Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Third Party Apps Can't Access Internet


  • This topic is locked This topic is locked
38 replies to this topic

#1 ao3

ao3

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 20 September 2017 - 08:41 PM

EDIT: All I had to do was disable Windows Defender. But when I turned it back on, I lost the internet connection to the programs again. What do I have to do with Windows Defender to make them work? Every time I try to download an app it has connection problems. (I've removed my FRST logs from the thread. They were too long to scroll through.)

 

Hello,

I was trying to scan my computer with Zemana AntiMalware and HitmanPro, but I couldn't even begin since the apps couldn't connect to the internet. My internet connection is just fine since I'm browsing the web right now. It seems like my browsers are the only apps that can access the internet. I already tried allowing the apps through the Windows Firewall. 

 

Windows Defender is currently my AV, and I run a 64-bit Windows 10 computer. 

 

Thanks. 


Edited by ao3, 21 September 2017 - 01:12 AM.


BC AdBot (Login to Remove)

 


#2 ao3

ao3
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 22 September 2017 - 08:02 PM

The problem was never fixed actually. I don't know what I was doing. I can't edit the first post anymore so here are my logs. (Even when I ran FRST, I got a 'Failed to update pop-up)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2017
Ran by Abin (administrator) on OOMMENHP (22-09-2017 19:44:03)
Running from C:\Users\Abin\Desktop
Loaded Profiles: Abin (Available Profiles: Abin & Owner & Guest & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Windows\Runservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Mouse\Amoumain.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [WheelMouse] => C:\Program Files\Mouse\Amoumain.exe [196608 1999-12-31] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\MountPoints2: {eaf92516-6bd8-11e6-9bec-386077411891} - "F:\WMMA3_Retail.exe" 
Startup: C:\Users\Abin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2014-10-11]
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-09-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3b130b83-c9c2-48ee-9aff-1377b736edad}: [NameServer] 68.94.156.10,68.94.157.10
Tcpip\..\Interfaces\{3b130b83-c9c2-48ee-9aff-1377b736edad}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
Toolbar: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039 [2017-09-18]
FF NewTab: Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039 -> about:newtab
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039 -> Google
FF Extension: (uBlock Origin) - C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\Extensions\uBlock0@raymondhill.net.xpi [2017-06-26]
FF SearchPlugin: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\searchplugins\google-images.xml [2015-08-25]
FF SearchPlugin: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\searchplugins\kickassto.xml [2015-07-31]
FF SearchPlugin: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\searchplugins\youtube.xml [2015-07-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-06] <==== ATTENTION
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default [2017-09-22]
CHR Extension: (Google Slides) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27]
CHR Extension: (YouTube) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-27]
CHR Extension: (uBlock Origin) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-09-06]
CHR Extension: (Google Search) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05]
CHR Extension: (Google Sheets) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (HTTPS Everywhere) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-09-15]
CHR Extension: (Google Docs Offline) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fffefoflbnnklnhpcjohenokjnpjfcad] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2013-07-06] () [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
U2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-08-20] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-08-20] (Windows ® Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [46960 2016-06-14] ()
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-01-30] (Zemana Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-09-19] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-03-25] (Zemana Ltd.)
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-22 19:44 - 2017-09-22 19:46 - 000014656 _____ C:\Users\Abin\Desktop\FRST.txt
2017-09-22 19:41 - 2017-09-22 19:43 - 002399744 _____ (Farbar) C:\Users\Abin\Desktop\FRST64.exe
2017-09-22 01:18 - 2017-09-22 01:41 - 264928424 _____ C:\Users\Abin\Downloads\RileyReid_DannyMountain_480p.mp4
2017-09-22 00:12 - 2017-09-22 00:20 - 163631512 _____ (Microsoft Corporation) C:\Users\Abin\Desktop\msert.exe
2017-09-20 20:22 - 2017-09-22 19:44 - 000000000 ____D C:\FRST
2017-09-20 00:26 - 2017-09-20 00:28 - 008182736 _____ (Malwarebytes) C:\Users\Abin\Desktop\adwcleaner_7.0.2.1.exe
2017-09-19 20:36 - 2017-09-19 20:36 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-09-19 20:07 - 2017-09-19 20:11 - 000000000 ____D C:\Users\Abin\AppData\Local\IIIQF
2017-09-19 19:58 - 2017-09-19 19:58 - 000001968 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-09-19 19:58 - 2017-09-19 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-09-19 19:55 - 2017-09-19 20:36 - 015808656 _____ (Copyright 2017.) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
2017-09-19 19:47 - 2017-09-20 19:29 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Abin\Desktop\iExplore.exe
2017-09-18 22:29 - 2017-09-19 20:23 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-18 22:28 - 2017-09-18 22:28 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-18 22:28 - 2017-09-18 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-18 22:28 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-14 13:55 - 2017-09-14 13:56 - 000210480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-14 00:25 - 2017-09-07 02:07 - 000315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-09-14 00:25 - 2017-09-07 01:22 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-09-14 00:25 - 2017-09-07 01:21 - 002265368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-14 00:25 - 2017-09-07 01:21 - 000780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-14 00:25 - 2017-09-07 01:17 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-09-14 00:25 - 2017-09-07 01:13 - 000546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-14 00:25 - 2017-09-07 01:12 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-09-14 00:25 - 2017-09-07 01:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-14 00:25 - 2017-09-07 01:00 - 000037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-09-14 00:25 - 2017-09-07 00:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-09-14 00:25 - 2017-09-07 00:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-09-14 00:25 - 2017-09-07 00:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-09-14 00:25 - 2017-09-07 00:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-09-14 00:25 - 2017-09-07 00:50 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-09-14 00:25 - 2017-09-07 00:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-09-14 00:25 - 2017-09-07 00:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-09-14 00:25 - 2017-09-07 00:48 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-09-14 00:25 - 2017-09-07 00:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-09-14 00:25 - 2017-09-07 00:47 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-09-14 00:25 - 2017-09-07 00:44 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-09-14 00:25 - 2017-09-07 00:42 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-09-14 00:25 - 2017-09-07 00:42 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-09-14 00:25 - 2017-09-07 00:40 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-09-14 00:25 - 2017-09-07 00:40 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-09-14 00:25 - 2017-09-07 00:39 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-09-14 00:25 - 2017-09-07 00:36 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-09-14 00:25 - 2017-09-07 00:36 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-09-14 00:25 - 2017-09-07 00:35 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-09-14 00:25 - 2017-09-07 00:34 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-14 00:25 - 2017-09-07 00:34 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-09-14 00:25 - 2017-09-07 00:33 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-14 00:25 - 2017-09-07 00:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-09-14 00:25 - 2017-09-07 00:32 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-14 00:25 - 2017-09-07 00:32 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-09-14 00:25 - 2017-09-07 00:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-09-14 00:25 - 2017-09-07 00:31 - 001988608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-09-14 00:25 - 2017-09-07 00:30 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-09-14 00:25 - 2017-09-07 00:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-09-14 00:25 - 2017-09-07 00:29 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-14 00:25 - 2017-09-07 00:29 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-09-14 00:25 - 2017-09-07 00:07 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-14 00:25 - 2017-08-21 23:55 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-09-14 00:25 - 2017-03-04 01:05 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-09-14 00:25 - 2017-03-04 01:01 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-09-14 00:24 - 2017-09-07 01:29 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-14 00:24 - 2017-09-07 01:24 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-09-14 00:24 - 2017-09-07 01:21 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-09-14 00:24 - 2017-09-07 01:21 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-09-14 00:24 - 2017-09-07 01:20 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-14 00:24 - 2017-09-07 01:19 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-14 00:24 - 2017-09-07 01:19 - 000606560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-09-14 00:24 - 2017-09-07 01:19 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-09-14 00:24 - 2017-09-07 01:16 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-09-14 00:24 - 2017-09-07 01:01 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-14 00:24 - 2017-09-07 01:01 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-14 00:24 - 2017-09-07 00:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-09-14 00:24 - 2017-09-07 00:54 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-09-14 00:24 - 2017-09-07 00:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-09-14 00:24 - 2017-09-07 00:49 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-09-14 00:24 - 2017-09-07 00:48 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-14 00:24 - 2017-09-07 00:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-09-14 00:24 - 2017-09-07 00:48 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-09-14 00:24 - 2017-09-07 00:47 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-09-14 00:24 - 2017-09-07 00:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-09-14 00:24 - 2017-09-07 00:46 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-14 00:24 - 2017-09-07 00:45 - 013875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-14 00:24 - 2017-09-07 00:44 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-09-14 00:24 - 2017-09-07 00:40 - 000746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-09-14 00:24 - 2017-09-07 00:40 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-09-14 00:24 - 2017-09-07 00:38 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-14 00:24 - 2017-09-07 00:37 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-14 00:24 - 2017-09-07 00:35 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-09-14 00:24 - 2017-09-07 00:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-09-14 00:24 - 2017-09-07 00:33 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-14 00:24 - 2017-09-07 00:32 - 001993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-09-14 00:24 - 2017-09-07 00:32 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-14 00:24 - 2017-09-07 00:32 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-09-14 00:24 - 2017-09-07 00:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 002747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-09-14 00:24 - 2017-09-07 00:29 - 001576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-09-14 00:24 - 2017-09-07 00:29 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-09-14 00:24 - 2017-09-07 00:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-09-14 00:24 - 2017-08-08 01:03 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-09-14 00:24 - 2017-08-08 00:21 - 000340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-09-14 00:24 - 2017-08-07 23:56 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-09-14 00:24 - 2017-08-07 23:48 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-09-14 00:24 - 2017-08-07 23:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-09-14 00:24 - 2017-03-04 01:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-09-14 00:23 - 2017-09-07 01:32 - 