Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?


  • This topic is locked This topic is locked
5 replies to this topic

#1 kLixd

kLixd

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 20 August 2017 - 03:54 PM

My mouse has been moving at random today, so much so that I went ahead and reset my PC, yet its still happening.

 

I've tried all the basic checks, I tried netstat -ano and checking PID but nothing matched up (or pointed me towards the direction that I may be infected), I also scanned my PC on multiple occasions using CCleaner/Malwarebytes and Windows Defender but they all picked up nothing. I've been looking online and some people have said it could just be my mouse malfunctioning, though I find this hard to believe. The mouse just starts moving in a random pattern every 15 minutes or so (it's not consistent, happens randomly.)

 

I was playing H1 earlier and I just started aiming in/out and then shot, it's frustrating because I believe I am infected, though I can't work it out in any way. I've tried everything I can think of, I've even reset my PC but the problem persists - could anyone offer tips? Or do you really think it is just my mouse?

 

Thank you.

 

EDIT: Tried a different mouse, happened again.

 

The logs I received:

 

'FRST.txt': https://pastebin.com/sQ8HKkTr

'Additional.txt': https://pastebin.com/njXZE810

 

Any help is much appreciated. Just to let you know my firewall was initially activated, aswell as my other defender programs, I had to disable them in order to download the program. I also apologise for the torrenting program.  :tophat:


Edited by Chris Cosgrove, 20 August 2017 - 05:47 PM.
Moved from AII to 'Virus, trojan etc. logs'


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:52 AM

Posted 23 August 2017 - 09:35 PM

Greetings kLixd and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please boot into Safe Mode with Networking and tell me if the symptoms exist.

Copy and paste the contents of the 2 FRST reports directly into your reply, posting each report in a separate reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 kLixd

kLixd
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:52 AM

Posted 24 August 2017 - 03:49 PM


The problem is the mouse movements are completely random, they may not happen for hours - I'm not sure if I want to start safe mode and watch my mouse for hours to see if there's any movement.
 
First:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Haashim (administrator) on DESKTOP-DUELSDG (20-08-2017 21:59:14)
Running from C:\Users\Haashim\Downloads
Loaded Profiles: Haashim (Available Profiles: Haashim)
Platform: Windows 10 Pro Version 1703 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Discord Inc.) C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\Discord.exe
(Discord Inc.) C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\Discord.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(BitTorrent Inc.) C:\Users\Haashim\AppData\Roaming\uTorrent\uTorrent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\Haashim\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\Haashim\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Discord Inc.) C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\Run: [Discord] => C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Technologies S.A.)
HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\Run: [uTorrent] => C:\Users\Haashim\AppData\Roaming\uTorrent\uTorrent.exe [2150336 2017-08-20] (BitTorrent Inc.)
HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\RunOnce: [Uninstall 17.3.6816.0313\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Haashim\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\amd64"
HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\RunOnce: [Uninstall 17.3.6816.0313] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Haashim\AppData\Local\Microsoft\OneDrive\17.3.6816.0313"
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{9f60fb09-2fbc-43bc-acb7-cbb7cab642ef}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKU\S-1-5-21-4085880106-454035757-358029552-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://uk.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_btrnt_17_33&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dgb%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1Qzu0CyEtDyEtCyDzzyDyDyEyCyD0AtByC0CtN0D0Tzu0StBtDyDzztN1L2XzutAtFtBzytFtAtFyDtAtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAtCtAyDtDyDzz0AtGyDyCyBtCtGzz0EyCyCtGyByBzzyCtG0CzzyDzzyD0F0ByB0C0D0B0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtC0FyBtC0F0A0DtGyDtAzzyCtGyEtA0A0AtG0B0FtDzztGyBtB0B0DyBzz0E0A0BzztB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtAzzzzyE%26cr%3D505975848%26a%3Dwny_btrnt_17_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro&p={searchTerms}
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-20] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-20] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-20] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-20] (Google Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default [2017-08-20]
CHR Extension: (Google Slides) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-20]
CHR Extension: (Google Docs) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-20]
CHR Extension: (Google Drive) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-20]
CHR Extension: (YouTube) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-20]
CHR Extension: (Google Sheets) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-20]
CHR Extension: (Google Docs Offline) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-20]
CHR Extension: (Search Manager) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2017-08-20]
CHR Extension: (Gmail) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\Haashim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-20]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4085880106-454035757-358029552-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-20] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-20] (AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-08-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0312242.inf_amd64_dba99477e2b8819f\atikmdag.sys [32703512 2017-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0312242.inf_amd64_dba99477e2b8819f\atikmpag.sys [525848 2017-03-21] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-08-20] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-20] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-08-20] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-08-20] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-08-20] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-08-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-08-20] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-08-20] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-08-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-20] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [101376 2016-12-08] (Advanced Micro Devices)
S3 ElcMouLFlt; C:\WINDOWS\System32\drivers\ElcMouLFlt.sys [27128 2015-09-03] (ELECOM)
S3 ElcMouUFlt; C:\WINDOWS\System32\drivers\ElcMouUFlt.sys [26104 2015-09-03] (ELECOM)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 t_mouse.sys; C:\WINDOWS\System32\drivers\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-20 21:59 - 2017-08-20 21:59 - 000017138 _____ C:\Users\Haashim\Downloads\FRST.txt
2017-08-20 21:58 - 2017-08-20 21:59 - 000000000 ____D C:\FRST
2017-08-20 21:58 - 2017-08-20 21:58 - 002395648 _____ (Farbar) C:\Users\Haashim\Downloads\FRST64.exe
2017-08-20 21:56 - 2017-08-20 21:57 - 001792512 _____ (Farbar) C:\Users\Haashim\Downloads\FRST.exe
2017-08-20 21:56 - 2017-08-20 21:56 - 001791696 _____ (Farbar) C:\Users\Haashim\Downloads\Unconfirmed 714009.crdownload
2017-08-20 21:55 - 2017-08-20 21:55 - 001785132 _____ (Farbar) C:\Users\Haashim\Downloads\Unconfirmed 360635.crdownload
2017-08-20 21:48 - 2017-08-20 21:49 - 000000000 ____D C:\Users\Haashim\Downloads\Brooklyn.NIne-Nine.Season.3
2017-08-20 21:45 - 2017-08-20 21:45 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4085880106-454035757-358029552-1001
2017-08-20 21:44 - 2017-08-20 21:44 - 000000000 ____D C:\Users\Haashim\AppData\LocalLow\uTorrent
2017-08-20 21:42 - 2017-08-20 21:42 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-08-20 21:42 - 2017-08-20 21:42 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-08-20 21:42 - 2017-08-20 21:42 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-08-20 21:42 - 2017-08-20 21:42 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-08-20 21:42 - 2017-08-20 21:42 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\AVAST Software
2017-08-20 21:42 - 2017-08-20 21:41 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-08-20 21:42 - 2017-08-20 21:41 - 000320008 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-08-20 21:42 - 2017-08-20 21:41 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-08-20 21:42 - 2017-08-20 21:41 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-08-20 21:41 - 2017-08-20 21:41 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-20 21:40 - 2017-08-20 21:58 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\uTorrent
2017-08-20 21:40 - 2017-08-20 21:41 - 000000000 ____D C:\Users\Haashim\AppData\Local\{50DD6681-7475-0A39-19ED-2FD13D85D349}
2017-08-20 21:40 - 2017-08-20 21:40 - 000000898 _____ C:\Users\Haashim\Desktop\µTorrent.lnk
2017-08-20 21:40 - 2017-08-20 21:40 - 000000878 _____ C:\Users\Haashim\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-08-20 21:39 - 2017-08-20 21:39 - 001733104 _____ (BitTorrent Inc.) C:\Users\Haashim\Downloads\uTorrent.exe
2017-08-20 21:32 - 2017-08-20 21:33 - 000000000 ____D C:\AdwCleaner
