Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DeliveryModo - unwanted popups on laptop and iPhone in all browsers


  • This topic is locked This topic is locked
1 reply to this topic

#1 sanirudh

sanirudh

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:04 PM

Posted 12 July 2017 - 11:37 PM

Hello Everyone

 

First post on the forum...

 

I traveled from USA to India, and got infected with a redirect virus (DeliveryModo). It opens a new tab, and points to a website with unwanted ads.

 

Here is what I've done so far: 

 

- Ran MacAfee Total Protection. Also reset browsers and cleared history. MacAfee says router has been infected, .

 

 

- Router is D-Link DSL-2750U.

 

It is an ADSL2+ router\modem, purchased brand new after I arrived here.

 

Router Firmware IN_R_01.00.05.

 

The ISP (BSNL) and the router manufacturer (D-Link), were of no help.

 

- Ran Zemana, nothing found

 

- Ran AdwCleaner, nothing found

 

- Ran Malwarebytes Anti-Malware, nothing found

 

- Ran RKill, nothing found

 

- Ran EMSISoft Anti-Malware, nothing found

 

 

FRST Logs Follow:

 

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2017

Ran by Anirudh (administrator) on LAPTOP-PJ68EBFL (13-07-2017 09:48:59)

Running from C:\Users\Anirudh\Downloads

Loaded Profiles: Anirudh (Available Profiles: defaultuser0 & Anirudh)

Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Edge)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\igfxCUIService.exe

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe

(Lenovo.) C:\Windows\System32\LPlatSvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\IntelCpHDCPSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\ibtsiva.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe

() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\IntelCpHeciSvc.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe

(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe

(Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe

(Lenovo.) C:\Windows\System32\TpShocks.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\igfxEM.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\igfxext.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe

(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe

(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe

(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe

(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe

() C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.79.0.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe

() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe

(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe

(Lenovo.) C:\Windows\System32\LPlatSvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

 

==================== Registry (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [8699768 2017-06-29] (Emsisoft Ltd)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-05-09] (Apple Inc.)

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-03-17] (Apple Inc.)

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-05-09] (Apple Inc.)

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\Run: [Google Update] => C:\Users\Anirudh\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\Run: [HP Photosmart Plus B210 series (NET)] => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 87.117.234.36 8.8.8.8

Tcpip\..\Interfaces\{00329dd3-b963-4766-a373-9df3f3388a80}: [DhcpNameServer] 87.117.234.36 8.8.8.8

Tcpip\..\Interfaces\{28fc6641-a31e-4b2d-b948-01cb5db17ee4}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{de5c7f6a-f25c-4241-b6fd-bf4733ff2ce5}: [DhcpNameServer] 150.206.1.2

 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKU\S-1-5-21-593203095-4031235406-2349664980-1001 -> {AD55BE33-DF58-48C1-9F9D-0C7B16D41BD5} URL = 

SearchScopes: HKU\S-1-5-21-593203095-4031235406-2349664980-1001 -> {B0A8BA31-5AD3-4EC0-B5AB-A4E05238FB3B} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-06] (Microsoft Corporation)

BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-04] (McAfee, Inc.)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-06] (Microsoft Corporation)

BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-04] (McAfee, Inc.)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-06] (Microsoft Corporation)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-04] (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-04] (McAfee, Inc.)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

 

FireFox:

========

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-07-04] [not signed]

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-29] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-593203095-4031235406-2349664980-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Anirudh\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-09] (Google)

FF Plugin HKU\S-1-5-21-593203095-4031235406-2349664980-1001: @talk.google.com/O1DPlugin -> C:\Users\Anirudh\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-09] (Google)

FF Plugin HKU\S-1-5-21-593203095-4031235406-2349664980-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Anirudh\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [No File]

FF Plugin HKU\S-1-5-21-593203095-4031235406-2349664980-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Anirudh\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [No File]

FF Plugin ProgramFiles/Appdata: C:\Users\Anirudh\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-09] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\Anirudh\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-09] (Google)

 

Chrome: 

=======

CHR Profile: C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default [2017-07-13]

CHR Extension: (Google Slides) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-09]

CHR Extension: (Google Docs) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-09]

CHR Extension: (Google Drive) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-09]

CHR Extension: (YouTube) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-09]

CHR Extension: (Google Sheets) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-09]

CHR Extension: (McAfee® WebAdvisor) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-07-09]

CHR Extension: (Google Docs Offline) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-09]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-09]

CHR Extension: (Gmail) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-09]

CHR Extension: (Chrome Media Router) - C:\Users\Anirudh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-09]

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [8845224 2017-06-29] (Emsisoft Ltd)

R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3759752 2016-05-19] (Intel Corporation)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)

R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)

R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2017-02-09] (Lenovo)

R3 cphs; C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\IntelCpHeciSvc.exe [285680 2017-02-02] (Intel Corporation)

R2 cplspcon; C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\IntelCpHDCPSvc.exe [462832 2017-02-02] (Intel Corporation)

R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [139584 2016-12-07] (Conexant Systems, Inc.)

R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [194048 2017-03-27] (Dolby Laboratories, Inc.)

R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)

R2 igfxCUIService2.0.0.0; C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\igfxCUIService.exe [324592 2017-02-02] (Intel Corporation)

R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-14] (Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [196200 2017-01-15] (Intel Corporation)

R2 Lenovo Instant On; C:\Program Files\Lenovo\InstantOn\InstantOnSrv.exe [3124808 2017-04-28] (Lenovo Group Limited)

S2 LENOVO.DPRSVC; C:\Program Files (x86)\Lenovo\DPR\LENOVO.DPRSVC.EXE [1109608 2016-12-29] (Lenovo, Japan, Ltd.)

R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711248 2017-04-01] (Lenovo.)

S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-07-04] (McAfee, Inc.)

R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)

R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)

R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)

R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)

R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)

R3 mfevtp; C:\Windows\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)

R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)

S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] ()

R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)

R2 SAService; C:\Windows\system32\SAsrv.exe [416576 2016-12-07] (Conexant Systems, Inc.)

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-03-06] (Microsoft Corporation)

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279104 2017-06-16] (Synaptics Incorporated)

S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-17] (Intel Corporation)

R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-01-18] ()

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel® Corporation)

S4 0206171499571276mcinstcleanup; C:\Windows\TEMP\020617~1.EXE -cleanup -nolog [X]

R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [124160 2016-07-01] (ASIX Electronics Corp.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)

R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d65x64.sys [542184 2016-11-27] (Intel Corporation)

R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [129032 2017-04-14] (Intel Corporation)

R3 igfx; C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\igdkmd64.sys [11060192 2017-02-02] (Intel Corporation)

R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [88448 2017-05-26] (McAfee, Inc.)

R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)

U3 mfeavfk01; no ImagePath

S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)

R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)

R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)

R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)

S3 MFE_RR; C:\Users\Anirudh\AppData\Local\Temp\mfe_rr.sys [24120 2017-07-12] (McAfee, Inc.) <==== ATTENTION

S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()

S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2016-07-16] (Intel Corporation)

R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7308560 2016-09-13] (Intel Corporation)

S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2017-06-02] ()

R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2016-08-04] (Realsil Semiconductor Corporation)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [72760 2017-06-16] (Synaptics Incorporated)

R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [1036352 2017-03-03] (Sunplus Innovation Technology Inc.)

R1 SynaMetSMI; C:\Windows\system32\DRIVERS\SynaSmi.sys [39736 2017-04-05] (Windows ® Win 7 DDK provider)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-07-11] (Zemana Ltd.)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-07-13 08:56 - 2017-07-13 09:32 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware

2017-07-13 08:56 - 2017-07-13 09:09 - 00000000 ____D C:\ProgramData\Emsisoft

2017-07-13 08:56 - 2017-07-13 08:56 - 00000944 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk

2017-07-13 08:56 - 2017-07-13 08:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware

2017-07-13 08:49 - 2017-07-13 08:49 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Anirudh\Desktop\iExplore.exe

2017-07-13 08:49 - 2017-07-13 08:49 - 00003544 _____ C:\Users\Anirudh\Desktop\Rkill.txt

2017-07-13 08:26 - 2017-07-07 13:19 - 00340824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2017-07-13 08:26 - 2017-07-07 13:16 - 00781152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe

2017-07-13 08:26 - 2017-07-07 13:15 - 02263832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2017-07-13 08:26 - 2017-07-07 13:14 - 00108896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys

2017-07-13 08:26 - 2017-07-07 13:10 - 20967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2017-07-13 08:26 - 2017-07-07 13:07 - 00468320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2017-07-13 08:26 - 2017-07-07 13:07 - 00118112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2017-07-13 08:26 - 2017-07-07 12:59 - 05686272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll

2017-07-13 08:26 - 2017-07-07 12:59 - 00857440 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe

2017-07-13 08:26 - 2017-07-07 12:54 - 22220856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2017-07-13 08:26 - 2017-07-07 12:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll

2017-07-13 08:26 - 2017-07-07 12:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapprovp.dll

2017-07-13 08:26 - 2017-07-07 12:48 - 02532192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2017-07-13 08:26 - 2017-07-07 12:48 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2017-07-13 08:26 - 2017-07-07 12:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll

2017-07-13 08:26 - 2017-07-07 12:47 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll

2017-07-13 08:26 - 2017-07-07 12:43 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll

2017-07-13 08:26 - 2017-07-07 12:43 - 00310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll

2017-07-13 08:26 - 2017-07-07 12:40 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2017-07-13 08:26 - 2017-07-07 12:39 - 00637952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2017-07-13 08:26 - 2017-07-07 12:39 - 00506368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2017-07-13 08:26 - 2017-07-07 12:36 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

2017-07-13 08:26 - 2017-07-07 12:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe

2017-07-13 08:26 - 2017-07-07 12:32 - 01313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll

2017-07-13 08:26 - 2017-07-07 12:30 - 00476160 _____ (Microsoft® Windows® Operating System) C:\Windows\SysWOW64\wvc.dll

2017-07-13 08:26 - 2017-07-07 12:25 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll

2017-07-13 08:26 - 2017-07-07 12:25 - 01571840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2017-07-13 08:26 - 2017-07-07 12:24 - 02997248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys

2017-07-13 08:26 - 2017-07-07 12:23 - 02483200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2017-07-13 08:26 - 2017-07-07 12:22 - 04561408 _____ (Microsoft) C:\Windows\SysWOW64\dbgeng.dll