001573792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-14 00:23 - 2017-09-07 01:32 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-09-14 00:23 - 2017-09-07 01:24 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-09-14 00:23 - 2017-09-07 01:22 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-09-14 00:23 - 2017-09-07 01:21 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-14 00:23 - 2017-09-07 01:21 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-09-14 00:23 - 2017-09-07 01:20 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-09-14 00:23 - 2017-09-07 01:20 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-14 00:23 - 2017-09-07 01:20 - 000267104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-14 00:23 - 2017-09-07 01:20 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-14 00:23 - 2017-09-07 01:20 - 000037200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-14 00:23 - 2017-09-07 01:19 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-09-14 00:23 - 2017-09-07 01:17 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-14 00:23 - 2017-09-07 01:16 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-14 00:23 - 2017-09-07 01:13 - 001412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-14 00:23 - 2017-09-07 00:59 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-14 00:23 - 2017-09-07 00:58 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-14 00:23 - 2017-09-07 00:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-09-14 00:23 - 2017-09-07 00:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-09-14 00:23 - 2017-09-07 00:56 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-09-14 00:23 - 2017-09-07 00:55 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-09-14 00:23 - 2017-09-07 00:55 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-09-14 00:23 - 2017-09-07 00:55 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-09-14 00:23 - 2017-09-07 00:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-09-14 00:23 - 2017-09-07 00:51 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-14 00:23 - 2017-09-07 00:50 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-14 00:23 - 2017-09-07 00:49 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-14 00:23 - 2017-09-07 00:47 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-14 00:23 - 2017-09-07 00:47 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-09-14 00:23 - 2017-09-07 00:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-09-14 00:23 - 2017-09-07 00:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-09-14 00:23 - 2017-09-07 00:44 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-09-14 00:23 - 2017-09-07 00:44 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-09-14 00:23 - 2017-09-07 00:44 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-09-14 00:23 - 2017-09-07 00:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-09-14 00:23 - 2017-09-07 00:42 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-09-14 00:23 - 2017-09-07 00:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-09-14 00:23 - 2017-09-07 00:40 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-09-14 00:23 - 2017-09-07 00:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-09-14 00:23 - 2017-09-07 00:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-09-14 00:23 - 2017-09-07 00:38 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-09-14 00:23 - 2017-09-07 00:38 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-09-14 00:23 - 2017-09-07 00:37 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-09-14 00:23 - 2017-09-07 00:36 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-09-14 00:23 - 2017-09-07 00:35 - 007470080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-14 00:23 - 2017-09-07 00:35 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-09-14 00:23 - 2017-09-07 00:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 001135616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-09-14 00:23 - 2017-09-07 00:32 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-09-14 00:23 - 2017-09-07 00:31 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-09-14 00:23 - 2017-09-07 00:30 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-14 00:23 - 2017-09-07 00:28 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-09-14 00:23 - 2017-09-07 00:28 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-14 00:23 - 2017-08-22 00:08 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-14 00:23 - 2017-08-21 23:57 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-14 00:23 - 2017-08-21 23:49 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-09-14 00:23 - 2017-08-08 01:03 - 000102240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2017-09-14 00:23 - 2017-08-08 00:56 - 000054240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-14 00:23 - 2017-08-08 00:53 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-09-14 00:23 - 2017-08-08 00:53 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-09-14 00:23 - 2017-08-08 00:25 - 000255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2017-09-14 00:23 - 2017-08-08 00:16 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-14 00:23 - 2017-08-08 00:16 - 000086232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2017-09-14 00:23 - 2017-08-07 23:58 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-09-14 00:23 - 2017-08-07 23:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2017-09-14 00:23 - 2017-08-07 23:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-09-14 00:23 - 2017-08-07 23:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-09-14 00:23 - 2017-08-07 23:53 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-14 00:23 - 2017-08-07 23:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2017-09-14 00:23 - 2017-08-07 23:50 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-09-14 00:23 - 2017-08-07 23:50 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-09-14 00:23 - 2017-08-07 23:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-09-14 00:23 - 2017-08-07 23:49 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-09-14 00:23 - 2017-08-07 23:47 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-14 00:23 - 2017-03-04 01:53 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-09-14 00:23 - 2017-03-04 01:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-09-14 00:23 - 2017-03-04 01:13 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-09-14 00:23 - 2016-12-20 23:43 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-09-14 00:22 - 2017-09-07 00:54 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-14 00:22 - 2017-09-07 00:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-09-14 00:22 - 2017-09-07 00:36 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-09-14 00:22 - 2017-09-07 00:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-14 00:22 - 2017-09-07 00:19 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-09-14 00:22 - 2017-09-07 00:17 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-14 00:22 - 2017-09-07 00:16 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-09-14 00:22 - 2017-09-07 00:15 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-09-14 00:22 - 2017-09-07 00:14 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-09-14 00:22 - 2017-09-07 00:14 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-09-14 00:22 - 2017-09-07 00:13 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-09-14 00:22 - 2017-09-07 00:13 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-09-14 00:22 - 2017-09-07 00:12 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-09-14 00:22 - 2017-09-07 00:01 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-09-14 00:22 - 2017-09-07 00:01 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-09-14 00:22 - 2017-09-06 23:58 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-09-14 00:22 - 2017-09-06 23:56 - 002539008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-09-14 00:22 - 2017-09-06 23:55 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-09-14 00:22 - 2017-09-06 23:54 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-09-14 00:22 - 2016-09-15 11:40 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-09-14 00:22 - 2016-09-15 11:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-09-14 00:21 - 2017-09-07 00:54 - 007220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 008168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 000244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-14 00:21 - 2017-09-07 00:23 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-09-14 00:21 - 2017-09-07 00:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-09-14 00:21 - 2017-09-07 00:21 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-09-14 00:21 - 2017-09-07 00:17 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-09-14 00:21 - 2017-09-07 00:15 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-09-14 00:21 - 2017-09-07 00:07 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-09-14 00:21 - 2017-09-07 00:07 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-09-14 00:21 - 2017-09-07 00:04 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-14 00:21 - 2017-09-07 00:01 - 002390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-09-14 00:21 - 2017-09-07 00:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-09-14 00:21 - 2017-09-07 00:01 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-09-14 00:21 - 2017-09-07 00:00 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-14 00:21 - 2017-09-06 23:57 - 003134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-09-14 00:21 - 2017-09-06 23:57 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-09-14 00:21 - 2017-09-06 23:56 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-09-14 00:21 - 2017-09-06 23:56 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-09-14 00:21 - 2017-09-06 23:56 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-09-14 00:21 - 2017-09-06 23:55 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-14 00:21 - 2017-09-06 23:55 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-09-14 00:21 - 2017-09-06 23:52 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-09-14 00:21 - 2017-09-06 23:52 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-09-14 00:21 - 2017-08-22 00:02 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-14 00:21 - 2017-08-21 23:53 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-09-14 00:21 - 2017-08-21 23:50 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-09-14 00:21 - 2017-03-04 01:27 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-09-14 00:20 - 2017-09-07 01:32 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-14 00:20 - 2017-09-07 01:03 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-14 00:20 - 2017-09-07 01:03 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-09-14 00:20 - 2017-09-07 01:01 - 002049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-09-14 00:20 - 2017-09-07 00:54 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-09-14 00:20 - 2017-09-07 00:53 - 000097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-09-14 00:20 - 2017-09-07 00:52 - 000858464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-09-14 00:20 - 2017-09-07 00:52 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-09-14 00:20 - 2017-09-07 00:52 - 000044464 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-14 00:20 - 2017-09-07 00:51 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-14 00:20 - 2017-09-07 00:50 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-14 00:20 - 2017-09-07 00:50 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-14 00:20 - 2017-09-07 00:50 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-09-14 00:20 - 2017-09-07 00:45 - 002532704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-14 00:20 - 2017-09-07 00:45 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-14 00:20 - 2017-09-07 00:21 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-09-14 00:20 - 2017-09-07 00:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-09-14 00:20 - 2017-09-07 00:20 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-09-14 00:20 - 2017-09-07 00:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-14 00:20 - 2017-09-07 00:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-09-14 00:20 - 2017-09-07 00:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-09-14 00:20 - 2017-09-07 00:18 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-09-14 00:20 - 2017-09-07 00:18 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-09-14 00:20 - 2017-09-07 00:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-09-14 00:20 - 2017-09-07 00:16 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-14 00:20 - 2017-09-07 00:15 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-09-14 00:20 - 2017-09-07 00:15 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-09-14 00:20 - 2017-09-07 00:14 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-09-14 00:20 - 2017-09-07 00:14 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-09-14 00:20 - 2017-09-07 00:13 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-09-14 00:20 - 2017-09-07 00:13 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-09-14 00:20 - 2017-09-07 00:12 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-09-14 00:20 - 2017-09-07 00:12 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-09-14 00:20 - 2017-09-07 00:11 