2017-08-20 21:32 - 2017-08-20 21:32 - 008185288 _____ (Malwarebytes) C:\Users\Haashim\Downloads\adwcleaner_7.0.1.0.exe
2017-08-20 20:46 - 2017-08-20 21:42 - 068419584 _____ C:\WINDOWS\system32\config\SOFTWARE
2017-08-20 20:45 - 2017-08-20 20:46 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-08-20 20:29 - 2017-08-20 20:31 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\TS3Client
2017-08-20 20:28 - 2017-08-20 20:28 - 069410168 _____ (TeamSpeak Systems GmbH) C:\Users\Haashim\Downloads\TeamSpeak3-Client-win32-3.1.6.exe
2017-08-20 20:28 - 2017-08-20 20:28 - 000001231 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-08-20 20:28 - 2017-08-20 20:28 - 000000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2017-08-20 20:22 - 2017-08-20 20:22 - 000000200 _____ C:\Users\Haashim\Downloads\prayer_slots.rlc
2017-08-20 20:21 - 2017-08-20 21:42 - 000000024 _____ C:\Users\Haashim\random.dat
2017-08-20 20:21 - 2017-08-20 20:23 - 000000000 ____D C:\Windows.old
2017-08-20 20:21 - 2017-08-20 20:21 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-08-20 20:21 - 2017-08-20 20:21 - 000000046 _____ C:\Users\Haashim\jagex_cl_oldschool_LIVE.dat
2017-08-20 20:21 - 2017-08-20 20:21 - 000000000 ____D C:\WINDOWS\Setup
2017-08-20 20:21 - 2017-08-20 20:21 - 000000000 ____D C:\WINDOWS\InfusedApps
2017-08-20 20:21 - 2017-08-20 20:21 - 000000000 ____D C:\Users\Haashim\jagexcache
2017-08-20 20:20 - 2017-08-20 20:21 - 000000000 ____D C:\Users\Haashim\RuneLoader
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\0409
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\OCR
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\DigitalLocker
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\MSBuild
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-20 20:20 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-20 20:19 - 2017-08-20 20:17 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-08-20 20:19 - 2017-08-20 20:17 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-20 20:18 - 2017-08-20 21:40 - 000000000 ___RD C:\Program Files (x86)
2017-08-20 20:18 - 2017-08-20 21:40 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-08-20 20:18 - 2017-08-20 21:40 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-08-20 20:18 - 2017-08-20 20:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-20 20:18 - 2017-08-20 20:39 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-20 20:18 - 2017-08-20 20:21 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ___SD C:\WINDOWS\system32\dsc
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\SystemApps
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\setup
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\system32\Com
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\IME
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\Help
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\Windows Defender
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-20 20:18 - 2017-08-20 20:20 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 __RSD C:\WINDOWS\Media
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 __RHD C:\Users\Public\Libraries
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___SD C:\WINDOWS\system32\Nui
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___SD C:\WINDOWS\system32\AppV
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Web
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Vss
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\tracing
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\TAPI
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SystemResources
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\winevt
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\ras
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\IME
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\icsxml
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\ias
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\downlevel
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\DDFs
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\System
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SKB
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\security
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\schemas
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\SchCache
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Resources
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\rescache
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\RemotePackages
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Registration
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\PLA
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Performance
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\InputMethod
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Globalization
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Cursors
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\Branding
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\appcompat
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\addins
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files\Windows Security
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files\Windows Portable Devices
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files\Windows NT
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files\Common Files\Services
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files (x86)\Windows NT
2017-08-20 20:18 - 2017-08-20 20:18 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-08-20 20:18 - 2017-08-20 20:17 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-08-20 20:18 - 2017-08-20 20:17 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2017-08-20 20:18 - 2017-08-20 20:17 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2017-08-20 20:18 - 2017-08-20 20:17 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-08-20 20:18 - 2017-08-20 20:17 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2017-08-20 20:18 - 2017-08-20 20:17 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2017-08-20 20:18 - 2017-08-20 20:17 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
2017-08-20 20:18 - 2017-08-20 20:17 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2017-08-20 20:18 - 2017-08-20 20:17 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2017-08-20 20:18 - 2017-08-20 20:17 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2017-08-20 20:18 - 2017-08-20 20:17 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2017-08-20 20:18 - 2017-08-20 20:17 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2017-08-20 20:18 - 2017-08-20 20:17 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2017-08-20 20:18 - 2017-08-20 20:17 - 000000219 _____ C:\WINDOWS\system.ini
2017-08-20 20:18 - 2017-08-20 20:17 - 000000092 _____ C:\WINDOWS\win.ini
2017-08-20 20:18 - 2017-08-20 20:00 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-20 20:18 - 2017-08-20 19:28 - 000000000 ____D C:\WINDOWS\system32\spool
2017-08-20 20:18 - 2017-08-20 19:28 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-08-20 20:18 - 2017-08-20 19:27 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-08-20 20:18 - 2017-08-20 19:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-08-20 20:18 - 2017-08-20 19:26 - 000000000 ____D C:\WINDOWS\CSC