2017-07-13 08:26 - 2017-07-07 12:22 - 01599488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2017-07-13 08:26 - 2017-07-07 12:22 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll

2017-07-13 08:26 - 2017-07-07 12:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys

2017-07-13 08:26 - 2017-07-07 12:05 - 01397760 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll

2017-07-13 08:26 - 2017-06-21 13:48 - 01470816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll

2017-07-13 08:26 - 2017-06-21 13:23 - 00794928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll

2017-07-13 08:26 - 2017-06-21 13:22 - 02213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2017-07-13 08:26 - 2017-06-21 13:22 - 00774224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2017-07-13 08:26 - 2017-06-21 13:22 - 00088416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys

2017-07-13 08:26 - 2017-06-21 13:22 - 00081760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys

2017-07-13 08:26 - 2017-06-21 13:12 - 01573280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2017-07-13 08:26 - 2017-06-21 13:12 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2017-07-13 08:26 - 2017-06-21 13:11 - 01706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2017-07-13 08:26 - 2017-06-21 13:09 - 02048496 _____ C:\Windows\SysWOW64\CoreUIComponents.dll

2017-07-13 08:26 - 2017-06-21 13:08 - 07220192 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll

2017-07-13 08:26 - 2017-06-21 13:08 - 01860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll

2017-07-13 08:26 - 2017-06-21 13:08 - 00790752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2017-07-13 08:26 - 2017-06-21 13:06 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys

2017-07-13 08:26 - 2017-06-21 13:06 - 00129888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS

2017-07-13 08:26 - 2017-06-21 13:03 - 00408600 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll

2017-07-13 08:26 - 2017-06-21 13:03 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2017-07-13 08:26 - 2017-06-21 13:02 - 08169024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll

2017-07-13 08:26 - 2017-06-21 13:02 - 04260576 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll

2017-07-13 08:26 - 2017-06-21 13:02 - 01983408 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll

2017-07-13 08:26 - 2017-06-21 13:02 - 01702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll

2017-07-13 08:26 - 2017-06-21 13:02 - 01072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll

2017-07-13 08:26 - 2017-06-21 13:00 - 00869848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll

2017-07-13 08:26 - 2017-06-21 13:00 - 00196960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll

2017-07-13 08:26 - 2017-06-21 12:59 - 05722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll

2017-07-13 08:26 - 2017-06-21 12:58 - 02277288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll

2017-07-13 08:26 - 2017-06-21 12:58 - 01504056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2017-07-13 08:26 - 2017-06-21 12:58 - 00524776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2017-07-13 08:26 - 2017-06-21 12:58 - 00170960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2017-07-13 08:26 - 2017-06-21 12:57 - 01431232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll

2017-07-13 08:26 - 2017-06-21 12:57 - 01122344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll

2017-07-13 08:26 - 2017-06-21 12:57 - 00975744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll

2017-07-13 08:26 - 2017-06-21 12:57 - 00861024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll

2017-07-13 08:26 - 2017-06-21 12:57 - 00549088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll

2017-07-13 08:26 - 2017-06-21 12:57 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll

2017-07-13 08:26 - 2017-06-21 12:56 - 00387864 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll

2017-07-13 08:26 - 2017-06-21 12:55 - 02168288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll

2017-07-13 08:26 - 2017-06-21 12:55 - 01980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2017-07-13 08:26 - 2017-06-21 12:54 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll

2017-07-13 08:26 - 2017-06-21 12:54 - 00154432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntmarta.dll

2017-07-13 08:26 - 2017-06-21 12:52 - 00361104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 06665440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 04023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 01845512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 01277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll

2017-07-13 08:26 - 2017-06-21 12:51 - 00374448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll

2017-07-13 08:26 - 2017-06-21 12:50 - 01360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll

2017-07-13 08:26 - 2017-06-21 12:50 - 00981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll

2017-07-13 08:26 - 2017-06-21 12:50 - 00962768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2017-07-13 08:26 - 2017-06-21 12:50 - 00312472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll

2017-07-13 08:26 - 2017-06-21 12:49 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2017-07-13 08:26 - 2017-06-21 12:36 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll

2017-07-13 08:26 - 2017-06-21 12:34 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-07-13 08:26 - 2017-06-21 12:34 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll

2017-07-13 08:26 - 2017-06-21 12:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys

2017-07-13 08:26 - 2017-06-21 12:32 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll

2017-07-13 08:26 - 2017-06-21 12:32 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmdisk0101.sys

2017-07-13 08:26 - 2017-06-21 12:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll

2017-07-13 08:26 - 2017-06-21 12:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll

2017-07-13 08:26 - 2017-06-21 12:31 - 00138752 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp

2017-07-13 08:26 - 2017-06-21 12:30 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\WinRtTracing.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uudf.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00138240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll

2017-07-13 08:26 - 2017-06-21 12:30 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll

2017-07-13 08:26 - 2017-06-21 12:29 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.XboxLive.Storage.dll

2017-07-13 08:26 - 2017-06-21 12:29 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll

2017-07-13 08:26 - 2017-06-21 12:29 - 00255488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp

2017-07-13 08:26 - 2017-06-21 12:29 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll

2017-07-13 08:26 - 2017-06-21 12:29 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll

2017-07-13 08:26 - 2017-06-21 12:29 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe

2017-07-13 08:26 - 2017-06-21 12:29 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll

2017-07-13 08:26 - 2017-06-21 12:29 - 00097792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.SystemManagement.dll

2017-07-13 08:26 - 2017-06-21 12:28 - 00418304 _____ C:\Windows\system32\Windows.Perception.Stub.dll

2017-07-13 08:26 - 2017-06-21 12:28 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe

2017-07-13 08:26 - 2017-06-21 12:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinRtTracing.dll

2017-07-13 08:26 - 2017-06-21 12:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SerialCommunication.dll

2017-07-13 08:26 - 2017-06-21 12:28 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll

2017-07-13 08:26 - 2017-06-21 12:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll

2017-07-13 08:26 - 2017-06-21 12:28 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.UserDeviceAssociation.dll

2017-07-13 08:26 - 2017-06-21 12:27 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll

2017-07-13 08:26 - 2017-06-21 12:27 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll

2017-07-13 08:26 - 2017-06-21 12:27 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll

2017-07-13 08:26 - 2017-06-21 12:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 01507840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.FaceAnalysis.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00719872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys

2017-07-13 08:26 - 2017-06-21 12:26 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.LowLevel.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe

2017-07-13 08:26 - 2017-06-21 12:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll

2017-07-13 08:26 - 2017-06-21 12:26 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe

2017-07-13 08:26 - 2017-06-21 12:26 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2017-07-13 08:26 - 2017-06-21 12:25 - 00265728 _____ C:\Windows\SysWOW64\Windows.Perception.Stub.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll

2017-07-13 08:26 - 2017-06-21 12:25 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe

2017-07-13 08:26 - 2017-06-21 12:24 - 01159680 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll

2017-07-13 08:26 - 2017-06-21 12:24 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe

2017-07-13 08:26 - 2017-06-21 12:24 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.InkControls.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00386048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFiDirect.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll

2017-07-13 08:26 - 2017-06-21 12:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll

2017-07-13 08:26 - 2017-06-21 12:22 - 06288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll

2017-07-13 08:26 - 2017-06-21 12:22 - 00963584 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll

2017-07-13 08:26 - 2017-06-21 12:22 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll

2017-07-13 08:26 - 2017-06-21 12:22 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll

2017-07-13 08:26 - 2017-06-21 12:22 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll

2017-07-13 08:26 - 2017-06-21 12:22 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll

2017-07-13 08:26 - 2017-06-21 12:21 - 00846336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll

2017-07-13 08:26 - 2017-06-21 12:21 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Ocr.dll

2017-07-13 08:26 - 2017-06-21 12:21 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll

2017-07-13 08:26 - 2017-06-21 12:21 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.dll

2017-07-13 08:26 - 2017-06-21 12:21 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll

2017-07-13 08:26 - 2017-06-21 12:20 - 01167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2017-07-13 08:26 - 2017-06-21 12:20 - 00857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll

2017-07-13 08:26 - 2017-06-21 12:20 - 00529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll

2017-07-13 08:26 - 2017-06-21 12:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2017-07-13 08:26 - 2017-06-21 12:20 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 03778048 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 01403392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 00500224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\RTMediaFrame.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll

2017-07-13 08:26 - 2017-06-21 12:19 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll

2017-07-13 08:26 - 2017-06-21 12:18 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2017-07-13 08:26 - 2017-06-21 12:18 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll

2017-07-13 08:26 - 2017-06-21 12:18 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll

2017-07-13 08:26 - 2017-06-21 12:17 - 13873664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll

2017-07-13 08:26 - 2017-06-21 12:17 - 07655424 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 04615168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 01137152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll

2017-07-13 08:26 - 2017-06-21 12:16 - 00355328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTMediaFrame.dll

2017-07-13 08:26 - 2017-06-21 12:15 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe

2017-07-13 08:26 - 2017-06-21 12:15 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll

2017-07-13 08:26 - 2017-06-21 12:15 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll

2017-07-13 08:26 - 2017-06-21 12:15 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uexfat.dll

2017-07-13 08:26 - 2017-06-21 12:14 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll

2017-07-13 08:26 - 2017-06-21 12:14 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll

2017-07-13 08:26 - 2017-06-21 12:14 - 00343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll

2017-07-13 08:26 - 2017-06-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ufat.dll

2017-07-13 08:26 - 2017-06-21 12:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdProxy.dll

2017-07-13 08:26 - 2017-06-21 12:13 - 01534464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.3D.dll

2017-07-13 08:26 - 2017-06-21 12:13 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll

2017-07-13 08:26 - 2017-06-21 12:13 - 00713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll

2017-07-13 08:26 - 2017-06-21 12:13 - 00653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll

2017-07-13 08:26 - 2017-06-21 12:13 - 00468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.InkControls.dll

2017-07-13 08:26 - 2017-06-21 12:13 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cnvfat.dll