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-14 00:20 - 2017-09-07 00:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-09-14 00:20 - 2017-09-07 00:07 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-09-14 00:20 - 2017-09-07 00:07 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-09-14 00:20 - 2017-09-07 00:03 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-09-14 00:20 - 2017-09-07 00:03 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-14 00:20 - 2017-09-06 23:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-09-14 00:20 - 2017-09-06 23:58 - 001700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-14 00:20 - 2017-09-06 23:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-09-14 00:20 - 2017-09-06 23:55 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-14 00:20 - 2017-09-06 23:54 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-14 00:20 - 2017-08-21 23:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-14 00:20 - 2017-08-08 01:06 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-14 00:20 - 2017-08-08 00:59 - 000357984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2017-09-14 00:20 - 2017-08-08 00:59 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-09-14 00:20 - 2017-08-08 00:45 - 000453544 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-09-14 00:20 - 2017-08-08 00:23 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-09-14 00:20 - 2017-08-08 00:15 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-09-14 00:20 - 2017-08-08 00:14 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-14 00:20 - 2017-08-08 00:12 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-14 00:20 - 2017-03-04 01:39 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-09-14 00:20 - 2017-03-04 01:28 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-09-14 00:20 - 2017-03-04 01:08 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-09-14 00:20 - 2016-09-15 11:34 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-09-14 00:19 - 2017-09-07 01:10 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-09-14 00:19 - 2017-09-07 00:57 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-14 00:19 - 2017-09-07 00:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-14 00:19 - 2017-09-07 00:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-14 00:19 - 2017-09-07 00:49 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-09-14 00:19 - 2017-09-07 00:43 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-14 00:19 - 2017-09-07 00:41 - 019413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-14 00:19 - 2017-09-07 00:39 - 018363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-14 00:19 - 2017-09-07 00:37 - 012204544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-14 00:19 - 2017-09-07 00:31 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-14 00:19 - 2017-09-07 00:24 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-14 00:19 - 2017-09-07 00:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-14 00:19 - 2017-09-07 00:21 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-09-14 00:19 - 2017-09-07 00:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-09-14 00:19 - 2017-09-07 00:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-14 00:19 - 2017-09-07 00:18 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2017-09-14 00:19 - 2017-09-07 00:18 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-14 00:19 - 2017-09-07 00:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-14 00:19 - 2017-09-07 00:17 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-14 00:19 - 2017-09-07 00:15 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-14 00:19 - 2017-09-07 00:15 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-14 00:19 - 2017-09-07 00:14 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-09-14 00:19 - 2017-09-07 00:14 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-09-14 00:19 - 2017-09-07 00:14 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-09-14 00:19 - 2017-09-07 00:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-09-14 00:19 - 2017-09-07 00:11 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-09-14 00:19 - 2017-09-07 00:10 - 017200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-14 00:19 - 2017-09-07 00:09 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-14 00:19 - 2017-09-07 00:08 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-14 00:19 - 2017-09-07 00:07 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-14 00:19 - 2017-09-07 00:07 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-09-14 00:19 - 2017-09-07 00:05 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-09-14 00:19 - 2017-09-07 00:05 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-09-14 00:19 - 2017-09-07 00:05 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-09-14 00:19 - 2017-09-07 00:04 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-09-14 00:19 - 2017-09-07 00:03 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-09-14 00:19 - 2017-09-07 00:01 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-09-14 00:19 - 2017-09-07 00:00 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-09-14 00:19 - 2017-09-06 23:59 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-14 00:19 - 2017-09-06 23:59 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-09-14 00:19 - 2017-09-06 23:58 - 002097152 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-14 00:19 - 2017-09-06 23:57 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-09-14 00:19 - 2017-09-06 23:56 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-09-14 00:19 - 2017-09-06 23:56 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-09-14 00:19 - 2017-09-06 23:55 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-14 00:19 - 2017-09-06 23:53 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-09-14 00:19 - 2017-09-06 23:52 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-14 00:19 - 2017-09-06 23:52 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-14 00:19 - 2017-08-22 00:46 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-09-14 00:19 - 2017-08-22 00:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-14 00:19 - 2017-08-22 00:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-09-14 00:19 - 2017-08-22 00:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-14 00:19 - 2017-08-21 23:43 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-09-14 00:19 - 2017-08-08 00:53 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-09-14 00:19 - 2017-08-08 00:18 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-09-14 00:19 - 2017-08-08 00:17 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-09-14 00:19 - 2017-08-07 23:54 - 001228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-09-14 00:19 - 2017-03-04 02:03 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-09-14 00:19 - 2017-03-04 01:28 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-09-14 00:19 - 2017-03-04 01:27 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-09-14 00:19 - 2017-03-04 01:13 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-09-14 00:19 - 2016-09-15 11:30 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-09-14 00:18 - 2017-09-07 01:20 - 000367208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-09-14 00:18 - 2017-09-07 01:03 - 007780704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-14 00:18 - 2017-09-07 01:02 - 032693432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-09-14 00:18 - 2017-09-07 01:01 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-14 00:18 - 2017-09-07 00:56 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-14 00:18 - 2017-09-07 00:56 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 002761248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 002188128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-14 00:18 - 2017-09-07 00:54 - 001739072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-09-14 00:18 - 2017-09-07 00:54 - 000402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-09-14 00:18 - 2017-09-07 00:53 - 000431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-09-14 00:18 - 2017-09-07 00:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-14 00:18 - 2017-09-07 00:50 - 001694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-09-14 00:18 - 2017-09-07 00:50 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-14 00:18 - 2017-09-07 00:49 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-09-14 00:18 - 2017-09-07 00:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-14 00:18 - 2017-09-07 00:34 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-14 00:18 - 2017-09-07 00:31 - 003663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-14 00:18 - 2017-09-07 00:31 - 001509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-14 00:18 - 2017-09-07 00:23 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-14 00:18 - 2017-09-07 00:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-14 00:18 - 2017-09-07 00:18 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-14 00:18 - 2017-09-07 00:17 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-14 00:18 - 2017-09-07 00:17 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-09-14 00:18 - 2017-09-07 00:17 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-14 00:18 - 2017-09-07 00:16 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-14 00:18 - 2017-09-07 00:14 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-09-14 00:18 - 2017-09-07 00:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-14 00:18 - 2017-09-07 00:13 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-09-14 00:18 - 2017-09-07 00:13 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-14 00:18 - 2017-09-07 00:11 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-14 00:18 - 2017-09-07 00:11 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-09-14 00:18 - 2017-09-07 00:11 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-14 00:18 - 2017-09-07 00:10 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-14 00:18 - 2017-09-07 00:09 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-14 00:18 - 2017-09-07 00:08 - 001639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-09-14 00:18 - 2017-09-07 00:08 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-14 00:18 - 2017-09-07 00:08 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2017-09-14 00:18 - 2017-09-07 00:07 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-09-14 00:18 - 2017-09-07 00:04 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-09-14 00:18 - 2017-09-07 00:02 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-14 00:18 - 2017-09-07 00:02 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-09-14 00:18 - 2017-09-07 00:01 - 023675904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-14 00:18 - 2017-09-07 00:01 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 008114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-09-14 00:18 - 2017-09-06 23:58 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-09-14 00:18 - 2017-09-06 23:58 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-09-14 00:18 - 2017-09-06 23:57 - 005611520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-09-14 00:18 - 2017-09-06 23:57 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-14 00:18 - 2017-09-06 23:57 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 002286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-09-14 00:18 - 2017-09-06 23:55 - 002820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-09-14 00:18 - 2017-09-06 23:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-14 00:18 - 2017-09-06 23:55 - 001512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-14 00:18 - 2017-09-06 23:55 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-09-14 00:18 - 2017-09-06 23:54 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-14 00:18 - 2017-09-06 23:54 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-09-14 00:18 - 2017-09-06 23:52 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-09-14 00:18 - 2017-08-08 01:15 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-09-14 00:18 - 2017-08-08 01:01 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-09-14 00:18 - 2017-08-08 00:55 - 000404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-09-14 00:18 - 2017-08-08 00:52 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-09-14 00:18 - 2017-08-08 00:45 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-09-14 00:18 - 2017-08-08 00:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-14 00:18 - 2017-08-08 00:17 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-09-14 00:18 - 2017-08-08 00:16 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2017-09-14 00:18 - 2017-08-08 00:15 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-09-14 00:18 - 2017-08-08 00:15 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-09-14 00:18 - 2017-08-08 00:14 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-14 00:18 - 2017-08-08 00:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-09-14 00:18 - 2017-08-08 00:10 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-14 00:18 - 2017-08-08 00:04 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-09-14 00:18 - 2017-08-07 23:55 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-09-14 00:18 - 2017-08-01 00:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-09-14 00:18 - 2016-11-02 05:43 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-14 00:17 - 