2017-08-20 20:18 - 2017-08-20 19:25 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-08-20 20:18 - 2017-08-20 19:25 - 000000000 ___RD C:\WINDOWS\MiracastView
2017-08-20 20:18 - 2017-08-20 19:25 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-20 20:18 - 2017-08-20 19:25 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2017-08-20 20:18 - 2017-08-20 19:25 - 000000000 ____D C:\WINDOWS\HoloShell
2017-08-20 20:17 - 2017-08-20 21:43 - 000000000 ____D C:\WINDOWS\INF
2017-08-20 20:16 - 2017-08-20 20:20 - 000026842 _____ C:\Users\Haashim\Downloads\RuneLoader.jar
2017-08-20 20:15 - 2017-08-20 21:42 - 012845056 _____ C:\WINDOWS\system32\config\SYSTEM
2017-08-20 20:15 - 2017-08-20 21:42 - 001310720 _____ C:\WINDOWS\system32\config\DEFAULT
2017-08-20 20:15 - 2017-08-20 21:42 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-20 20:15 - 2017-08-20 21:42 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2017-08-20 20:15 - 2017-08-20 20:45 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2017-08-20 20:15 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\servicing
2017-08-20 20:15 - 2017-08-20 20:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-20 20:15 - 2017-08-20 20:18 - 000000000 ____D C:\WINDOWS\system32\SMI
2017-08-20 20:15 - 2017-08-20 19:26 - 000000000 ____D C:\WINDOWS\Panther
2017-08-20 20:15 - 2017-08-20 19:25 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-20 20:00 - 2017-08-20 20:00 - 000000994 _____ C:\Users\Haashim\Downloads\30968168_001_s.jfif
2017-08-20 19:57 - 2017-08-20 19:58 - 065033984 _____ (Malwarebytes ) C:\Users\Haashim\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-08-20 19:56 - 2017-08-20 20:19 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\obs-studio
2017-08-20 19:56 - 2017-08-20 19:56 - 000000000 ____D C:\Users\Haashim\AppData\Local\CEF
2017-08-20 19:55 - 2017-08-20 19:55 - 007201032 _____ (Microsoft Corporation) C:\Users\Haashim\Downloads\vcredist_x64.exe
2017-08-20 19:55 - 2017-08-20 19:55 - 006510544 _____ (Microsoft Corporation) C:\Users\Haashim\Downloads\vcredist_x86.exe
2017-08-20 19:55 - 2017-08-20 19:55 - 000001275 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-08-20 19:55 - 2017-08-20 19:55 - 000000000 ____D C:\Program Files (x86)\obs-studio
2017-08-20 19:53 - 2017-08-20 19:54 - 101899104 _____ (obsproject.com) C:\Users\Haashim\Downloads\OBS-Studio-20.0.1-Full-Installer.exe
2017-08-20 19:48 - 2017-08-20 21:50 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\Skype
2017-08-20 19:48 - 2017-08-20 19:48 - 000002640 _____ C:\Users\Public\Desktop\Skype.lnk
2017-08-20 19:48 - 2017-08-20 19:48 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-08-20 19:48 - 2017-08-20 19:48 - 000000000 ____D C:\Users\Haashim\Tracing
2017-08-20 19:47 - 2017-08-20 19:47 - 001632216 _____ (Skype Technologies S.A.) C:\Users\Haashim\Downloads\SkypeSetup (1).exe
2017-08-20 19:47 - 2017-08-20 19:47 - 000000000 ____D C:\Users\Haashim\AppData\Local\Comms
2017-08-20 19:43 - 2017-08-20 19:43 - 001632216 _____ (Skype Technologies S.A.) C:\Users\Haashim\Downloads\SkypeSetup.exe
2017-08-20 19:42 - 2017-08-20 19:42 - 000004126 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B7D2A7A5-9519-45CE-B652-C2996F3FE799}
2017-08-20 19:39 - 2017-08-20 19:39 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-08-20 19:39 - 2017-08-20 19:39 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\Sun
2017-08-20 19:39 - 2017-08-20 19:39 - 000000000 ____D C:\Users\Haashim\AppData\LocalLow\Sun
2017-08-20 19:39 - 2017-08-20 19:39 - 000000000 ____D C:\Program Files (x86)\Java
2017-08-20 19:37 - 2017-08-20 19:49 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\discord
2017-08-20 19:37 - 2017-08-20 19:37 - 054332920 _____ (Discord Inc.) C:\Users\Haashim\Downloads\DiscordSetup.exe
2017-08-20 19:37 - 2017-08-20 19:37 - 000738880 _____ (Oracle Corporation) C:\Users\Haashim\Downloads\JavaSetup8u144.exe
2017-08-20 19:37 - 2017-08-20 19:37 - 000002243 _____ C:\Users\Haashim\Desktop\Discord.lnk
2017-08-20 19:37 - 2017-08-20 19:37 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-20 19:37 - 2017-08-20 19:37 - 000000000 ____D C:\Users\Haashim\AppData\Local\SquirrelTemp
2017-08-20 19:37 - 2017-08-20 19:37 - 000000000 ____D C:\Users\Haashim\AppData\Local\Discord
2017-08-20 19:36 - 2017-08-20 19:57 - 000000000 ____D C:\Users\Haashim\AppData\Local\Google
2017-08-20 19:36 - 2017-08-20 19:36 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-20 19:36 - 2017-08-20 19:36 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-08-20 19:36 - 2017-08-20 19:36 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-20 19:36 - 2017-08-20 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-08-20 19:36 - 2017-08-20 19:36 - 000000000 ____D C:\Users\Haashim\AppData\LocalLow\AMD
2017-08-20 19:36 - 2017-08-20 19:36 - 000000000 ____D C:\Program Files\Realtek
2017-08-20 19:36 - 2017-08-20 19:36 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-20 19:35 - 2017-08-20 19:35 - 000000012 _____ C:\Users\Haashim\Desktop\internet.txt
2017-08-20 19:35 - 2017-08-20 19:35 - 000000000 ____D C:\Users\Haashim\AppData\Local\MicrosoftEdge
2017-08-20 19:31 - 2017-08-20 21:48 - 000906318 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-20 19:30 - 2017-08-20 21:45 - 000002369 _____ C:\Users\Haashim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-20 19:30 - 2017-08-20 21:45 - 000000000 ___RD C:\Users\Haashim\OneDrive
2017-08-20 19:29 - 2017-08-20 20:40 - 000000000 ____D C:\Users\Haashim\AppData\Local\Packages
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 ____D C:\Users\Haashim\AppData\Roaming\Adobe
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 ____D C:\Users\Haashim\AppData\Local\VirtualStore
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 ____D C:\Users\Haashim\AppData\Local\TileDataLayer
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 ____D C:\Users\Haashim\AppData\Local\Publishers
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 ____D C:\Users\Haashim\AppData\Local\ConnectedDevicesPlatform
2017-08-20 19:29 - 2017-08-20 19:29 - 000000000 ____D C:\Users\Haashim\AppData\Local\AMD
2017-08-20 19:28 - 2017-08-20 20:21 - 000000000 ____D C:\Users\Haashim
2017-08-20 19:28 - 2017-08-20 19:28 - 000000020 ___SH C:\Users\Haashim\ntuser.ini
2017-08-20 19:28 - 2017-03-18 21:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-08-20 19:25 - 2017-08-20 21:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-08-20 19:25 - 2017-08-20 21:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-20 19:25 - 2017-08-20 19:25 - 000217864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-20 19:25 - 2017-08-20 19:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2017-08-20 19:25 - 2017-08-20 19:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-20 19:25 - 2017-08-20 19:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-08-20 19:25 - 2017-08-20 19:25 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-08-20 19:25 - 2017-08-20 19:25 - 000000000 ____D C:\Program Files\AMD
2017-08-20 19:12 - 2017-08-20 20:22 - 000000000 ___HD C:\$SysReset