2017-07-13 08:26 - 2017-06-21 12:12 - 03307008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll

2017-07-13 08:26 - 2017-06-21 12:12 - 02749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll

2017-07-13 08:26 - 2017-06-21 12:12 - 00853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe

2017-07-13 08:26 - 2017-06-21 12:12 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll

2017-07-13 08:26 - 2017-06-21 12:12 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll

2017-07-13 08:26 - 2017-06-21 12:12 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll

2017-07-13 08:26 - 2017-06-21 12:12 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFSv1.dll

2017-07-13 08:26 - 2017-06-21 12:11 - 03400704 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2017-07-13 08:26 - 2017-06-21 12:11 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll

2017-07-13 08:26 - 2017-06-21 12:11 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Ocr.dll

2017-07-13 08:26 - 2017-06-21 12:11 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll

2017-07-13 08:26 - 2017-06-21 12:11 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 02641920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 02154496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 01891328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 00901120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 00895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 00611328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToReceiver.dll

2017-07-13 08:26 - 2017-06-21 12:10 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll

2017-07-13 08:26 - 2017-06-21 12:09 - 08076288 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2017-07-13 08:26 - 2017-06-21 12:09 - 02538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2017-07-13 08:26 - 2017-06-21 12:09 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll

2017-07-13 08:26 - 2017-06-21 12:09 - 00546304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll

2017-07-13 08:26 - 2017-06-21 12:09 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 03520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe

2017-07-13 08:26 - 2017-06-21 12:08 - 02424320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Perception.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 01984000 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 01221120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 00886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 00877056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe

2017-07-13 08:26 - 2017-06-21 12:08 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 00753152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll

2017-07-13 08:26 - 2017-06-21 12:08 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll

2017-07-13 08:26 - 2017-06-21 12:07 - 07468544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2017-07-13 08:26 - 2017-06-21 12:07 - 06109696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll

2017-07-13 08:26 - 2017-06-21 12:07 - 00400384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll

2017-07-13 08:26 - 2017-06-21 12:07 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll

2017-07-13 08:26 - 2017-06-21 12:07 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll

2017-07-13 08:26 - 2017-06-21 12:06 - 02648576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll

2017-07-13 08:26 - 2017-06-21 12:06 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2017-07-13 08:26 - 2017-06-21 12:06 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Maps.dll

2017-07-13 08:26 - 2017-06-21 12:06 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll

2017-07-13 08:26 - 2017-06-21 12:06 - 00903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2017-07-13 08:26 - 2017-06-21 12:05 - 04149248 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 02740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 01656320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Perception.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 01369088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Phone.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 01232384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 00827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll

2017-07-13 08:26 - 2017-06-21 12:05 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll

2017-07-13 08:26 - 2017-06-21 12:04 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2017-07-13 08:26 - 2017-06-21 12:04 - 01886720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll

2017-07-13 08:26 - 2017-06-21 12:04 - 00773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2017-07-13 08:26 - 2017-06-21 12:04 - 00711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll

2017-07-13 08:26 - 2017-06-21 12:04 - 00654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll

2017-07-13 08:26 - 2017-06-21 12:04 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll

2017-07-13 08:26 - 2017-06-21 12:04 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll

2017-07-13 08:26 - 2017-06-21 12:04 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll

2017-07-13 08:26 - 2017-06-21 12:03 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Phone.dll

2017-07-13 08:26 - 2017-06-21 12:03 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll

2017-07-13 08:26 - 2017-06-21 12:03 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2017-07-13 08:26 - 2017-06-21 12:03 - 00691200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll

2017-07-13 08:26 - 2017-06-21 12:03 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2017-07-13 08:26 - 2017-06-21 12:02 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll

2017-07-13 08:26 - 2017-06-21 12:02 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll

2017-07-13 08:26 - 2017-06-21 12:01 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2017-07-13 08:26 - 2017-06-21 12:00 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll

2017-07-13 08:26 - 2017-06-21 11:40 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll

2017-07-13 08:26 - 2017-05-23 10:28 - 00448576 _____ C:\Windows\system32\ApnDatabase.xml

2017-07-13 08:26 - 2017-03-04 12:40 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe

2017-07-13 08:26 - 2017-03-04 12:26 - 00263472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll

2017-07-13 08:26 - 2017-03-04 11:56 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs3D.dll

2017-07-13 08:26 - 2017-03-04 11:53 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll

2017-07-13 08:26 - 2017-03-04 11:53 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll

2017-07-13 08:26 - 2017-03-04 11:51 - 01243136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.FaceAnalysis.dll

2017-07-13 08:26 - 2017-03-04 11:51 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll

2017-07-13 08:26 - 2017-03-04 11:50 - 00562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.SmartCards.dll

2017-07-13 08:26 - 2017-03-04 11:50 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll

2017-07-13 08:26 - 2017-03-04 11:50 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll

2017-07-13 08:26 - 2017-03-04 11:49 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll

2017-07-13 08:26 - 2017-03-04 11:48 - 00525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll

2017-07-13 08:26 - 2017-03-04 11:47 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll

2017-07-13 08:26 - 2017-03-04 11:46 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2017-07-13 08:26 - 2017-03-04 11:45 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll

2017-07-13 08:26 - 2017-03-04 11:42 - 04596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe

2017-07-13 08:26 - 2017-03-04 11:32 - 02138112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll

2017-07-13 08:25 - 2017-07-07 13:12 - 07781720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2017-07-13 08:25 - 2017-07-07 13:10 - 00376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys

2017-07-13 08:25 - 2017-07-07 13:02 - 00404824 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2017-07-13 08:25 - 2017-07-07 12:59 - 02759712 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2017-07-13 08:25 - 2017-07-07 12:58 - 00223584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2017-07-13 08:25 - 2017-07-07 12:53 - 01600624 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll

2017-07-13 08:25 - 2017-07-07 12:53 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll

2017-07-13 08:25 - 2017-07-07 12:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2017-07-13 08:25 - 2017-07-07 12:48 - 01100120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2017-07-13 08:25 - 2017-07-07 12:48 - 00057400 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2017-07-13 08:25 - 2017-07-07 12:44 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2017-07-13 08:25 - 2017-07-07 12:44 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2017-07-13 08:25 - 2017-07-07 12:41 - 00340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2017-07-13 08:25 - 2017-07-07 12:36 - 18364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll

2017-07-13 08:25 - 2017-07-07 12:35 - 19414528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2017-07-13 08:25 - 2017-07-07 12:30 - 12187136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2017-07-13 08:25 - 2017-07-07 12:28 - 07217152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll

2017-07-13 08:25 - 2017-07-07 12:27 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2017-07-13 08:25 - 2017-07-07 12:26 - 06035456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll

2017-07-13 08:25 - 2017-07-07 12:25 - 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2017-07-13 08:25 - 2017-07-07 12:24 - 02027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2017-07-13 08:25 - 2017-07-07 12:21 - 22569984 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll

2017-07-13 08:25 - 2017-07-07 12:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys

2017-07-13 08:25 - 2017-07-07 12:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll

2017-07-13 08:25 - 2017-07-07 12:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\eapprovp.dll

2017-07-13 08:25 - 2017-07-07 12:17 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll

2017-07-13 08:25 - 2017-07-07 12:16 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll

2017-07-13 08:25 - 2017-07-07 12:16 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2017-07-13 08:25 - 2017-07-07 12:15 - 00488960 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll

2017-07-13 08:25 - 2017-07-07 12:15 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll

2017-07-13 08:25 - 2017-07-07 12:15 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2017-07-13 08:25 - 2017-07-07 12:15 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2017-07-13 08:25 - 2017-07-07 12:14 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2017-07-13 08:25 - 2017-07-07 12:14 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll

2017-07-13 08:25 - 2017-07-07 12:14 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll

2017-07-13 08:25 - 2017-07-07 12:14 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2017-07-13 08:25 - 2017-07-07 12:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2017-07-13 08:25 - 2017-07-07 12:14 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll

2017-07-13 08:25 - 2017-07-07 12:13 - 01081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll

2017-07-13 08:25 - 2017-07-07 12:13 - 00431616 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll

2017-07-13 08:25 - 2017-07-07 12:13 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2017-07-13 08:25 - 2017-07-07 12:13 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2017-07-13 08:25 - 2017-07-07 12:12 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2017-07-13 08:25 - 2017-07-07 12:12 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll

2017-07-13 08:25 - 2017-07-07 12:09 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2017-07-13 08:25 - 2017-07-07 12:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe

2017-07-13 08:25 - 2017-07-07 12:04 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll

2017-07-13 08:25 - 2017-07-07 12:03 - 00576000 _____ (Microsoft® Windows® Operating System) C:\Windows\system32\wvc.dll

2017-07-13 08:25 - 2017-07-07 12:01 - 23676416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2017-07-13 08:25 - 2017-07-07 12:00 - 13090816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2017-07-13 08:25 - 2017-07-07 11:59 - 04749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll

2017-07-13 08:25 - 2017-07-07 11:59 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2017-07-13 08:25 - 2017-07-07 11:58 - 02096640 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2017-07-13 08:25 - 2017-07-07 11:58 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2017-07-13 08:25 - 2017-07-07 11:58 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2017-07-13 08:25 - 2017-07-07 11:58 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2017-07-13 08:25 - 2017-07-07 11:57 - 08120832 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll

2017-07-13 08:25 - 2017-07-07 11:55 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2017-07-13 08:25 - 2017-07-07 11:54 - 05388800 _____ (Microsoft) C:\Windows\system32\dbgeng.dll

2017-07-13 08:25 - 2017-07-07 11:54 - 04744704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2017-07-13 08:25 - 2017-07-07 11:54 - 03615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys

2017-07-13 08:25 - 2017-07-07 11:54 - 02895872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2017-07-13 08:25 - 2017-07-07 11:54 - 02217472 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll

2017-07-13 08:25 - 2017-07-07 11:54 - 01783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2017-07-13 08:25 - 2017-07-07 11:54 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys

2017-07-13 08:25 - 2017-07-07 11:52 - 01826816 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2017-07-13 08:25 - 2017-06-21 13:26 - 01405280 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll

2017-07-13 08:25 - 2017-06-21 13:25 - 02170720 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 01669984 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00822624 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe

2017-07-13 08:25 - 2017-06-21 13:24 - 00813408 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00758624 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00704352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00696160 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00603488 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll

2017-07-13 08:25 - 2017-06-21 13:24 - 00406368 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll

2017-07-13 08:25 - 2017-06-21 13:22 - 01886344 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2017-07-13 08:25 - 2017-06-21 13:21 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2017-07-13 08:25 - 2017-06-21 13:21 - 00434528 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2017-07-13 08:25 - 2017-06-21 13:20 - 00126304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys

2017-07-13 08:25 - 2017-06-21 13:18 - 02681200 _____ C:\Windows\system32\CoreUIComponents.dll

2017-07-13 08:25 - 2017-06-21 13:17 - 00764392 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll

2017-07-13 08:25 - 2017-06-21 13:10 - 01069720 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll

2017-07-13 08:25 - 2017-06-21 13:10 - 00328008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll

2017-07-13 08:25 - 2017-06-21 13:10 - 00224096 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll

2017-07-13 08:25 - 2017-06-21 13:08 - 01738560 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2017-07-13 08:25 - 2017-06-21 13:07 - 02446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2017-07-13 08:25 - 2017-06-21 13:07 - 01369240 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll

2017-07-13 08:25 - 2017-06-21 13:07 - 01157008 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll

2017-07-13 08:25 - 2017-06-21 13:07 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll

2017-07-13 08:25 - 2017-06-21 13:06 - 00624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2017-07-13 08:25 - 2017-06-21 13:05 - 02915704 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll

2017-07-13 08:25 - 2017-06-21 13:05 - 01267512 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll

2017-07-13 08:25 - 2017-06-21 13:01 - 04674360 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2017-07-13 08:25 - 2017-06-21 13:01 - 01277824 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2017-07-13 08:25 - 2017-06-21 13:01 - 00160096 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll

2017-07-13 08:25 - 2017-06-21 12:34 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll

2017-07-13 08:25 - 2017-06-21 12:33 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll

2017-07-13 08:25 - 2017-06-21 12:32 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.SystemManagement.dll

2017-07-13 08:25 - 2017-06-21 12:32 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll

2017-07-13 08:25 - 2017-06-21 12:31 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll

2017-07-13 08:25 - 2017-06-21 12:31 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\Family.Client.dll

2017-07-13 08:25 - 2017-06-21 12:31 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Family.Authentication.dll

2017-07-13 08:25 - 2017-06-21 12:31 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe

2017-07-13 08:25 - 2017-06-21 12:30 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Family.SyncEngine.dll

2017-07-13 08:25 - 2017-06-21 12:30 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\ProvisioningHandlers.dll

2017-07-13 08:25 - 2017-06-21 12:30 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SignInOptions.dll

2017-07-13 08:25 - 2017-06-21 12:30 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll

2017-07-13 08:25 - 2017-06-21 12:30 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.RetailInfo.dll

2017-07-13 08:25 - 2017-06-21 12:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.UserDeviceAssociation.dll

2017-07-13 08:25 - 2017-06-21 12:30 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll

2017-07-13 08:25 - 2017-06-21 12:29 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll

2017-07-13 08:25 - 2017-06-21 12:29 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll

2017-07-13 08:25 - 2017-06-21 12:29 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll

2017-07-13 08:25 - 2017-06-21 12:29 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll

2017-07-13 08:25 - 2017-06-21 12:29 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll

2017-07-13 08:25 - 2017-06-21 12:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\KdsCli.dll

2017-07-13 08:25 - 2017-06-21 12:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll

2017-07-13 08:25 - 2017-06-21 12:28 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll

2017-07-13 08:25 - 2017-06-21 12:28 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll

2017-07-13 08:25 - 2017-06-21 12:28 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll

2017-07-13 08:25 - 2017-06-21 12:28 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys

2017-07-13 08:25 - 2017-06-21 12:27 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFiDirect.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SerialCommunication.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\XamlTileRender.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll

2017-07-13 08:25 - 2017-06-21 12:27 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.SmartCards.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00568320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.LowLevel.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll

2017-07-13 08:25 - 2017-06-21 12:26 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll

2017-07-13 08:25 - 2017-06-21 12:25 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll

2017-07-13 08:25 - 2017-06-21 12:25 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll

2017-07-13 08:25 - 2017-06-21 12:25 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll

2017-07-13 08:25 - 2017-06-21 12:24 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll

2017-07-13 08:25 - 2017-06-21 12:24 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll

2017-07-13 08:25 - 2017-06-21 12:24 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll

2017-07-13 08:25 - 2017-06-21 12:24 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll

2017-07-13 08:25 - 2017-06-21 12:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll

2017-07-13 08:25 - 2017-06-21 12:23 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll

2017-07-13 08:25 - 2017-06-21 12:23 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll

2017-07-13 08:25 - 2017-06-21 12:23 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll

2017-07-13 08:25 - 2017-06-21 12:23 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll

2017-07-13 08:25 - 2017-06-21 12:23 - 00329728 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll

2017-07-13 08:25 - 2017-06-21 12:22 - 17198592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll

2017-07-13 08:25 - 2017-06-21 12:22 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll

2017-07-13 08:25 - 2017-06-21 12:22 - 00896512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll

2017-07-13 08:25 - 2017-06-21 12:22 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe

2017-07-13 08:25 - 2017-06-21 12:22 - 00560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll

2017-07-13 08:25 - 2017-06-21 12:22 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll

2017-07-13 08:25 - 2017-06-21 12:21 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll

2017-07-13 08:25 - 2017-06-21 12:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll

2017-07-13 08:25 - 2017-06-21 12:20 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll

2017-07-13 08:25 - 2017-06-21 12:20 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll

2017-07-13 08:25 - 2017-06-21 12:19 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll

2017-07-13 08:25 - 2017-06-21 12:19 - 01913856 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll

2017-07-13 08:25 - 2017-06-21 12:19 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll

2017-07-13 08:25 - 2017-06-21 12:19 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Energy.dll

2017-07-13 08:25 - 2017-06-21 12:18 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe

2017-07-13 08:25 - 2017-06-21 12:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll

2017-07-13 08:25 - 2017-06-21 12:17 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll

2017-07-13 08:25 - 2017-06-21 12:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll

2017-07-13 08:25 - 2017-06-21 12:17 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll

2017-07-13 08:25 - 2017-06-21 12:17 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll

2017-07-13 08:25 - 2017-06-21 12:17 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll

2017-07-13 08:25 - 2017-06-21 12:16 - 03290112 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll

2017-07-13 08:25 - 2017-06-21 12:16 - 00925184 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe

2017-07-13 08:25 - 2017-06-21 12:16 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\uReFSv1.dll

2017-07-13 08:25 - 2017-06-21 12:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll

2017-07-13 08:25 - 2017-06-21 12:16 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll

2017-07-13 08:25 - 2017-06-21 12:15 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll

2017-07-13 08:25 - 2017-06-21 12:14 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll

2017-07-13 08:25 - 2017-06-21 12:14 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll

2017-07-13 08:25 - 2017-06-21 12:13 - 00961536 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll

2017-07-13 08:25 - 2017-06-21 12:13 - 00953344 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe

2017-07-13 08:25 - 2017-06-21 12:13 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll

2017-07-13 08:25 - 2017-06-21 12:13 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe

2017-07-13 08:25 - 2017-06-21 12:12 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll

2017-07-13 08:25 - 2017-06-21 12:12 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll

2017-07-13 08:25 - 2017-06-21 12:12 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll

2017-07-13 08:25 - 2017-06-21 12:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll

2017-07-13 08:25 - 2017-06-21 12:12 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 01692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll

2017-07-13 08:25 - 2017-06-21 12:11 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll

2017-07-13 08:25 - 2017-06-21 12:10 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll

2017-07-13 08:25 - 2017-06-21 12:10 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll

2017-07-13 08:25 - 2017-06-21 12:10 - 01421824 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2017-07-13 08:25 - 2017-06-21 12:10 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2017-07-13 08:25 - 2017-06-21 12:10 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll

2017-07-13 08:25 - 2017-06-21 12:09 - 02916864 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll

2017-07-13 08:25 - 2017-06-21 12:09 - 02208768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.3D.dll

2017-07-13 08:25 - 2017-06-21 12:09 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll

2017-07-13 08:25 - 2017-06-21 12:09 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2017-07-13 08:25 - 2017-06-21 12:09 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll

2017-07-13 08:25 - 2017-06-21 12:09 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2017-07-13 08:25 - 2017-06-21 12:08 - 05611008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2017-07-13 08:25 - 2017-06-21 12:08 - 02695680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll

2017-07-13 08:25 - 2017-06-21 12:08 - 01275392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll

2017-07-13 08:25 - 2017-06-21 12:08 - 00908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll

2017-07-13 08:25 - 2017-06-21 12:07 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll

2017-07-13 08:25 - 2017-06-21 12:07 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll

2017-07-13 08:25 - 2017-06-21 12:07 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll

2017-07-13 08:25 - 2017-06-21 12:07 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll

2017-07-13 08:25 - 2017-06-21 12:06 - 02318848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2017-07-13 08:25 - 2017-06-21 12:06 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll

2017-07-13 08:25 - 2017-06-21 12:06 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll

2017-07-13 08:25 - 2017-06-21 12:06 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll

2017-07-13 08:25 - 2017-06-21 12:05 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll

2017-07-13 08:25 - 2017-06-21 12:05 - 01328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll

2017-07-13 08:25 - 2017-06-21 12:05 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll

2017-07-13 08:25 - 2017-06-21 12:04 - 01121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll

2017-07-13 08:25 - 2017-06-21 12:04 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll

2017-07-13 08:25 - 2017-06-21 12:04 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe

2017-07-13 08:25 - 2017-06-21 12:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll

2017-07-13 08:25 - 2017-03-04 11:58 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll

2017-07-13 08:25 - 2017-03-04 11:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll

2017-07-13 08:25 - 2017-03-04 11:50 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll

2017-07-13 08:25 - 2017-03-04 11:49 - 01589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll

2017-07-13 08:25 - 2017-03-04 11:44 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToReceiver.dll

2017-07-13 08:13 - 2017-07-13 08:55 - 253383016 _____ (Emsisoft Ltd. ) C:\Users\Anirudh\Downloads\EmsisoftAntiMalwareSetup_bc.exe

2017-07-13 08:11 - 2017-07-13 08:49 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Anirudh\Downloads\iExplore.exe

2017-07-12 20:53 - 2017-07-12 20:53 - 01663672 _____ (Malwarebytes) C:\Users\Anirudh\Downloads\JRT.exe

2017-07-12 20:12 - 2017-07-13 09:49 - 00026233 _____ C:\Users\Anirudh\Downloads\FRST.txt

2017-07-12 20:12 - 2017-07-12 20:12 - 00039198 _____ C:\Users\Anirudh\Downloads\Addition.txt

2017-07-12 20:11 - 2017-07-13 09:48 - 00000000 ____D C:\FRST

2017-07-12 20:11 - 2017-07-12 20:11 - 02435584 _____ (Farbar) C:\Users\Anirudh\Downloads\FRST64.exe

2017-07-12 19:59 - 2017-07-12 20:00 - 00784152 _____ (McAfee, Inc.) C:\Users\Anirudh\Downloads\rootkitremover.exe

2017-07-11 19:25 - 2017-07-11 19:25 - 00000054 ___RH C:\Users\Anirudh\Downloads\GetSusp.opt

2017-07-11 19:24 - 2017-07-11 19:24 - 02141761 _____ C:\Users\Anirudh\Downloads\gsusp_3A3790BA3276_071117_192443.zip

2017-07-11 19:24 - 2017-07-11 19:24 - 00001117 _____ C:\Users\Anirudh\Downloads\GetSusp.xml

2017-07-11 19:23 - 2017-07-11 19:24 - 01579552 _____ (McAfee Inc.) C:\Users\Anirudh\Downloads\GetSusp.exe

2017-07-11 19:07 - 2017-07-13 09:49 - 00058665 _____ C:\Windows\ZAM_Guard.krnl.trace

2017-07-11 19:07 - 2017-07-13 09:27 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware

2017-07-11 19:07 - 2017-07-11 19:32 - 00079867 _____ C:\Windows\ZAM.krnl.trace

2017-07-11 19:07 - 2017-07-11 19:07 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys

2017-07-11 19:06 - 2017-07-11 19:06 - 00000000 ____D C:\Users\Anirudh\AppData\Local\Zemana

2017-07-11 19:05 - 2017-07-11 19:06 - 06589840 _____ (Zemana Ltd. ) C:\Users\Anirudh\Downloads\Zemana.AntiMalware.Setup.exe

2017-07-11 09:11 - 2017-07-11 09:11 - 00010419 _____ C:\Users\Anirudh\Downloads\42038432_acknowledgement.pdf

2017-07-11 08:52 - 2017-07-11 08:52 - 00003818 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series

2017-07-11 08:52 - 2017-07-11 08:52 - 00002392 _____ C:\Users\Public\Desktop\HP Photosmart Plus B210 series.lnk

2017-07-11 08:52 - 2017-07-11 08:52 - 00001299 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Photosmart Plus B210 series.lnk

2017-07-11 08:52 - 2017-07-11 08:52 - 00000978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk

2017-07-11 08:52 - 2017-07-11 08:52 - 00000000 ____D C:\Users\Anirudh\AppData\Roaming\HpUpdate

2017-07-11 08:52 - 2017-07-11 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2017-07-11 08:52 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM8e11.dll

2017-07-11 08:50 - 2017-07-11 08:53 - 00000000 ____D C:\Users\Anirudh\AppData\Local\HP

2017-07-11 08:50 - 2017-07-11 08:52 - 00000000 ____D C:\Program Files (x86)\HP

2017-07-11 08:50 - 2017-07-11 08:50 - 00000057 _____ C:\ProgramData\Ament.ini

2017-07-11 08:50 - 2017-07-11 08:50 - 00000000 ____D C:\ProgramData\HP

2017-07-11 08:50 - 2017-07-11 08:50 - 00000000 ____D C:\Program Files\HP

2017-07-11 08:36 - 2017-07-11 08:36 - 00000000 ___RD C:\Users\Anirudh\Documents\Scanned Documents

2017-07-11 08:36 - 2017-07-11 08:36 - 00000000 ____D C:\Users\Anirudh\Documents\Fax

2017-07-10 10:37 - 2017-07-10 10:38 - 01815912 _____ C:\Users\Anirudh\Downloads\DSL-2730U_V1_Manual_v1.00(ME).pdf

2017-07-09 22:44 - 2017-07-09 22:46 - 07815315 _____ C:\Users\Anirudh\Downloads\ADM_206_DSL_2750U_ME_NOF_R1994_20170317_58d0be5de7054.zip

2017-07-09 19:42 - 2017-07-09 19:55 - 00000000 ____D C:\Users\Anirudh\AppData\Local\Google

2017-07-09 19:34 - 2017-07-09 19:34 - 00002286 _____ C:\Users\Anirudh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LogMeIn Rescue.lnk

2017-07-09 19:15 - 2017-07-09 19:31 - 00002286 _____ C:\Users\Anirudh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee.lnk

2017-07-09 08:44 - 2017-07-09 08:56 - 00000000 ____D C:\Users\Anirudh\Desktop\MAdC_x64

2017-07-09 08:22 - 2017-04-22 03:23 - 00029376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll

2017-07-09 08:22 - 2017-04-22 03:20 - 00030912 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll

2017-07-09 08:22 - 2017-04-22 03:20 - 00018592 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll

2017-07-09 08:22 - 2017-04-11 23:57 - 00690008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll

2017-07-09 08:22 - 2017-03-15 23:45 - 00485576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll

2017-07-09 08:21 - 2017-07-09 19:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet

2017-07-09 08:21 - 2017-04-22 03:23 - 00018600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll

2017-07-09 08:21 - 2017-04-11 23:57 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll

2017-07-09 08:21 - 2017-03-15 23:45 - 00987840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll

2017-07-09 08:20 - 2017-07-09 08:21 - 02035752 _____ (LogMeIn, Inc.) C:\Users\Anirudh\Downloads\Support-LogMeInRescue.exe

2017-07-08 11:42 - 2017-07-08 13:44 - 00000000 ____D C:\Music Lessons

2017-07-08 08:49 - 2017-07-08 08:49 - 00285456 _____ C:\Users\Anirudh\Downloads\Horoscope Anirudh.pdf

2017-07-07 10:06 - 2017-07-07 10:06 - 00001417 _____ C:\Users\Anirudh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk

2017-07-07 10:06 - 2017-07-07 10:06 - 00000000 ____D C:\Users\Anirudh\AppData\Local\UNP

2017-07-07 09:13 - 2017-07-07 09:14 - 00000000 ____D C:\Program Files\UNP

2017-07-07 09:13 - 2017-07-07 09:13 - 00000000 ____D C:\Windows\system32\UNP

2017-07-07 07:37 - 2017-07-13 09:27 - 00188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys

2017-07-07 07:36 - 2017-07-13 09:27 - 00253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2017-07-07 07:36 - 2017-07-13 09:27 - 00101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys

2017-07-07 07:36 - 2017-07-13 09:27 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2017-07-07 07:36 - 2017-07-13 09:27 - 00045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2017-07-07 07:36 - 2017-07-07 07:36 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-07-07 07:36 - 2017-07-07 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-07-07 07:36 - 2017-07-07 07:36 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-07-07 07:36 - 2017-07-07 07:36 - 00000000 ____D C:\Program Files\Malwarebytes

2017-07-07 07:36 - 2017-06-27 12:06 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys

2017-07-07 07:31 - 2017-07-07 07:36 - 65033984 _____ (Malwarebytes ) C:\Users\Anirudh\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe

2017-07-04 07:45 - 2017-07-13 07:33 - 00004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse

2017-07-04 07:45 - 2017-07-12 20:23 - 00004222 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse

2017-07-04 07:43 - 2017-07-04 07:43 - 00002128 _____ C:\Users\Public\Desktop\McAfee® Total Protection.lnk

2017-07-04 07:42 - 2017-07-13 09:32 - 00000000 __RSD C:\Users\Anirudh\Documents\McAfee Vaults

2017-07-04 07:42 - 2017-07-04 07:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2017-07-04 07:42 - 2017-07-04 07:42 - 00000000 ____D C:\Users\Anirudh\AppData\Local\McAfee File Lock

2017-07-04 07:42 - 2017-05-26 06:05 - 00088448 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys

2017-07-04 07:41 - 2017-05-31 13:06 - 00209608 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys

2017-07-04 07:40 - 2017-07-04 07:40 - 00003142 _____ C:\Windows\System32\Tasks\McAfeeLogon

2017-07-04 07:40 - 2017-07-04 07:40 - 00000000 ____D C:\ProgramData\Intel Security

2017-07-04 07:39 - 2017-07-04 07:43 - 00000000 ____D C:\Program Files (x86)\McAfee

2017-07-04 07:39 - 2017-07-04 07:42 - 00000000 ____D C:\Program Files\McAfee

2017-07-04 07:39 - 2017-07-04 07:39 - 00003442 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)

2017-07-04 07:39 - 2017-07-04 07:39 - 00000000 ____D C:\Windows\System32\Tasks\McAfee

2017-07-04 07:39 - 2017-07-04 07:39 - 00000000 ____D C:\Program Files\McAfee.com

2017-07-04 07:39 - 2017-07-04 07:39 - 00000000 ____D C:\Program Files\Common Files\Intel Security

2017-07-04 07:39 - 2017-07-04 07:39 - 00000000 ____D C:\Program Files\Common Files\AV

2017-07-04 07:36 - 2017-07-04 07:36 - 00000000 ____D C:\Software Serial Numbers

2017-07-04 07:31 - 2017-07-09 08:24 - 00000000 ____D C:\ProgramData\McAfee

2017-07-04 07:31 - 2017-07-04 07:41 - 00000000 ____D C:\Program Files\Common Files\McAfee

2017-07-04 07:31 - 2017-04-30 14:12 - 00343544 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe

2017-07-03 23:21 - 2017-07-03 23:21 - 00040304 _____ C:\Users\Anirudh\Downloads\Employment Verification Letter - Anirudh Shivaswamy.pdf

2017-07-03 19:21 - 2017-07-03 19:47 - 00000000 ____D C:\Program Files\DisplayLink Core Software

2017-07-03 19:21 - 2017-07-03 19:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_dlidusb_02_15_00.Wdf

2017-07-03 19:21 - 2017-07-03 19:21 - 00000000 ____D C:\ProgramData\DisplayLink

2017-07-01 04:25 - 2017-07-01 04:25 - 00100101 _____ C:\Users\Anirudh\Downloads\itinerary.pdf

2017-06-29 05:55 - 2017-06-29 05:55 - 00295640 _____ C:\Users\Anirudh\Downloads\e-Aadhar_821707345167.pdf

2017-06-28 06:26 - 2017-06-28 06:26 - 00185617 _____ C:\Users\Anirudh\Downloads\AGH_FSA_Distributions_form.pdf

2017-06-25 23:22 - 2017-06-25 23:22 - 00120714 _____ C:\Users\Anirudh\Downloads\noname

2017-06-25 22:00 - 2017-06-25 22:00 - 00000000 ____D C:\Users\Anirudh\AppData\Roaming\OpenOffice

2017-06-25 21:56 - 2017-06-25 21:56 - 00000000 ____D C:\Users\Anirudh\Desktop\OpenOffice 4.1.3 (en-US) Installation Files

2017-06-24 20:42 - 2017-06-24 20:42 - 02104573 _____ C:\Users\Anirudh\Downloads\YourAutoPolicy_Easier.pdf

2017-06-19 00:25 - 2017-06-19 00:25 - 01360352 _____ C:\Users\Anirudh\Downloads\LNU, Shivaswamy Anirudh Screenshots.pdf

2017-06-18 20:00 - 2017-06-18 20:00 - 00000000 ___SD C:\Windows\UpdateAssistantV2

2017-06-18 19:57 - 2017-06-16 14:26 - 00353336 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo50-9.dll

2017-06-18 17:50 - 2017-06-03 16:20 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2017-06-18 17:50 - 2017-06-03 15:46 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys

2017-06-18 17:50 - 2017-06-03 15:24 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys

2017-06-18 17:50 - 2017-06-03 15:22 - 01021784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll

2017-06-18 17:50 - 2017-06-03 15:22 - 00607072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll

2017-06-18 17:50 - 2017-06-03 15:22 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll

2017-06-18 17:50 - 2017-06-03 15:20 - 00381792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2017-06-18 17:50 - 2017-06-03 15:14 - 01412640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll

2017-06-18 17:50 - 2017-06-03 15:14 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe

2017-06-18 17:50 - 2017-06-03 15:03 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll

2017-06-18 17:50 - 2017-06-03 15:02 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2017-06-18 17:50 - 2017-06-03 15:01 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll

2017-06-18 17:50 - 2017-06-03 15:01 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2017-06-18 17:50 - 2017-06-03 14:58 - 00232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll

2017-06-18 17:50 - 2017-06-03 14:56 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBrokerUI.dll

2017-06-18 17:50 - 2017-06-03 14:52 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll

2017-06-18 17:50 - 2017-06-03 14:52 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll

2017-06-18 17:50 - 2017-06-03 14:45 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys

2017-06-18 17:50 - 2017-06-03 14:37 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll

2017-06-18 17:50 - 2017-06-03 14:35 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hnetcfg.dll

2017-06-18 17:50 - 2017-06-03 14:34 - 02006528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2017-06-18 17:50 - 2017-06-03 14:18 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll

2017-06-18 17:50 - 2017-03-04 11:46 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll

2017-06-18 17:49 - 2017-06-03 16:20 - 00192856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 01564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 01214816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00629088 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00544096 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00334176 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00233824 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll

2017-06-18 17:49 - 2017-06-03 15:44 - 00096608 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2017-06-18 17:49 - 2017-06-03 15:44 - 00034648 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe

2017-06-18 17:49 - 2017-06-03 15:41 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys

2017-06-18 17:49 - 2017-06-03 15:29 - 01181024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2017-06-18 17:49 - 2017-06-03 15:21 - 02187104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2017-06-18 17:49 - 2017-06-03 15:21 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2017-06-18 17:49 - 2017-06-03 15:19 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2017-06-18 17:49 - 2017-06-03 15:18 - 01112416 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll

2017-06-18 17:49 - 2017-06-03 15:18 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe

2017-06-18 17:49 - 2017-06-03 15:18 - 00989024 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe

2017-06-18 17:49 - 2017-06-03 15:18 - 00857952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll

2017-06-18 17:49 - 2017-06-03 15:18 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll

2017-06-18 17:49 - 2017-06-03 15:10 - 01566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll

2017-06-18 17:49 - 2017-06-03 15:10 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe

2017-06-18 17:49 - 2017-06-03 15:09 - 00455520 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe

2017-06-18 17:49 - 2017-06-03 14:53 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll

2017-06-18 17:49 - 2017-06-03 14:46 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll

2017-06-18 17:49 - 2017-06-03 14:46 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2017-06-18 17:49 - 2017-06-03 14:45 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll

2017-06-18 17:49 - 2017-06-03 14:44 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe

2017-06-18 17:49 - 2017-06-03 14:44 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe

2017-06-18 17:49 - 2017-06-03 14:44 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2017-06-18 17:49 - 2017-06-03 14:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll

2017-06-18 17:49 - 2017-06-03 14:40 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll

2017-06-18 17:49 - 2017-06-03 14:40 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\AuthBrokerUI.dll

2017-06-18 17:49 - 2017-06-03 14:39 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll

2017-06-18 17:49 - 2017-06-03 14:39 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll

2017-06-18 17:49 - 2017-06-03 14:38 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll

2017-06-18 17:49 - 2017-06-03 14:37 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\HNetCfgClient.dll

2017-06-18 17:49 - 2017-06-03 14:36 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll

2017-06-18 17:49 - 2017-06-03 14:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll

2017-06-18 17:49 - 2017-06-03 14:22 - 02510848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll

2017-06-18 17:49 - 2017-06-03 14:22 - 00975872 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe

2017-06-18 17:49 - 2017-06-03 14:21 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll

2017-06-18 17:49 - 2017-06-03 14:19 - 02475520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2017-06-18 17:49 - 2017-06-03 14:19 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2017-06-18 17:49 - 2017-06-03 14:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\hnetcfg.dll

2017-06-18 17:49 - 2017-06-03 14:18 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2017-06-18 17:49 - 2017-06-03 14:18 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2017-06-18 17:49 - 2017-06-03 11:38 - 00080078 _____ C:\Windows\system32\normidna.nls

2017-06-18 17:49 - 2017-05-25 11:26 - 00038752 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe

2017-06-18 17:49 - 2017-03-04 11:52 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll

2017-06-18 17:49 - 2017-03-04 11:49 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2017-06-18 17:49 - 2017-03-04 11:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll

2017-06-18 17:48 - 2017-06-18 17:48 - 02373944 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll

2017-06-16 14:26 - 2017-06-16 14:26 - 00436288 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll

2017-06-16 14:26 - 2017-06-16 14:26 - 00072760 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys

2017-06-16 14:26 - 2017-06-16 14:26 - 00069184 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys

2017-06-16 14:26 - 2017-06-16 14:26 - 00066112 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID_Aux.sys

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-07-13 09:36 - 2017-04-07 05:38 - 00062566 _____ C:\Windows\system32\InstallUtil.InstallLog

2017-07-13 09:32 - 2017-04-08 04:13 - 00000000 ___RD C:\Users\Anirudh\iCloudDrive

2017-07-13 09:32 - 2016-07-29 23:01 - 01369352 _____ C:\Windows\system32\PerfStringBackup.INI

2017-07-13 09:31 - 2017-04-07 05:33 - 00000000 __SHD C:\Users\Anirudh\IntelGraphicsProfiles

2017-07-13 09:31 - 2016-07-29 22:57 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-07-13 09:31 - 2016-07-16 17:17 - 00000000 ____D C:\Windows\AppReadiness

2017-07-13 09:27 - 2016-07-29 22:56 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2017-07-13 09:27 - 2016-07-29 22:55 - 00237888 _____ C:\Windows\system32\FNTCACHE.DAT

2017-07-13 09:27 - 2016-07-16 17:15 - 00000000 ____D C:\Windows\INF

2017-07-13 09:26 - 2016-07-16 11:34 - 00524288 _____ C:\Windows\system32\config\BBI

2017-07-13 09:25 - 2016-07-16 17:17 - 00000000 ___RD C:\Windows\ImmersiveControlPanel

2017-07-13 09:25 - 2016-07-16 17:17 - 00000000 ____D C:\Windows\system32\oobe

2017-07-13 09:25 - 2016-07-16 17:17 - 00000000 ____D C:\Windows\system32\appraiser

2017-07-13 09:25 - 2016-07-16 17:17 - 00000000 ____D C:\Windows\ShellExperiences

2017-07-13 09:25 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-07-13 09:25 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-07-13 08:57 - 2016-07-16 17:06 - 00000000 ____D C:\Windows\CbsTemp

2017-07-13 08:36 - 2016-07-29 22:56 - 00000000 ____D C:\Windows\system32\SleepStudy

2017-07-13 08:30 - 2016-07-16 17:17 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2017-07-13 08:29 - 2017-04-08 03:47 - 00000000 ____D C:\Windows\system32\MRT

2017-07-13 08:27 - 2017-04-08 03:47 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2017-07-13 07:52 - 2017-03-06 11:34 - 00244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2017-07-13 07:52 - 2017-03-06 11:34 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll

2017-07-13 07:52 - 2016-07-16 17:13 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll

2017-07-13 07:51 - 2017-03-06 11:34 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll

2017-07-13 07:51 - 2017-03-06 11:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll

2017-07-13 07:51 - 2017-03-06 11:34 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Energy.dll

2017-07-13 07:51 - 2017-03-06 11:34 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll

2017-07-13 07:33 - 2017-04-08 04:16 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{010E9C74-C7BC-457E-AF10-F0A996C6A571}

2017-07-12 19:13 - 2016-07-16 17:17 - 00000000 ___HD C:\Program Files\WindowsApps