2017-09-07 01:16 - 000379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-09-14 00:17 - 2017-09-07 01:03 - 001887408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-14 00:17 - 2017-09-07 01:00 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-14 00:17 - 2017-09-07 00:58 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-09-14 00:17 - 2017-09-07 00:57 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-14 00:17 - 2017-09-07 00:54 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-09-14 00:17 - 2017-09-07 00:53 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-09-14 00:17 - 2017-09-07 00:53 - 000684896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-14 00:17 - 2017-09-07 00:53 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-09-14 00:17 - 2017-09-07 00:52 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-14 00:17 - 2017-09-07 00:52 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-09-14 00:17 - 2017-09-07 00:52 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-14 00:17 - 2017-09-07 00:52 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-14 00:17 - 2017-09-07 00:49 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-14 00:17 - 2017-09-07 00:46 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-14 00:17 - 2017-09-07 00:46 - 000628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-14 00:17 - 2017-09-07 00:30 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-14 00:17 - 2017-09-07 00:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-14 00:17 - 2017-09-07 00:22 - 000045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-09-14 00:17 - 2017-09-07 00:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-09-14 00:17 - 2017-09-07 00:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-09-14 00:17 - 2017-09-07 00:18 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-09-14 00:17 - 2017-09-07 00:18 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-09-14 00:17 - 2017-09-07 00:17 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-09-14 00:17 - 2017-09-07 00:16 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-09-14 00:17 - 2017-09-07 00:16 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-09-14 00:17 - 2017-09-07 00:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-14 00:17 - 2017-09-07 00:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-09-14 00:17 - 2017-09-07 00:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-09-14 00:17 - 2017-09-07 00:15 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-09-14 00:17 - 2017-09-07 00:14 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-14 00:17 - 2017-09-07 00:14 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-09-14 00:17 - 2017-09-07 00:14 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-14 00:17 - 2017-09-07 00:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-09-14 00:17 - 2017-09-07 00:12 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-09-14 00:17 - 2017-09-07 00:12 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-09-14 00:17 - 2017-09-07 00:12 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-09-14 00:17 - 2017-09-07 00:11 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-09-14 00:17 - 2017-09-07 00:08 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-14 00:17 - 2017-09-07 00:05 - 005114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-09-14 00:17 - 2017-09-07 00:04 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-09-14 00:17 - 2017-09-07 00:04 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-09-14 00:17 - 2017-09-07 00:03 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-09-14 00:17 - 2017-09-07 00:02 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-09-14 00:17 - 2017-09-07 00:00 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-14 00:17 - 2017-09-06 23:55 - 003616256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-14 00:17 - 2017-09-06 23:54 - 003542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-09-14 00:17 - 2017-09-06 23:54 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-09-14 00:17 - 2017-09-06 23:53 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-09-14 00:17 - 2017-08-21 23:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-09-14 00:17 - 2017-08-21 23:52 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-09-14 00:17 - 2017-08-21 23:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-14 00:17 - 2017-08-21 23:41 - 002319872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-14 00:17 - 2017-08-08 01:03 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-09-14 00:17 - 2017-08-08 00:52 - 000386408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-14 00:17 - 2017-08-08 00:52 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-09-14 00:17 - 2017-08-08 00:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-09-14 00:17 - 2017-08-07 23:51 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-09-14 00:17 - 2017-03-04 02:09 - 000178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-09-14 00:17 - 2017-03-04 02:07 - 000947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-09-14 00:17 - 2017-03-04 01:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-09-14 00:17 - 2017-03-04 01:29 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-09-14 00:17 - 2017-03-04 01:10 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-09-14 00:16 - 2017-09-07 01:04 - 000894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-09-14 00:16 - 2017-09-07 00:53 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-14 00:16 - 2017-09-07 00:53 - 000296288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-14 00:16 - 2017-09-07 00:53 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-14 00:16 - 2017-09-07 00:45 - 000372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-09-14 00:16 - 2017-09-07 00:22 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-14 00:16 - 2017-09-07 00:22 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2017-09-14 00:16 - 2017-09-07 00:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-09-14 00:16 - 2017-09-07 00:17 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-09-14 00:16 - 2017-09-07 00:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-14 00:16 - 2017-09-07 00:16 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-14 00:16 - 2017-09-07 00:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-09-14 00:16 - 2017-09-07 00:15 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-09-14 00:16 - 2017-09-07 00:15 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-09-14 00:16 - 2017-09-07 00:14 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-14 00:16 - 2017-09-07 00:14 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-14 00:16 - 2017-09-07 00:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-14 00:16 - 2017-09-07 00:13 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-14 00:16 - 2017-09-07 00:12 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-14 00:16 - 2017-09-07 00:04 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-09-14 00:16 - 2017-09-07 00:01 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-14 00:16 - 2017-09-06 23:59 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-14 00:16 - 2017-09-06 23:55 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-14 00:16 - 2017-08-22 00:43 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-09-14 00:16 - 2017-08-22 00:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-14 00:16 - 2017-08-08 01:09 - 000065648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-14 00:16 - 2017-08-08 00:52 - 000649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-14 00:16 - 2017-08-08 00:52 - 000101776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2017-09-14 00:16 - 2017-08-08 00:20 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-09-14 00:16 - 2017-08-08 00:20 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-14 00:16 - 2017-08-08 00:20 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2017-09-14 00:16 - 2017-08-08 00:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-09-14 00:16 - 2017-08-08 00:16 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-09-14 00:16 - 2017-08-08 00:13 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2017-09-14 00:16 - 2017-08-07 23:58 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-09-13 20:01 - 2017-09-14 13:55 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-09-13 20:00 - 2017-09-13 20:58 - 000000000 ____D C:\Users\Abin\AppData\Local\Bluestacks
2017-09-11 00:29 - 2017-09-11 00:30 - 004705092 _____ (Marcus Kleinehagenbrock) C:\Users\Abin\Downloads\cspy34.exe
2017-09-09 21:38 - 2017-09-20 22:25 - 000000458 _____ C:\Users\Abin\Desktop\talk diaphragm.txt
2017-08-28 19:41 - 2017-08-04 00:31 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 001214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-08-28 19:41 - 2017-08-04 00:31 - 000096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-08-28 19:41 - 2017-08-04 00:31 - 000034656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-08-28 19:41 - 2017-08-03 23:26 - 000192864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-22 19:46 - 2016-05-21 00:52 - 000112313 _____ C:\WINDOWS\ZAM.krnl.trace
2017-09-22 19:46 - 2016-05-21 00:49 - 000090382 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-09-22 19:22 - 2016-08-07 02:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-22 01:08 - 2013-07-06 02:37 - 000003793 ___SH C:\WINDOWS\SysWOW64\mmf.sys
2017-09-22 01:07 - 2016-08-07 03:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-22 01:06 - 2016-07-16 01:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-22 01:04 - 2015-05-11 00:34 - 000000000 ____D C:\Users\Abin\AppData\Roaming\vlc
2017-09-22 00:10 - 2016-05-21 00:45 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-09-21 17:25 - 2014-09-17 17:12 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 17:25 - 2014-09-17 17:12 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-21 00:56 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-20 20:35 - 2016-07-16 06:45 - 000000000 ____D C:\WINDOWS\INF
2017-09-20 00:59 - 2014-10-03 16:30 - 000000000 ____D C:\AdwCleaner
2017-09-19 19:58 - 2016-05-22 00:29 - 000000000 ____D C:\Program Files\HitmanPro
2017-09-18 22:28 - 2012-07-11 00:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-17 22:07 - 2016-09-03 22:11 - 000000000 ____D C:\Users\Abin\AppData\Roaming\tixati
2017-09-14 14:48 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\rescache
2017-09-14 14:05 - 2016-08-07 02:33 - 001554282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-14 14:02 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-14 14:01 - 2015-07-29 16:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-14 01:28 - 2016-07-16 06:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-13 22:09 - 2016-07-16 06:42 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-09-13 22:06 - 2016-07-16 06:43 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-09-13 22:04 - 2016-07-16 06:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-09-13 03:53 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 03:53 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 20:02 - 2016-10-14 21:41 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-09-12 20:02 - 2013-07-11 02:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 19:48 - 2012-07-12 17:52 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-09 18:03 - 2017-07-28 01:49 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1663178125-4035939000-1347949975-1000
2017-09-09 18:03 - 2015-07-29 16:53 - 000002366 _____ C:\Users\Abin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-09 18:03 - 2015-07-29 16:53 - 000000000 ___RD C:\Users\Abin\OneDrive
2017-09-08 23:38 - 2016-02-29 02:35 - 000000000 ____D C:\Users\Abin\Downloads\sydney
2017-09-08 22:50 - 2009-07-13 21:34 - 000000438 _____ C:\WINDOWS\win.ini
2017-09-06 06:30 - 2016-08-07 02:34 - 000000000 ____D C:\Users\Abin
2017-09-05 14:01 - 2016-07-16 06:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-05 14:01 - 2016-07-16 06:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-03 23:55 - 2016-05-12 23:06 - 000000000 ____D C:\Users\Abin\Desktop\Coloring Book
2017-09-03 23:48 - 2016-08-18 14:03 - 000000000 ____D C:\Users\Abin\Desktop\I Told You
2017-09-03 23:36 - 2016-04-23 22:06 - 000000000 ____D C:\Users\Abin\Desktop\Beyonce-LEMONADE-2016
2017-09-01 23:18 - 2017-03-18 18:14 - 000000000 ____D C:\Users\Abin\Desktop\More Life
2017-09-01 23:09 - 2016-11-25 00:06 - 000000000 ____D C:\Users\Abin\Desktop\TW - SB [320]
2017-09-01 22:05 - 2017-02-23 23:32 - 000000000 ____D C:\Users\Abin\Desktop\FH [iT]
2017-09-01 21:26 - 2017-06-30 00:21 - 000000000 ____D C:\Users\Abin\Desktop\JAY-Z - 444 - 2017
2017-09-01 21:15 - 2015-08-28 15:18 - 000000000 ____D C:\Users\Abin\Desktop\The Weeknd - Beauty Behind the Madness (Explicit) 2015 {MP3 Album}~{VBUc}
2017-09-01 21:13 - 2016-04-28 22:39 - 000000000 ____D C:\Users\Abin\Desktop\Views
2017-09-01 21:08 - 2015-11-20 20:47 - 000000000 ____D C:\Users\Abin\Desktop\Adele - 25 (Target Deluxe Edition) (2015) [CD-FLAC] [sn3h1t87] [GloDLS]
2017-08-30 22:42 - 2015-07-31 01:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-29 07:48 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-29 07:48 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-24 09:14 - 2017-04-03 00:50 - 000000000 ____D C:\Users\Abin\AppData\LocalLow\Mozilla
2017-08-24 09:13 - 2017-03-31 19:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
 