2017-08-10 05:45 - 2017-08-10 05:45 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-08-10 05:45 - 2017-08-10 05:45 - 007172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 007096184 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 005897184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-08-10 05:45 - 2017-08-10 05:45 - 003677160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-08-10 05:45 - 2017-08-10 05:45 - 003517504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 003509200 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 002211304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 001965808 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 001780616 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 001591056 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 001508928 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 001347144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000743960 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000727432 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000708304 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000504304 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000447712 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000445392 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000441264 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000272712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000253896 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000253856 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000252872 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000151784 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000134192 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000105304 _____ C:\WINDOWS\system32\audioLibVc.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000084608 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-08-10 05:45 - 2017-08-10 05:45 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-08-10 02:01 - 2017-08-10 02:01 - 013064373 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-08-20 20:20 - 2017-03-20 04:42 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-08-20 20:20 - 2017-03-20 04:42 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-08-20 20:20 - 2017-03-20 04:42 - 000387416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-20 20:17 - 2017-03-18 22:00 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-08-20 20:17 - 2017-03-18 21:59 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 020505088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 019334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 011869696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 007335936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 003659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 001516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-20 20:17 - 2017-03-18 21:59 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-08-20 20:17 - 2017-03-18 21:59 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-08-20 20:17 - 2017-03-18 21:59 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 021353720 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 020374432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 017365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 008330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 006535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 004847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 004212624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003379712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003110912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 002673152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002653184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002344960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002328984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002158040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002142720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001474288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001432576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001194696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001136640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001099776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000940960 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-08-20 20:17 - 2017-03-18 21:58 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000666528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-08-20 20:17 - 2017-03-18 21:58 - 000643072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000643072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000609048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000559008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-08-20 20:17 - 2017-03-18 21:58 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000472176 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000437552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000364544 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000321384 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-08-20 20:17 - 2017-03-18 21:58 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000203160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000192408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000179616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000168352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-20 20:17 - 2017-03-18 21:58 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000101800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000100224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-20 20:17 - 2017-03-18 21:58 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-08-20 20:17 - 2017-03-18 21:58 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-08-20 20:17 - 2017-03-18 21:58 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 005892608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 005302456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 003672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 003331584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002834432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002682776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 002515968 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002446752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 002434048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002328480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 002084768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 002056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001759752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001702912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 001402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-08-20 20:17 - 2017-03-18 21:57 - 001321800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001318816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 001243040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 001214368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 001086976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-08-20 20:17 - 2017-03-18 21:57 - 001017248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-08-20 20:17 - 2017-03-18 21:57 - 000973312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000867312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000777728 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-20 20:17 - 2017-03-18 21:57 - 000775832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000750008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000721632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-08-20 