2017-07-11 19:20 - 2017-04-07 05:31 - 00000000 ____D C:\Users\Anirudh

2017-07-11 09:11 - 2017-06-04 03:52 - 00000000 ____D C:\Immigration

2017-07-11 06:22 - 2017-04-08 04:13 - 00003508 _____ C:\Windows\System32\Tasks\Apple Diagnostics

2017-07-10 13:40 - 2016-07-16 17:17 - 00000000 ___SD C:\Windows\Downloaded Program Files

2017-07-09 09:51 - 2016-07-16 17:17 - 00000000 ____D C:\Windows\rescache

2017-07-09 08:51 - 2017-04-07 05:33 - 00000000 ____D C:\Users\Anirudh\AppData\Local\Packages

2017-07-07 21:29 - 2017-03-06 10:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

2017-07-06 22:46 - 2016-07-16 17:17 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2017-07-05 07:20 - 2017-06-11 23:38 - 00000000 ____D C:\Travel

2017-07-04 07:40 - 2016-07-16 17:17 - 00000000 ___HD C:\Windows\ELAMBKUP

2017-06-30 20:16 - 2016-07-16 17:19 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2017-06-30 20:16 - 2016-07-16 17:19 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2017-06-28 05:48 - 2017-04-12 07:08 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-06-28 05:48 - 2017-04-12 07:08 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2017-06-25 21:56 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2017-06-22 03:49 - 2017-04-07 05:35 - 00003294 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2

2017-06-22 03:49 - 2017-04-07 05:34 - 00002376 _____ C:\Users\Anirudh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-06-22 03:49 - 2017-04-07 05:34 - 00000000 ___RD C:\Users\Anirudh\OneDrive

2017-06-16 14:26 - 2017-05-04 09:26 - 00287808 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll

2017-06-16 14:26 - 2017-03-06 11:34 - 00072760 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys

2017-06-16 14:26 - 2017-03-06 11:29 - 01804656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll

2017-06-16 14:26 - 2017-03-06 11:29 - 00940096 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys

2017-06-16 14:26 - 2017-03-06 11:29 - 00812608 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll

 

==================== Files in the root of some directories =======

 

2017-07-11 08:50 - 2017-07-11 08:50 - 0000057 _____ () C:\ProgramData\Ament.ini

2017-03-06 10:40 - 2017-03-06 10:40 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

 

==================== Bamital & volsnap ======================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2017-07-08 12:33

 

==================== End of FRST.txt ============================

 

Addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2017

Ran by Anirudh (13-07-2017 09:49:56)

Running from C:\Users\Anirudh\Downloads

Windows 10 Pro Version 1607 (X64) (2017-04-07 00:00:05)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-593203095-4031235406-2349664980-500 - Administrator - Disabled)

Anirudh (S-1-5-21-593203095-4031235406-2349664980-1001 - Administrator - Enabled) => C:\Users\Anirudh

DefaultAccount (S-1-5-21-593203095-4031235406-2349664980-503 - Limited - Disabled)

defaultuser0 (S-1-5-21-593203095-4031235406-2349664980-1000 - Limited - Disabled) => C:\Users\defaultuser0

Guest (S-1-5-21-593203095-4031235406-2349664980-501 - Limited - Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D}

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}

AS: Emsisoft Anti-Malware (Enabled - Up to date) {CB7D53ED-CD86-A552-2B56-E5019C280620}

AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)

Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.1.3973 - Lenovo)

Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.4 - Emsisoft Ltd.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden

HP Photosmart Plus B210 series Basic Device Software (HKLM\...\{5B17980C-5C44-45D0-80A5-665FD9E776A9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart Plus B210 series Help (HKLM-x32\...\{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}) (Version: 140.0.54.54 - Hewlett Packard)

HP Photosmart Plus B210 series Product Improvement Study (HKLM\...\{0C87AEBC-E9FD-4232-9386-54C4F8ECCCDF}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)

Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1050 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{544ecb18-5d76-44bb-ac33-8d06719e39e7}) (Version: 19.20.0 - Intel Corporation)

Intel® Software Guard Extensions Platform Software (HKLM\...\{2DF17C75-9627-4213-8612-17955E92F782}) (Version: 1.6.101.32869 - Intel Corporation)

iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)

Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.10 - Lenovo) Hidden

Lenovo Dynamic Power Reduction Utility (HKLM-x32\...\{AE8B5056-56D3-4F92-B31B-BCE3430678EA}) (Version: 1.0.0.26 - Lenovo)

Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.86.06 - Lenovo) Hidden

Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.24 - Lenovo) Hidden

Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden

Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)

Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.145 - McAfee, Inc.)

McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.)

Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.8229.2073 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-593203095-4031235406-2349664980-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version:  - )

Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.1-15030 - Synology)

Thunderbolt™ Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)

Uplay (HKLM-x32\...\Uplay) (Version: 31.0 - Ubisoft)

Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)

Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-593203095-4031235406-2349664980-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Anirudh\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-593203095-4031235406-2349664980-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Anirudh\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File

ContextMenuHandlers01: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)

ContextMenuHandlers01: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-05-09] (Apple Inc.)

ContextMenuHandlers02: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} =>  -> No File

ContextMenuHandlers02: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers03: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} =>  -> No File

ContextMenuHandlers03: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki120593.inf_amd64_9294e08afbba82a7\igfxDTCM.dll [2017-02-02] (Intel Corporation)

ContextMenuHandlers06: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} =>  -> No File

ContextMenuHandlers06: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

ContextMenuHandlers06: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {043F95FB-6E34-4BE2-B549-7F059D48B629} - System32\Tasks\McAfee\McAfee Idle Detection Task

Task: {091ADE3D-C667-4B64-A320-0A049082B3C2} - System32\Tasks\Intel-IMSS => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [2017-01-15] (Intel Corporation)

Task: {0BC122D1-F985-4064-BA4C-B3460EC725BA} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-07-04] (McAfee, Inc.)

Task: {1B96881E-6DE9-4595-9286-B1B08D3067EC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe

Task: {25D9FF36-6F6C-4248-B556-8D05A6CE7561} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService

Task: {29B79977-DB2C-4665-BD3F-F7D4B903BC76} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [2016-12-07] (Conexant Systems, Inc.)

Task: {29E3FB55-29C5-409D-B786-21297348CC4E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService

Task: {2BD250EE-5803-492C-8E2A-DE2FF047C7DA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c9b6b5a7-6902-45b7-8b3f-ac1796be516b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)

Task: {2DC52FB3-58AF-4EF6-8F21-8F60E2BD9DFE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-06] ()

Task: {395DF0B3-6235-4FD2-B1EB-84010813E1F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)

Task: {49E5CE5D-FF3F-4315-97D9-13F78D987E62} - System32\Tasks\HPCustParticipation HP Photosmart Plus B210 series => C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {4D40F440-E632-4741-ACB4-3F46AD2B4252} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)

Task: {5DE0B031-BEEF-4EBD-BC40-3363BAB034D2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-593203095-4031235406-2349664980-1001Core => C:\Users\Anirudh\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {623E7D22-8A32-4153-ACCE-E5216B5E1FD0} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe

Task: {639F7560-72E1-4EA1-B426-90DD21D0DE41} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe

Task: {69C1E505-D84F-445F-8E1A-69219D8C4EDD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)

Task: {7E560D9B-2E56-4699-B357-01C3C7BA10F1} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-04-12] (McAfee, Inc.)

Task: {86ADCE8F-F538-4F7A-9962-51F71CA9D8E9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-15] (Apple Inc.)

Task: {86F468A7-07F7-4089-AB01-4EFEC442B62A} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [2016-07-05] (Conexant Systems, Inc.)

Task: {8D57B7D7-F0C1-4145-A0B4-77F92DDE3318} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-07-04] (McAfee, Inc.)

Task: {9C0A9C7A-1EBD-49E8-B7BB-D22A87CF1092} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)

Task: {ACC801CC-114B-4D77-A184-40B6F1D2600F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-05-09] (Apple Inc.)

Task: {AD814BF2-4A16-48FF-91B9-6BB9E82792E1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)

Task: {BFBA8DA3-FB95-4F89-AF88-DD30A122DE1D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\62fff0e2-f526-4452-a165-78c7cd1c0949 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)

Task: {D8BA6661-4BAD-4CE5-BFAA-6B6EAFADDFBD} - System32\Tasks\Lenovo Active Protection System => C:\Windows\system32\TpShUI.exe [2017-01-14] (Lenovo.)

Task: {DF25844A-297B-47C3-AA5B-822EBC4DDD71} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-593203095-4031235406-2349664980-1001UA => C:\Users\Anirudh\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {E636765A-3D6D-40B9-9665-15C90AC32492} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-06] ()

Task: {E82DB3AC-F172-4E97-98D0-9B951E9B67F2} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent

Task: {FAB029E0-0293-4B00-A703-A938228A9406} - System32\Tasks\Lenovo\Lenovo Settings Power => Rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor

Task: {FAFC5A90-D1B2-474E-BC64-8C9E0683DC57} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)

Task: {FB9E6545-2A7F-42BB-8850-AB3C1097DBA1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32

Task: {FC2EAE34-C1A5-46AA-A657-E483A6F024A8} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-14] (Intel® Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\Lenovo Active Protection System.job => TpShUI exetWORKGROUP WIN JP6EEIS5BAL 00

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

 

==================== Loaded Modules (Whitelisted) ==============

 

2016-07-16 17:12 - 2016-07-16 17:12 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll

2017-07-13 08:25 - 2017-06-21 13:18 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll

2017-03-17 01:38 - 2017-03-17 01:38 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-05-09 10:14 - 2017-05-09 10:14 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2017-01-18 11:01 - 2017-01-18 11:01 - 00248856 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

2017-07-04 07:41 - 2017-06-11 13:00 - 00583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll

2017-07-04 07:41 - 2017-06-11 12:59 - 00574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll

2017-07-04 07:41 - 2017-06-11 13:00 - 00571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll

2017-03-06 10:41 - 2017-07-06 22:43 - 08932040 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll

2017-03-06 11:35 - 2017-04-28 17:33 - 00200560 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL

2017-03-06 11:34 - 2017-03-06 11:34 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll

2017-04-08 03:45 - 2017-03-04 12:01 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