==================== Files in the root of some directories =======
 
2015-08-08 19:39 - 2014-11-08 13:45 - 000000226 _____ () C:\Program Files (x86)\update-FM2015.bat
2015-08-08 19:39 - 2013-11-06 06:28 - 000000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2012-09-05 23:46 - 2012-09-05 23:46 - 000003584 _____ () C:\Users\Abin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-17 17:35 - 2017-03-25 21:35 - 000007603 _____ () C:\Users\Abin\AppData\Local\Resmon.ResmonCfg
2014-09-04 01:18 - 2014-09-05 19:46 - 000023826 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
2017-09-13 20:58 - 2017-09-05 03:57 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\Abin\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-09-13 20:58 - 2017-09-05 03:56 - 000421400 _____ (CodeTitans) C:\Users\Abin\AppData\Local\Temp\JSON.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-09-13 01:07
 
==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2017
Ran by Abin (22-09-2017 19:53:01)
Running from C:\Users\Abin\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-07 08:46:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Abin (S-1-5-21-1663178125-4035939000-1347949975-1000 - Administrator - Enabled) => C:\Users\Abin
Administrator (S-1-5-21-1663178125-4035939000-1347949975-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1663178125-4035939000-1347949975-503 - Limited - Disabled)
Guest (S-1-5-21-1663178125-4035939000-1347949975-501 - Limited - Disabled) => C:\Users\Guest
Owner (S-1-5-21-1663178125-4035939000-1347949975-1003 - Limited - Enabled) => C:\Users\Owner
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4500_Help (HKLM-x32\...\{572F2A62-70CD-4429-8758-6D4D6DC696E1}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
bpd_scan (HKLM-x32\...\{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM-x32\...\{0A5825FD-0FB7-4e45-9037-858D463F2943}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM-x32\...\{2951A232-69BA-4925-BB9A-CEEB72B18B4F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fast Break College Basketball 2010 (HKLM-x32\...\Fast Break College Basketball 2010_is1) (Version:  - )
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
J4500 (HKLM-x32\...\{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 54.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 en-US)) (Version: 54.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTREGOPT 1.1j (HKLM-x32\...\NTREGOPT_is1) (Version:  - Lars Hederer)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
ProductContext (HKLM-x32\...\{6697D99E-E550-4498-B793-4A8DD8A1821F}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4222 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Smart-X7 7.80 (HKLM\...\WheelMouse) (Version:  - )
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.0 - Sysprogs)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll -> No File
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll -> No File
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {042937CB-5476-4C2A-8480-C5E036578E2B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A504F1B-12C3-48EC-9877-5D19F3843E00} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {135A4F94-8DF9-484A-BFE3-32D1D1BA1FD6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {173A5FF8-79E5-4C13-9DD4-1032A684ED1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1F951709-70BB-447A-9A8A-DBCB05AB6BD6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {35A742C1-2971-4943-A2E3-29AD462FFAAC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3ACF76E4-F5DF-431C-BEA2-BE70CF85AE6D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4527151D-D854-44A3-9A42-23B6220E94F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4EF9C94A-BEB8-4886-8EFB-6F8DC72DE967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {53ABC437-1B0B-41C8-BFA8-0949927B2CAE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5530EFFD-764C-40BD-81B3-5C3AC1537CF1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A56561D-C8FF-4AE6-B253-26131E684278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {5C443EC6-947D-47E4-9023-8E7DA2978214} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {64A9481C-09D1-4E79-A25A-44F1C2C65CB6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {76028AB5-AC97-4F06-8327-7D5A47A19935} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7AB504BC-20C0-4B04-9062-58A81B04DE52} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8019363D-BCAD-4773-B90D-F17D42075CBA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A3580BB-AADC-4EE2-9E7E-992260A2944C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D77A25D-FD6A-481A-B0D6-9678902CB9A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98E27F6A-9B98-410A-9F9E-4200C5ED3EC6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {98F1F50F-9AEC-440C-8196-1ADCD6C86C25} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {9D2762FE-AFFC-4619-82AE-04B392499F8C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A16A0604-ED35-4D03-A9C8-ADE811234D59} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A5E0DE92-94F4-40D3-8999-DE7501A8E97F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE7DC83D-A218-4B04-A8F8-22E532E97A7A} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: {C0F395F2-9715-4314-A840-2E6C417F6A32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0038086-7685-4209-A037-810F3EF0F5F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E7057AF8-4534-412F-BEBE-D8A8A7787CE5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E88B8595-3F79-4758-8679-90FEE4AFBA7F} - System32\Tasks\{14082079-744B-40B5-BBE2-E95DCA3A5437} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {EE44F1BC-3A65-4249-BBAC-F4DEB17CDF61} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F2511BEE-366D-49C8-BB06-D1D74AAAE162} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAD2BC7B-3110-4260-89A5-59BDDFA81666} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FE5084FB-86B3-4410-B015-536B68645CDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 06:42 - 2016-07-16 06:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-09-14 00:18 - 2017-09-07 01:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-06 02:37 - 2013-07-06 02:37 - 000002560 _____ () C:\Windows\runservice.exe
2016-09-21 13:47 - 2016-09-06 23:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 02:32 - 2017-03-04 01:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 02:33 - 2017-03-04 01:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 02:33 - 2017-03-04 01:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 02:33 - 2017-03-04 01:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-09-14 00:19 - 2017-09-06 23:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-14 00:19 - 2017-09-06 23:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2013-07-23 18:53 - 1999-12-31 19:00 - 000196608 _____ () C:\Program Files\Mouse\Amoumain.exe
2017-09-21 17:25 - 2017-09-21 02:29 - 002692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libglesv2.dll
2017-09-21 17:25 - 2017-09-21 02:29 - 000138584 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libegl.dll
2013-07-06 02:37 - 2013-07-06 02:37 - 000048640 _____ () C:\Windows\mmfs.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2017-09-18 23:16 - 000450998 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123moviedownload.com
 