20:17 - 2017-03-18 21:57 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000636136 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000542624 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000381848 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000333216 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000315296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-08-20 20:17 - 2017-03-18 21:57 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000199072 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000181664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000120224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000104944 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000103408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000102208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-20 20:17 - 2017-03-18 21:57 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-20 20:17 - 2017-03-18 21:57 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-08-20 20:17 - 2017-03-18 21:57 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-08-20 20:17 - 2017-03-18 21:56 - 023680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 012787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 008247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 006551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 005802976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 004673872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 002612008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-08-20 20:17 - 2017-03-18 21:56 - 001832960 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 001669472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 001455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 001224208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000723352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-08-20 20:17 - 2017-03-18 21:56 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-08-20 20:17 - 2017-03-18 21:56 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-08-20 20:17 - 2017-03-18 21:56 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000117152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-20 20:17 - 2017-03-18 21:56 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-08-20 20:17 - 2017-03-18 21:56 - 000081824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-08-20 20:17 - 2017-03-18 21:56 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-08-20 20:17 - 2017-03-18 21:56 - 000030456 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-08-20 20:16 - 2017-03-18 22:00 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 006296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 005960704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 002228128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-08-20 20:16 - 2017-03-18 21:59 - 001839520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 001452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-08-20 20:16 - 2017-03-18 21:59 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000844192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-08-20 20:16 - 2017-03-18 21:59 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000699296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000506784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-20 20:16 - 2017-03-18 21:59 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-08-20 20:16 - 2017-03-18 21:58 - 013840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 004446720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 003114136 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-20 20:16 - 2017-03-18 21:58 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002799616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002678784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002443264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 002088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001911808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001885696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001853296 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001604824 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001517024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001505688 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001267056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001056160 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000984512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-08-20 20:16 - 2017-03-18 21:58 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000387072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000332192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-20 20:16 - 2017-03-18 21:58 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-20 20:16 - 2017-03-18 21:58 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000118880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000090456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000036768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-08-20 20:16 - 2017-03-18 21:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-08-20 20:16 - 2017-03-18 21:58 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-08-20 20:16 - 2017-03-18 21:57 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001575144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001528872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 001024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 001003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-20 20:16 - 2017-03-18 21:57 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000455616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-20 20:16 - 2017-03-18 21:57 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000141720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-08-20 20:16 - 2017-03-18 21:57 - 000130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-08-20 20:16 - 2017-03-18 21:57 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000095072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-08-20 20:16 - 2017-03-18 21:57 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-08-20 20:16 - 2017-03-18 21:57 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 004711648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 002430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 001700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 001611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 001120872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 000716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000553888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-20 20:16 - 2017-03-18 21:56 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000412496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-20 20:16 - 2017-03-18 21:56 - 000287136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-20 20:16 - 2017-03-18 21:56 - 000199072 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000188832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-08-20 20:16 - 2017-03-18 21:56 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-08-20 20:16 - 2017-03-18 21:56 - 000027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

