public\Desktop\Half-Life 2.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-03-21 00:21 - 2016-04-19 21:30 - 00002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-03-21 00:21 - 2016-02-17 21:36 - 00001128 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoshopCS6Portable.lnk
2017-03-21 00:21 - 2016-02-14 23:44 - 00002408 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-21 00:21 - 2016-02-14 10:17 - 00001760 _____ C:\Users\Public\Desktop\Heroin.lnk
2017-03-21 00:21 - 2016-02-14 09:52 - 00001149 _____ C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iBT Audio Monitor.lnk
2017-03-21 00:21 - 2014-12-22 10:22 - 00000712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® HD Graphics Control Panel.lnk
2017-03-21 00:02 - 2016-11-20 03:45 - 00000258 __RSH C:\ProgramData\ntuser.pol
2017-03-21 00:02 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-03-20 23:37 - 2016-02-14 09:52 - 00000000 ____D C:\Users\William\AppData\Local\Packages
2017-03-20 19:08 - 2016-05-23 08:00 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2017-03-20 09:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-20 09:25 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-20 06:06 - 2016-02-14 09:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-20 06:01 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-20 04:37 - 2016-02-14 09:52 - 00000000 ____D C:\Users\William\AppData\Local\VirtualStore
2017-03-20 03:16 - 2016-02-15 11:38 - 00000000 ____D C:\Users\William\AppData\Roaming\NVIDIA
2017-03-17 02:45 - 2016-11-21 01:45 - 00000412 _____ C:\Users\William\AppData\Roaming\WB.CFG
2017-03-16 19:54 - 2014-12-22 10:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-16 19:51 - 2014-12-22 10:59 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-16 10:05 - 2016-12-29 03:00 - 00000000 ____D C:\Users\William\Downloads\Dont Touch Me
2017-03-13 17:38 - 2016-02-14 11:04 - 00000000 ____D C:\Users\William\AppData\Roaming\Skype
2017-03-13 17:31 - 2016-02-14 11:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-03-13 17:31 - 2016-02-14 11:04 - 00000000 ____D C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2016-01-13 23:48 - 2016-01-13 23:48 - 0001053 _____ () C:\Users\William\AppData\Roaming\21.svg
2016-02-24 11:54 - 2016-02-24 11:54 - 0131144 _____ () C:\Users\William\AppData\Roaming\3BSYBS1-DCSA_Alerts_05182015040025.xml
2016-01-13 23:48 - 2016-01-13 23:48 - 0000672 _____ () C:\Users\William\AppData\Roaming\69-unifont.conf
2016-02-17 21:48 - 2017-04-07 22:12 - 0000132 _____ () C:\Users\William\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-05-20 03:28 - 2015-05-20 03:28 - 0004689 _____ () C:\Users\William\AppData\Roaming\alert_2.png
2015-05-20 03:28 - 2015-05-20 03:28 - 0003078 _____ () C:\Users\William\AppData\Roaming\app_updater_header.png
2015-07-05 00:18 - 2015-07-05 00:18 - 0004205 _____ () C:\Users\William\AppData\Roaming\back.png
2013-10-02 04:55 - 2013-10-02 04:55 - 0003177 _____ () C:\Users\William\AppData\Roaming\barcode.fo
2014-05-08 07:44 - 2014-05-08 07:44 - 0002173 _____ () C:\Users\William\AppData\Roaming\base.js
2013-10-02 04:56 - 2013-10-02 04:56 - 0003426 _____ () C:\Users\William\AppData\Roaming\BinaryRank.mm
2016-02-13 19:41 - 2016-02-13 19:41 - 0049832 _____ () C:\Users\William\AppData\Roaming\Ceramics - Satin Black.3PP
2016-02-25 19:21 - 2016-02-25 19:21 - 0002340 _____ () C:\Users\William\AppData\Roaming\CockneydomTympan
1992-01-06 02:00 - 1992-01-06 02:00 - 0001525 _____ () C:\Users\William\AppData\Roaming\CoteDreck.s
2013-10-02 04:56 - 2013-10-02 04:56 - 0001477 _____ () C:\Users\William\AppData\Roaming\default.units.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 0001387 _____ () C:\Users\William\AppData\Roaming\dell_certfile.cer
2010-10-14 22:38 - 2010-10-14 22:38 - 0000033 _____ () C:\Users\William\AppData\Roaming\description.txt
2014-05-08 06:05 - 2014-05-08 06:05 - 0002096 _____ () C:\Users\William\AppData\Roaming\Display Camera Maker.jsx
2013-10-02 04:56 - 2013-10-02 04:56 - 0002416 _____ () C:\Users\William\AppData\Roaming\Entropy.mm
2015-05-20 03:28 - 2015-05-20 03:28 - 0001404 _____ () C:\Users\William\AppData\Roaming\exit.png