There are 15468 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 68.94.156.10 - 68.94.157.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: RoxioNow Service => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: ZAMSvc => 2
MSCONFIG\startupreg: 8841BA9B7D8C488D59C00E597852C5577DFF8882._service_run => "C:\Users\Abin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: F.lux => "C:\Users\Abin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Abin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\StartupFolder: => "ERUNT AutoBackup.lnk"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "WinPatrol"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Abin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Abin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{203A23B4-962C-4A55-8849-3D1E07B8998B}] => (Allow) C:\users\abin\desktop\hitmanpro_x64.exe
FirewallRules: [{0D761036-71A1-46E9-8542-195A5B1EF6F5}] => (Allow) C:\users\abin\desktop\hitmanpro_x64.exe
FirewallRules: [{B4BAAE39-2451-4AC5-A511-79212CA14507}] => (Allow) C:\users\abin\appdata\local\temp\{b5187abf-3e67-4e6f-9053-a1f9ca8766b1}\{024056c1-eeb3-40b9-ad92-451715028c33}.exe
FirewallRules: [{06CE654C-DCE4-4F22-917E-D514C8AEA0F6}] => (Allow) C:\program files\mpc-hc\mpc-hc64.exe
FirewallRules: [{EC527048-A889-41DD-BF88-400AA14B924F}] => (Allow) C:\users\abin\appdata\local\temp\{cb05680a-ce82-4f9e-a2e9-07afb7c24b9b}\{cd5d43b4-7088-4e9c-9f4c-fb3803980449}.exe
FirewallRules: [{E90059E9-8758-46B9-A5C9-8F1FD2B46F1F}] => (Allow) C:\program files\clonespy\clonespy64.exe
FirewallRules: [{8DD1691F-89E0-4999-8F4F-53A64F251ADC}] => (Allow) C:\windows\system32\taskhostw.exe
FirewallRules: [{7C53B4A4-C58A-4DFD-8980-4121A22AFB9C}] => (Allow) C:\users\abin\desktop\autodetectutility.exe
FirewallRules: [{70832784-8CC7-44C4-9596-139616207B85}] => (Allow) C:\users\abin\desktop\ccsetup518.exe
FirewallRules: [{199C8592-1D5F-474D-9BD8-03BBE81159EE}] => (Allow) C:\program files\cyberghost 5\data\openvpn\openvpn.exe
FirewallRules: [{25B5574B-622A-4D61-A599-42CCD25D8E6A}] => (Allow) C:\program files\cyberghost 5\wyupdate.exe
FirewallRules: [{2C59F283-6EE3-4501-BAFC-0F334DBBAEEA}] => (Allow) C:\program files\cyberghost 5\service.exe
FirewallRules: [{1905E932-D8AA-47D8-9699-AC66ED5C2AF3}] => (Allow) C:\program files\cyberghost 5\cyberghost.exe
FirewallRules: [{5F92F218-8684-45B5-9390-18A36DA54D71}] => (Allow) C:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
FirewallRules: [{E8D9D65F-DE56-4EAA-A49B-B8A47C88D379}] => (Allow) C:\windows\system32\sihclient.exe
FirewallRules: [{FAF7F855-BD78-4675-98D6-8F7372BBA4D4}] => (Allow) C:\users\abin\appdata\local\temp\namebench.exe
FirewallRules: [{D788E9D5-C088-4153-A5E4-AB023EDA2E02}] => (Allow) C:\program files\windows defender\msascui.exe
FirewallRules: [{A0968FE6-D5CA-49FD-A6AF-0601DA81B020}] => (Allow) C:\users\abin\desktop\chrome_cleanup_tool.exe
FirewallRules: [{84801658-0364-48AD-BF51-368CA1D1550D}] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\regasm.exe
FirewallRules: [{50747298-E428-400F-99D6-27D3C22759A5}] => (Allow) C:\windows\system32\werfault.exe
FirewallRules: [{AF8E54AF-CA76-49F4-87EC-486304284807}] => (Allow) C:\program files (x86)\secunia\psi\psi.exe
FirewallRules: [{1CB1AE29-AB9C-4BC7-9B27-25E29CFF3812}] => (Allow) C:\program files (x86)\secunia\psi\psia.exe
FirewallRules: [{57F71707-9445-4420-8E4C-65AAD669804A}] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{76A0D40A-B751-454A-8169-B359FD6F0639}] => (Allow) C:\EEK\bin\a2emergencykit.exe
FirewallRules: [{DDB74F09-75DB-4528-B1FE-EA5348D22623}] => (Allow) C:\eek\bin64\a2emergencykit.exe
FirewallRules: [{B3E195E3-8403-464A-824E-70F7DD57BAA6}] => (Allow) C:\program files (x86)\zemana antimalware\zam.exe
FirewallRules: [{4E40D3C0-5A56-4F1E-960D-99C3D79CC1C9}] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [{018A8B34-5585-4472-B3A8-2AF0F87184B9}] => (Allow) C:\programdata\package cache\{28d41884-9b36-4f54-bed2-92863f08e65d}\avira.oe.setup.bundle.exe
FirewallRules: [{1AD0A0DF-7839-40D0-95EA-89EBE7EF6E13}] => (Allow) C:\program files (x86)\avira\antivirus\setup.exe
FirewallRules: [{2E13997E-63BD-439D-A9C9-026914D4A50B}] => (Allow) C:\program files (x86)\kc softwares\sumo\sumo.exe
FirewallRules: [{9341CD71-300A-4EAC-87C6-D1DC5ECB4A84}] => (Block) C:\program files (x86)\avira\antivirus\ipmgui.exe
FirewallRules: [{6FE155AF-AB15-483E-9678-F13D477924D2}] => (Allow) C:\program files (x86)\avira\antivirus\sched.exe
FirewallRules: [{34630173-27DD-48F6-9912-693FC8E2B5AE}] => (Allow) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
FirewallRules: [{F7E25D1F-E783-480F-B44E-C52A439607A6}] => (Allow) C:\program files (x86)\google\update\googleupdate.exe
FirewallRules: [{3F466519-4D2B-4F08-BC50-DAAA854C1317}] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{31B20AEE-4BE6-41D5-855D-6FEE7E8303A1}] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0C7A8D2C-D467-4CD4-8F11-45F94D3C462D}] => (Allow) C:\program files (x86)\malwarebytes anti exploit\mbae-svc.exe
FirewallRules: [{6BB2057D-1DAE-47FB-B1BF-7223E6A3D644}] => (Allow) C:\program files (x86)\avira\antivirus\avconfig.exe
FirewallRules: [{8DC27785-DE14-4A65-9311-917265D32507}] => (Allow) C:\program files (x86)\avira\antivirus\avcenter.exe
FirewallRules: [{93A53E4C-E5AB-4D18-AC18-4716CB478353}] => (Allow) C:\program files (x86)\avira\launcher\avira.servicehost.exe
FirewallRules: [{B8DA0BA7-455A-4929-98D1-4A09430ECFB2}] => (Allow) C:\program files (x86)\avira\antivirus\update.exe
FirewallRules: [{DDF455F9-1E98-421F-88AB-08131FB556B6}] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{9481002E-1651-4A32-AE03-3637D02B4AC0}] => (Allow) C:\program files (x86)\malwarebytes anti-malware\mbam.exe
FirewallRules: [{BB529300-0E22-42FA-8286-86E50AA4D4E8}] => (Allow) C:\program files (x86)\avira\launcher\avira.systray.exe
FirewallRules: [{667FD222-E6F6-473B-ADE6-14B1805168BD}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{021E74DE-EDC2-4766-B4FD-2DCE67A4B3CA}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{7650AA4E-5472-44A6-A220-2EA0C26BB401}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{DE3C1E55-544E-437E-AE7F-FD92E3E4767C}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{869AC4E4-5DA0-4A57-BAFF-FED4A5C7C67D}] => (Allow) C:\WINDOWS\system32\wwahost.exe
FirewallRules: [{99FA509F-BBFF-49E7-8A64-99E970C47037}] => (Allow) C:\Program Files\Windows Firewall Control\wfc.exe
FirewallRules: [{C98327DD-FE3F-461A-82B2-B77B5C590EDB}] => (Allow) C:\WINDOWS\explorer.exe