==================== Files in the root of some directories =======

2017-08-20 19:36 - 2017-08-20 19:36 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
2017-08-20 19:48 - 2017-08-20 19:48 - 014456872 _____ (Microsoft Corporation) C:\Users\Haashim\AppData\Local\Temp\vc_redist.x86.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-20 19:25

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Haashim (20-08-2017 21:59:40)
Running from C:\Users\Haashim\Downloads
Windows 10 Pro Version 1703 (X64) (2017-08-20 18:26:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4085880106-454035757-358029552-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4085880106-454035757-358029552-503 - Limited - Disabled)
Guest (S-1-5-21-4085880106-454035757-358029552-501 - Limited - Disabled)
Haashim (S-1-5-21-4085880106-454035757-358029552-1001 - Administrator - Enabled) => C:\Users\Haashim

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Discord (HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4085880106-454035757-358029552-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.0.1 - OBS Project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-20] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-20] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-20] (AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-20] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3922CA98-1542-4C92-BA6A-28531BEF2C56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-20] (Google Inc.)
Task: {4D0FDD7A-A00F-40C4-805E-BC8B417287ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-20] (Google Inc.)
Task: {FAECBAB1-4F6A-45FF-9529-16C052E6B1BC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-20] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 04:43 - 001731072 ____N () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-20 19:36 - 2017-08-11 08:40 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\libglesv2.dll
2017-08-20 19:36 - 2017-08-11 08:40 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\libegl.dll
2017-08-20 20:11 - 2017-08-20 20:11 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-20 20:11 - 2017-08-20 20:11 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-20 20:11 - 2017-08-20 20:11 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-20 20:11 - 2017-08-20 20:11 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-08-20 21:41 - 2017-08-20 21:41 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-20 21:42 - 2017-08-20 21:42 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-20 21:42 - 2017-08-20 21:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-20 21:41 - 2017-08-20 21:41 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-20 21:41 - 2017-08-20 21:41 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-20 21:41 - 2017-08-20 21:41 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-20 21:41 - 2017-08-20 21:41 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-08-20 21:43 - 2017-08-20 21:43 - 005895544 _____ () C:\Program Files\AVAST Software\Avast\defs\17082000\algo.dll
2017-08-20 19:37 - 2017-08-08 15:13 - 001893880 _____ () C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2017-08-20 19:37 - 2017-08-20 19:37 - 001577976 _____ () \\?\C:\Users\Haashim\AppData\Roaming\discord\0.0.298\modules\discord_toaster\discord_toaster.node
2017-08-20 19:37 - 2017-08-08 15:13 - 001938424 _____ () C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-20 19:37 - 2017-08-08 15:13 - 000095736 _____ () C:\Users\Haashim\AppData\Local\Discord\app-0.0.298\libegl.dll
2017-07-24 15:57 - 2017-07-24 15:57 - 001991640 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-08-20 19:37 - 2017-08-20 19:37 - 009601016 _____ () \\?\C:\Users\Haashim\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-20 19:37 - 2017-08-20 19:37 - 001440248 _____ () \\?\C:\Users\Haashim\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-08-20 21:45 - 2017-08-20 21:45 - 000148992 _____ () \\?\C:\Users\Haashim\AppData\Local\Temp\196A.tmp.node
2017-08-20 19:37 - 2017-08-20 19:37 - 002658296 _____ () \\?\C:\Users\Haashim\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-20 20:15 - 2017-08-20 20:15 - 002673656 _____ () \\?\C:\Users\Haashim\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-08-20 20:18 - 2017-08-20 20:17 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4085880106-454035757-358029552-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{84933A98-B136-4E59-904A-314AA96971BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E2F3B69A-5274-44A3-B150-3EC02AAEF177}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{032F5A15-1097-4491-ADCB-40A89D536759}] => (Allow) C:\Users\Haashim\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{235F9C44-B6F6-44C5-BBAE-9D6757EF7294}] => (Allow) C:\Users\Haashim\AppData\Roaming\uTorrent\uTorrent.exe