2016-02-27 01:21 - 2016-02-27 01:21 - 0049870 _____ () C:\Users\William\AppData\Roaming\f21.png
2001-02-21 02:00 - 2001-02-21 02:00 - 0002024 _____ () C:\Users\William\AppData\Roaming\Fireworm.Jbh
2013-10-02 04:55 - 2013-10-02 04:55 - 0000932 _____ () C:\Users\William\AppData\Roaming\fix.jpg
2014-05-08 06:05 - 2014-05-08 06:05 - 0000518 _____ () C:\Users\William\AppData\Roaming\goURL_lr_photoshop_it.csv
2014-05-08 06:05 - 2014-05-08 06:05 - 0001590 _____ () C:\Users\William\AppData\Roaming\HKS Z.aco
2016-02-19 22:18 - 2016-02-19 22:18 - 0002123 _____ () C:\Users\William\AppData\Roaming\IncorrigibleCreamCampodeid
2013-10-02 04:55 - 2013-10-02 04:55 - 0002721 _____ () C:\Users\William\AppData\Roaming\isocyr2.ent
2014-05-08 06:05 - 2014-05-08 06:05 - 0001142 _____ () C:\Users\William\AppData\Roaming\JPEG High.irs
2016-02-19 22:18 - 2016-02-19 22:18 - 0064673 _____ () C:\Users\William\AppData\Roaming\LightBlueRectangle.PNG
2013-10-02 04:56 - 2013-10-02 04:56 - 0001419 _____ () C:\Users\William\AppData\Roaming\list.block.spacing.xml
2015-05-20 03:28 - 2015-05-20 03:28 - 0000904 _____ () C:\Users\William\AppData\Roaming\log4netcfg.xml
2016-02-13 19:41 - 2016-02-13 19:41 - 0001522 _____ () C:\Users\William\AppData\Roaming\LunetteUkiyoeAboutfacePamphlet
2013-10-02 04:54 - 2013-10-02 04:54 - 0000581 _____ () C:\Users\William\AppData\Roaming\Novokuznetsk
2016-02-13 19:45 - 2016-02-13 19:45 - 0001433 _____ () C:\Users\William\AppData\Roaming\OchlophobiaTherapsid
1988-10-21 01:00 - 1988-10-21 01:00 - 0001402 _____ () C:\Users\William\AppData\Roaming\PatrialDotterel.J
2015-05-20 03:28 - 2015-05-20 03:28 - 0003114 _____ () C:\Users\William\AppData\Roaming\refresh_10.png
2013-10-02 04:56 - 2013-10-02 04:56 - 0000963 _____ () C:\Users\William\AppData\Roaming\root.filename.xml
1994-11-15 02:00 - 1994-11-15 02:00 - 0051311 _____ () C:\Users\William\AppData\Roaming\SangMaxilla.4
2016-02-24 11:54 - 2016-02-24 11:54 - 0001457 _____ () C:\Users\William\AppData\Roaming\SarcolemmaMetacarpal
2016-02-27 01:21 - 2016-02-27 01:21 - 0001377 _____ () C:\Users\William\AppData\Roaming\SemenCaraculNapa
2015-05-20 03:28 - 2015-05-20 03:28 - 0004421 _____ () C:\Users\William\AppData\Roaming\sensor_generic.png
2016-02-13 19:45 - 2016-02-13 19:45 - 0308290 _____ () C:\Users\William\AppData\Roaming\slide.font.family.xml
1989-10-23 01:00 - 1989-10-23 01:00 - 0049764 _____ () C:\Users\William\AppData\Roaming\Stick.e
2014-10-07 06:39 - 2014-10-07 06:39 - 0011264 _____ () C:\Users\William\AppData\Roaming\System.dll
2016-02-25 19:21 - 2016-02-25 19:21 - 0049751 _____ () C:\Users\William\AppData\Roaming\Tongatapu
2015-05-20 03:14 - 2015-05-20 03:14 - 0000755 _____ () C:\Users\William\AppData\Roaming\tweakBIOSDriversFirmwareUpdate_tr.p5p
2013-01-04 02:00 - 2013-01-04 02:00 - 0241757 _____ () C:\Users\William\AppData\Roaming\Velodrome.g
2016-11-21 01:45 - 2017-03-17 02:45 - 0000412 _____ () C:\Users\William\AppData\Roaming\WB.CFG
2017-03-21 00:40 - 2017-03-21 00:40 - 0028778 _____ () C:\ProgramData\agent.1490049627.bdinstall.bin
2017-04-10 16:00 - 2017-04-10 16:00 - 0029372 _____ () C:\ProgramData\agent.update.1491832852.bdinstall.bin
2016-11-24 17:27 - 2016-11-24 17:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Files to move or delete:
====================
C:\Windows\Tasks\{52337712-e9fd-9849-8904-676651b0b94c}.job
 
 
Some files in TEMP:
====================
2017-03-21 00:00 - 2017-03-21 00:00 - 0028672 _____ (Western Visayas College of Science and TechnologyT) C:\Users\William\AppData\Local\Temp\fox.exe
2017-03-20 23:36 - 2016-06-24 08:57 - 0178072 _____ (Nexon) C:\Users\William\AppData\Local\Temp\NGM.exe
2017-03-20 23:36 - 2016-06-24 08:57 - 0948120 _____ (Nexon) C:\Users\William\AppData\Local\Temp\NGMDll.dll
2017-03-20 23:36 - 2016-06-24 08:57 - 0407448 _____ (Nexon) C:\Users\William\AppData\Local\Temp\NGMResource.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-04-01 17:57
 
==================== End of FRST.txt ============================
 


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:32 PM

Posted 12 April 2017 - 10:51 AM

Duplicate.

The topic will be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users