FirewallRules: [{AF314CE0-3BD3-40F9-907A-CFE33B912F85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E010EB5F-A8BC-468F-B517-4774840648CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC60EBC6-876F-45B5-B826-289769D54328}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7938\HPDiagnosticCoreUI.exe
FirewallRules: [{C406DBEA-3A05-4D61-85F6-73015B477617}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7938\HPDiagnosticCoreUI.exe
FirewallRules: [{57CD4019-4872-4993-AE85-C87CD76981B3}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7374\HPDiagnosticCoreUI.exe
FirewallRules: [{1F769068-F2CA-4817-ADA0-E0803FA5C2D5}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7374\HPDiagnosticCoreUI.exe
FirewallRules: [{BECD627D-4D82-4D4B-B76F-258B4B1C1E61}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS6991\HPDiagnosticCoreUI.exe
FirewallRules: [{994B4A9E-0FFD-425E-9F04-08669F898CEB}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS6991\HPDiagnosticCoreUI.exe
FirewallRules: [{EBCFE991-417B-429D-9BAE-0D83792D0BBF}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS62B2\hppiw.exe
FirewallRules: [{7E11DC61-7C7D-4BA0-8286-3A7E6BFB06DE}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS62B2\hppiw.exe
FirewallRules: [{01023072-AD06-40A4-8AB0-38C004A9A331}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{DCE1A5DC-3846-475D-9A5C-4F4F8A973B85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{F10FFC57-3BE2-410F-98DB-7F3806C7C398}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{33C64222-2C9C-46BA-A323-DFDFCDE903BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{21D201AE-2471-42F9-9457-CF4386D05B2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8A1FEB8C-4702-40FB-A0C2-2633A0FC3A2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{56F8D9D1-D7DB-4871-B366-437810B4C12B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{C426EF47-98AF-47AF-B816-CD81B1B50386}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DE1B0CA6-B37C-4882-810C-6F1A2F8CF88A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FBE96CCA-C6F8-44BF-BDC1-1B14C8A64034}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5E72031E-C9E6-432D-AD5C-DFD449CCCA2F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E818394A-5F4C-4267-83F5-BD1D8EC51369}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{1E1F1F74-626B-413A-A50F-944242910BFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{887B3BC8-40F7-449E-8687-306BEC8A42FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{267FFC44-0293-4E51-8710-849D750D5F6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{44D8533C-E3B7-4798-A6D5-27384431F930}] => (Allow) C:\windows\temp\{93400781-7319-4a6e-9eec-7c23be13121b}\installflashplayer.exe
FirewallRules: [{B30E96B8-1C06-48BB-8E30-DCA59227B0BC}] => (Allow) C:\windows\temp\{200b0f2e-7306-41df-8cb6-60d07fee3a13}\installflashplayer.exe
FirewallRules: [{74ED75A6-5DC9-4F96-9CBA-AB2829563A91}] => (Allow) C:\program files (x86)\microsoft application virtualization client\sftlist.exe
FirewallRules: [{615E205A-18A6-40D9-A7F4-C4DE06ECE74B}] => (Allow) C:\windows\temp\{66040e8f-55fe-4808-ad52-7d0a4d371679}\installflashplayer.exe
FirewallRules: [{8673448A-48A8-41E9-B39E-479B34319D16}] => (Allow) C:\windows\system32\msdt.exe
FirewallRules: [{AAE27E30-452A-4E94-AE9E-7501E40FA264}] => (Allow) C:\windows\system32\mrt.exe
FirewallRules: [{935361E2-53C6-41AE-8C46-F8C9F5842887}] => (Allow) C:\windows\system32\wat\watadminsvc.exe
FirewallRules: [{2F8881A1-9417-4B88-A358-26D8556BD756}] => (Allow) C:\windows\temp\{874087f5-f082-49d3-9636-d455510a4bbb}\installflashplayer.exe
FirewallRules: [{931E0E81-A1F9-4A7B-9992-4EC52154A406}] => (Allow) C:\windows\temp\{1978861d-fb58-4178-a2f7-52c39c6833ee}\installflashplayer.exe
FirewallRules: [{5372395C-B4BA-4EE3-8200-6A7136871069}] => (Allow) C:\program files (x86)\adobe\adobe digital editions 2.0\digitaleditions.exe
FirewallRules: [{4BD4D89E-1C65-44EF-92F4-D2D24343D6E3}] => (Allow) C:\windows\system32\msiexec.exe
FirewallRules: [{C8484A06-06A1-47BB-8B25-1AD8024FFFF2}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{26CDD7C8-29EA-4D43-92D9-AF5FDEAC4E01}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{442868FE-7F17-4A87-96CB-46C9B1031A32}] => (Allow) G:\kasperskytdsskillerportable\app\tdsskiller\tdsskiller.exe
FirewallRules: [{9D4C38BB-506B-4A8F-A1F9-AA01ADE6B5AA}] => (Allow) G:\spybotportable\app\spybot\sdupdate.exe
FirewallRules: [{6709EFE5-7EB0-4DEC-B0DF-319AE673F7C8}] => (Allow) C:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
FirewallRules: [{F5C8AE8D-B753-405A-9708-1A2916E2D032}] => (Allow) C:\program files (x86)\common files\java\java update\jucheck.exe
FirewallRules: [{C8394D7C-23B0-40FA-9BBC-4489377398FA}] => (Allow) C:\program files\windows defender\mpcmdrun.exe
FirewallRules: [{F0D35B4B-8417-45E8-AB59-652660F79874}] => (Allow) C:\program files\windows media player\wmplayer.exe
FirewallRules: [{8B55A8BD-DBCE-4F25-B253-596A5CEDCBD6}] => (Allow) C:\users\abin\appdata\local\fluxsoftware\flux\flux.exe
FirewallRules: [{0A2227DC-9DB8-4065-9811-A75C1AF8D944}] => (Allow) C:\windows\temp\{7191f3fd-aa8e-4d0a-a643-a93fd322ca4f}\installflashplayer.exe
FirewallRules: [{A366D7B9-4DC4-4D11-A019-C76AC5762FDE}] => (Allow) C:\windows\temp\{f576f7e5-32c3-4a94-b16a-4c61a73ebc51}\installflashplayer.exe
FirewallRules: [{8569F9DA-A8E3-4B1F-8E4B-FD5B1118FC7F}] => (Allow) C:\windows\temp\{517812cf-138d-4693-8059-ba9f638ab45c}\installflashplayer.exe
FirewallRules: [{EB2346B8-3C63-4BD4-9CB7-9FFAE069CBB5}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{15100B92-C6EB-4F98-9CE9-75566AAF0B3B}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{75F43569-D047-474A-9771-758FE776515C}] => (Allow) G:\kasperskytdsskillerportable\app\tdsskiller\tdsskiller.exe
FirewallRules: [{3BA473C2-7261-47E5-B28D-DB6B73EBB8C5}] => (Allow) G:\spybotportable\app\spybot\sdupdate.exe
FirewallRules: [{0CBC8614-9D24-4C47-B858-03484407BF64}] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{8D8A4ABB-7126-42AF-B151-A16F736B0EA9}] => (Allow) C:\windows\temp\{03233cb2-7d11-4f32-8795-e347c123a2c1}\installflashplayer.exe
FirewallRules: [{738FC138-A870-46EF-9A01-ECD0AA879C4A}] => (Allow) C:\windows\temp\{7df26176-a4de-4d39-bed7-d0ac7de25d9c}\installflashplayer.exe
FirewallRules: [{C4A25A47-AA0D-4D88-B24B-2171D297C234}] => (Allow) C:\windows\temp\{7042179e-732a-44d4-bfb2-d2333bc6fe8b}\installflashplayer.exe