2017-04-08 03:45 - 2017-03-04 11:42 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-04-08 03:45 - 2017-03-04 11:35 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-04-08 03:45 - 2017-03-04 11:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll

2017-07-13 08:25 - 2017-06-21 12:06 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2017-07-13 08:25 - 2017-06-21 12:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2017-07-13 08:25 - 2017-06-21 12:07 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2017-06-22 03:49 - 2017-06-22 03:49 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe

2017-06-22 03:49 - 2017-06-22 03:49 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll

2017-06-22 03:49 - 2017-06-22 03:49 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll

2017-06-22 03:49 - 2017-06-22 03:49 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll

2017-05-09 12:35 - 2017-05-09 12:35 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll

2017-05-09 12:35 - 2017-05-09 12:35 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll

2017-06-02 03:52 - 2017-06-02 03:52 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-06-22 03:49 - 2017-06-22 03:49 - 10628608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll

2017-06-22 03:49 - 2017-06-22 03:49 - 02640384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll

2017-07-01 03:47 - 2017-07-01 03:48 - 00018944 _____ () C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.79.0.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe

2017-05-29 19:54 - 2017-05-29 19:54 - 03918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe

2017-07-11 21:56 - 2017-07-11 21:57 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2017-07-11 21:56 - 2017-07-11 21:57 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2017-07-11 21:56 - 2017-07-11 21:57 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll

2017-07-11 21:56 - 2017-07-11 21:57 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll

2017-07-11 21:56 - 2017-07-11 21:57 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll

2017-07-11 21:56 - 2017-07-11 21:57 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll

2017-06-02 03:52 - 2017-06-02 03:52 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-06-06 06:14 - 2017-06-06 06:14 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll

2017-04-07 06:24 - 2017-04-07 06:24 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll

2017-07-11 21:56 - 2017-07-11 21:57 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll

2017-05-13 21:07 - 2017-05-13 21:08 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll

2017-06-28 05:48 - 2017-06-23 08:51 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll

2017-06-28 05:48 - 2017-06-23 08:51 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll

2017-01-15 23:06 - 2017-01-15 23:06 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2017-05-09 10:15 - 2017-05-09 10:15 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2017-05-09 10:14 - 2017-05-09 10:14 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

2017-03-17 01:39 - 2017-03-17 01:39 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2017-07-01 03:47 - 2017-07-01 03:48 - 25001472 _____ () C:\Program Files\WindowsApps\E046963F.LenovoCompanion_3.79.0.0_x86__k1h2ywk1493x8\Lenovo.Discovery.dll

2015-12-02 22:28 - 2015-11-17 00:02 - 00919040 _____ () C:\Windows\mod_frst.exe

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2016-07-16 17:17 - 2017-07-09 08:51 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-593203095-4031235406-2349664980-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg

DNS Servers: 87.117.234.36 - 8.8.8.8

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{E801A5DE-EC87-40CF-BDE1-D0BD87F70F2D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

FirewallRules: [{2DF42990-D70A-4FA6-A373-0CA6586A8C33}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{0C1E7410-4FEC-48CE-84B5-5EE42E8F43A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{2800C389-7704-4209-BD1A-A4AAB8804E1A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{C7E4C0E4-F644-43C9-A380-205A2325B8BE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{139C6B9D-1B80-428E-A7A8-8C5F7BD555B6}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe

FirewallRules: [UDP Query User{A9BB39C9-F0C0-4B38-97AD-4CE637E6B727}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe

FirewallRules: [{D0FE5473-679F-452F-8745-A43F9AD095FB}] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe

FirewallRules: [{8BA6A985-2E27-4A8E-B94E-48CAB2B2C991}] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe

FirewallRules: [{FD5D0B40-1EA9-429F-AF7D-E6163879E671}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe

FirewallRules: [{1BB8B860-6778-4BE6-BF1C-E5A9EF6AB832}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe

FirewallRules: [{E2A54EFE-8513-4552-9DE2-F1F6BD4DC501}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe

FirewallRules: [{B553FEAF-82FC-459B-8049-E7F544E5962E}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{DFED6AA5-D29A-4807-92D5-DA47FFCC31B9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{79CCAF6F-38AC-412A-97C2-086E8D02AD4E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

FirewallRules: [{D432D66B-EE96-4A93-8BAB-15BCD38C1CBE}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\DeviceSetup.exe

FirewallRules: [{99A66604-EAEA-4790-8CE7-1D4151A071BC}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{7F955DC9-65C6-48EC-B432-43C157CDD51D}] => (Allow) C:\Program Files\HP\HP Photosmart Plus B210 series\Bin\HPNetworkCommunicatorCom.exe

 

==================== Restore Points =========================

 

07-07-2017 06:42:37 Scheduled Checkpoint

09-07-2017 08:44:51 First Restore Point

11-07-2017 08:46:58 Removed OpenOffice 4.1.3

13-07-2017 08:29:21 McAfee Vulnerability Scanner

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/13/2017 09:39:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 3922

 

Error: (07/13/2017 09:39:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 3922

 

Error: (07/13/2017 09:39:43 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/13/2017 09:27:47 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)

Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-PJ68EBFL$ via https://IFX-KeyId-32c6e576663fee80d64cdd7b18e5603863b3bc8a.microsoftaik.azure.net/templates/Aik/scep failed:

 

GetCACaps

GetCACaps: Not Found

{"Message":"The authority \"ifx-keyid-32c6e576663fee80d64cdd7b18e5603863b3bc8a.microsoftaik.azure.net\" does not exist."}

Cache-Control: no-cache

Date: Thu, 13 Jul 2017 03:57:51 GMT

Pragma: no-cache

Content-Length: 121

Content-Type: application/json; charset=utf-8

Expires: -1

Server: Microsoft-IIS/8.5

x-ms-request-id: d0ed8556-3016-4d0e-a4fb-078271944c29

Strict-Transport-Security: max-age=31536000;includeSubDomains

X-Content-Type-Options: nosniff

X-Powered-By: ASP.NET

 

Method: GET(2687ms)

Stage: GetCACaps

Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

 

Error: (07/13/2017 09:04:08 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating Malwarebytes status to SECURITY_PRODUCT_STATE_OFF (error %3).

 

Error: (07/13/2017 08:31:03 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

 

Error: (07/13/2017 08:29:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

.

 

Error: (07/13/2017 07:53:49 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating McAfee Firewall status to SECURITY_PRODUCT_STATE_ON (error %3).

 

Error: (07/13/2017 07:53:49 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating McAfee VirusScan status to SECURITY_PRODUCT_STATE_ON (error %3).

 

Error: (07/13/2017 07:53:49 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating McAfee VirusScan status to SECURITY_PRODUCT_STATE_ON (error %3).

 

 

System errors:

=============

Error: (07/13/2017 09:39:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 

{D63B10C5-BB46-4990-A94F-E40B9D520160}

 and APPID 

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Error: (07/13/2017 09:33:45 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PJ68EBFL)

Description: The server {6A28A945-790C-4B68-B0F4-34EEB1626EE3} did not register with DCOM within the required timeout.

 

Error: (07/13/2017 09:31:45 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Dolby DAX2 API Service service terminated with the following error: 

Security must be initialized before any interfaces are marshalled or unmarshalled. It cannot be changed once initialized.

 

Error: (07/13/2017 09:31:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

 and APPID 

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Error: (07/13/2017 09:31:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

 and APPID 

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Error: (07/13/2017 09:31:27 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 

{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

 and APPID 

{F72671A9-012C-4725-9D2F-2A4D32D65169}

 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Error: (07/13/2017 09:27:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Dolby DAX2 API Service service terminated with the following error: 

Security must be initialized before any interfaces are marshalled or unmarshalled. It cannot be changed once initialized.

 

Error: (07/13/2017 09:22:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 

{D63B10C5-BB46-4990-A94F-E40B9D520160}

 and APPID 

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

Error: (07/13/2017 08:22:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Interactive Services Detection service terminated with the following error: 

Incorrect function.

 

Error: (07/13/2017 07:53:25 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 

{3185A766-B338-11E4-A71E-12E3F512A338}

 and APPID 

{7006698D-2974-4091-A424-85DD0B909E23}

 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

 

 

CodeIntegrity:

===================================

  Date: 2017-07-13 09:39:39.579

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:38:04.961

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:38:03.490

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:38:00.091

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:37:56.493

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:37:56.385

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:37:56.340

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:28:55.930

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:28:55.711

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Microsoft signing level requirements.

 

  Date: 2017-07-13 09:28:55.107

  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core™ i5-7300U CPU @ 2.60GHz

Percentage of memory in use: 48%

Total physical RAM: 8031.34 MB

Available physical RAM: 4144.96 MB

Total Virtual: 8543.34 MB

Available Virtual: 4286.45 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:237.23 GB) (Free:190.29 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 238.5 GB) (Disk ID: CFFF91B4)

 

Partition: GPT.

 

==================== End of Addition.txt ============================


Edited by sanirudh, 13 July 2017 - 12:51 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,752 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:34 AM

Posted 14 July 2017 - 07:57 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Check with your provider is these IP addresses in bold are needed.

Tcpip\Parameters: [DhcpNameServer] 87.117.234.36 8.8.8.8
Tcpip\..\Interfaces\{00329dd3-b963-4766-a373-9df3f3388a80}: [DhcpNameServer] 87.117.234.36 8.8.8.8
https://who.is/whois-ip/ip-address/87.117.234.36
===

Tcpip\..\Interfaces\{de5c7f6a-f25c-4241-b6fd-bf4733ff2ce5}: [DhcpNameServer] 150.206.1.2
https://who.is/whois-ip/ip-address/150.206.1.2

===

If not then reset your router.

It may be infected.

How to Reset a Router Back to the Factory Default Settings
http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html

Then, please reconfigure it back to your preferred setting.. Below is the list of default username and password, should you don't know it ;)

http://www.routerpasswords.com/
http://www.phenoelit-us.org/dpl/dpl.html
===

Reset for Linksys, Netgear, D-Link and Belkin Routers
http://www.techsupportforum.com/2763-reset-for-linksys-netgear-d-link-and-belkin-routers/

====
How to tell if my Wireless is secure.
http://www.ehow.com/how_6775466_tell-wireless-secure_.html

===

If the problem persists run this tool.

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

Let me know what problem persists.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users