==================== Restore Points =========================

20-08-2017 19:36:02 Windows Update

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2017 09:44:15 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (08/20/2017 09:42:57 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/20/2017 09:42:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/20/2017 09:42:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/20/2017 09:42:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DUELSDG)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/20/2017 09:42:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
Dependent Assembly Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/20/2017 09:42:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.479, time stamp: 0x58f6af02
Faulting module name: mbamservice.exe, version: 3.1.0.479, time stamp: 0x58f6af02
Exception code: 0xc0000005
Fault offset: 0x000000000009747c
Faulting process ID: 0x1f90
Faulting application start time: 0x01d319f4cd9d733c
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Report ID: fd50d974-6c82-467c-b37a-15df6e32b01b
Faulting package full name:
Faulting package-relative application ID:

Error: (08/20/2017 08:08:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DUELSDG)
Description: Activation of application Microsoft.BingWeather_8wekyb3d8bbwe!App failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (08/20/2017 07:47:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (08/20/2017 07:47:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (08/20/2017 09:42:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CldFlt service failed to start due to the following error:
The request is not supported.

Error: (08/20/2017 09:42:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DUELSDG)
Description: The server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.

Error: (08/20/2017 09:42:32 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DUELSDG)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (08/20/2017 09:42:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (08/20/2017 09:35:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/20/2017 07:50:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SSDP Discovery service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (08/20/2017 07:47:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/20/2017 07:47:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/20/2017 07:47:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/20/2017 07:47:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
Date: 2017-08-20 20:10:49.305
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-20 20:10:17.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-20 20:10:17.739
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-20 19:59:55.642
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-08-20 19:59:55.550
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 8150.69 MB
Available physical RAM: 4230.49 MB
Total Virtual: 10070.69 MB
Available Virtual: 5630.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.02 GB) (Free:195.47 GB) NTFS
Drive d: (Hard Drive) (Fixed) (Total:931.39 GB) (Free:431.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Edited by Oh My!, 24 August 2017 - 09:18 PM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:52 AM

Posted 24 August 2017 - 09:21 PM

Greetings,

This doesn't appear to be malware related but please run the below.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
Folder:  C:\Users\Haashim\AppData\Local\{50DD6681-7475-0A39-19ED-2FD13D85D349}
2017-08-20 21:56 - 2017-08-20 21:56 - 001791696 _____ (Farbar) C:\Users\Haashim\Downloads\Unconfirmed 714009.crdownload
2017-08-20 21:55 - 2017-08-20 21:55 - 001785132 _____ (Farbar) C:\Users\Haashim\Downloads\Unconfirmed 360635.crdownload
emptytemp:
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
===================================================

System Summary Information

--------------------
  • Press the Windows Key + R on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary report

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:52 AM

Posted 27 August 2017 - 05:02 PM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:52 AM

Posted 29 August 2017 - 08:52 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users