FirewallRules: [{3FE170EE-E4C4-422E-95C3-6F744737F909}] => (Allow) C:\program files\hewlett-packard\hp client services\hpclientservices.exe
FirewallRules: [{1A0BE179-62C3-4127-AC32-1E6C4BCDA255}] => (Allow) C:\programdata\avira\antivir desktop\temp\selfupdate\update.exe
FirewallRules: [{9E91B948-CEB1-4D0B-B4E9-5553294EDFDE}] => (Allow) C:\program files (x86)\common files\microsoft shared\source engine\ose.exe
FirewallRules: [{07B60173-A11E-495D-AFF9-F2F68AD1C5A2}] => (Allow) C:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
FirewallRules: [{D9C1B018-4C46-45A8-BFAF-D29C21A71146}] => (Allow) C:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe
FirewallRules: [{FA1237FB-3641-4DA5-B5C1-31AD60E3E8F5}] => (Allow) C:\program files\hewlett-packard\hp client services\hpclientservices.exe
FirewallRules: [{AF00B6CF-8CF1-4F3B-8C19-17A9DFB8EB01}] => (Allow) C:\windows\syswow64\werfault.exe
FirewallRules: [{C74D38A7-D5DF-4BDC-AF16-D6E1F484FF14}] => (Allow) C:\program files (x86)\common files\microsoft shared\source engine\ose.exe
FirewallRules: [{05B38DBA-A939-4B16-96E6-F47A037AC5F6}] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{90FEFE92-1197-4698-9046-C28F4CE634CF}] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [{097E00F5-48F6-4073-8063-C1F067815DB7}] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{4A82213F-C0EF-4AB3-A9AE-180FC1BB0794}] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
FirewallRules: [{A7CE4014-8B39-41C5-852C-F1D4ED13277E}] => (Allow) C:\program files\ccleaner\ccleaner64.exe
FirewallRules: [{040DC528-5F32-4589-BD40-0EF9A50290F5}] => (Allow) C:\program files (x86)\windows media player\wmplayer.exe
FirewallRules: [{DDA31466-EC2C-4F25-A395-BFF6F3C2C85A}] => (Allow) C:\program files (x86)\apple software update\softwareupdate.exe
FirewallRules: [{CDE2B697-6F7A-4CE4-8D33-86BA95CE21B0}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{B3442A4B-25C6-433B-BC55-003FACB14831}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{E2700E41-8F9C-429B-BB0C-BA68910447CB}] => (Allow) G:\kasperskytdsskillerportable\app\tdsskiller\tdsskiller.exe
FirewallRules: [{E76269EA-0B5D-4659-81B5-28172E6A1324}] => (Allow) G:\spybotportable\app\spybot\sdupdate.exe
FirewallRules: [{A223E609-1C98-40F3-90AA-E7E06AACEFC3}] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
FirewallRules: [{F1BC4450-7CD5-4300-9104-A993C66F00C7}] => (Allow) C:\program files (x86)\adobe\reader 10.0\reader\acrord32.exe
FirewallRules: [{DEC27EEA-9AF6-428E-90B8-35D98C96754D}] => (Allow) C:\program files (x86)\driverupdate\driverupdate.exe
FirewallRules: [{7DB18DA1-7B70-4105-BF4B-473F6EAB0217}] => (Allow) C:\windows\explorer.exe
FirewallRules: [{C7537AE4-DD3C-4897-821F-D295C1CC6EA4}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{46A7149D-A8C9-4FAE-B027-B3010C9F23C5}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{6F73B122-5072-4FD1-BFAF-F4287E7B219A}] => (Allow) C:\windows\system32\devicedisplayobjectprovider.exe
FirewallRules: [{0D93F3B5-761C-4503-B4A1-D65958089168}] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [{218A4A59-5C06-4E11-BD6D-3B96D29D6D8C}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{50E142B7-CF63-426F-8FC0-BF8124206F62}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{05AE4DFE-552F-46E0-9C57-45CB50226337}] => (Allow) C:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe
FirewallRules: [{F84BB2BA-E8E1-4EB1-8FC5-05E977DAD3F7}] => (Allow) C:\windows\system32\wermgr.exe
FirewallRules: [{3CD5BBB2-9E70-4DC7-8E73-694DB61D7DAA}] => (Allow) C:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe
FirewallRules: [{C78C7BEC-AF07-4F26-B59C-DC16DDC98E7B}] => (Allow) C:\program files (x86)\common files\java\java update\jusched.exe
FirewallRules: [{4A80B9F3-056D-40CF-8223-3EABC890E3E1}] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{99844D38-3122-4074-92E5-DD64AD47D34D}] => (Allow) C:\program files (x86)\vs revo group\revo uninstaller\revouninstaller.exe
FirewallRules: [{3CA888A6-E0A0-4181-A35E-9906C61E01F0}] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{76E80EFE-11D9-45C3-8949-E9F0898EDD66}] => (Allow) C:\windows\system32\msfeedssync.exe
FirewallRules: [{57BFB7EF-EC39-41A2-8E58-CC57F8912A08}] => (Allow) C:\program files (x86)\avira\antivir desktop\ipmgui.exe
FirewallRules: [{2B098466-22FD-42C4-9498-92E91FA3F5D7}] => (Allow) C:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
FirewallRules: [{DA76F091-C114-4A00-A74F-06261C0FEE8E}] => (Allow) C:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
FirewallRules: [{F39EE366-6A84-4F2A-9ED3-CB3867898052}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{505BC64C-24F2-4713-B185-5F11E352CF31}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{90F374E9-3797-448E-AACD-75612DA0CAB4}] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{7E17F482-7AF0-4F8C-9C82-18E73318C633}] => (Allow) C:\program files (x86)\avira\antivir desktop\avnotify.exe
FirewallRules: [{868DD741-D72C-4790-A55A-4A3D39B0BEA4}] => (Allow) C:\program files (x86)\avira\antivir desktop\update.exe
FirewallRules: [{C50B49EF-13C4-4C8A-9F2C-DD1169847B20}] => (Allow) C:\users\abin\appdata\local\google\update\googleupdate.exe
FirewallRules: [{548ECDEC-1CD0-468F-AD81-55992D0A2EEC}] => (Allow) C:\program files\bonjour\mdnsresponder.exe
FirewallRules: [{DB7F0021-E6DA-4DDA-ACCE-6DF6B8E29A8F}] => (Allow) C:\program files\bonjour\mdnsresponder.exe
FirewallRules: [{9F0B2E5E-36D7-498B-9F3B-CD9C0F652B25}] => (Allow) C:\program files\windows defender\mpcmdrun.exe
FirewallRules: [{2F65421E-C637-4D34-8919-0580A6A69932}] => (Allow) C:\Users\Abin\AppData\Local\Temp\{65728795-4D29-8320-B5D9-4914615E76E8}\Addons\incredibar_install.exe
FirewallRules: [{B845509F-C9B2-42CE-B7F0-87796E4A9144}] => (Allow) C:\Users\Abin\AppData\Local\Temp\{65728795-4D29-8320-B5D9-4914615E76E8}\Addons\incredibar_install.exe
FirewallRules: [UDP Query User{4DA27C0B-32C8-4433-8F35-402D9F842D7D}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{7ED9AC77-DC3C-47F7-89B9-0456FB0657D1}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{38B9F4CC-0D58-4823-B802-485F51225AAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D65364C4-3B66-4A22-8ADA-E6FA7969F6E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{489C4B55-B806-4232-8CB9-7FF66E60B6C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FF486062-D819-489B-B0C4-EAD719E88E17}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B655DDE7-0CEC-4DCA-9901-EBEEC34274F1}] => (Allow) LPort=1900
FirewallRules: [{A81B75E9-6DF9-46B8-9DEA-206BCCC67D34}] => (Allow) LPort=2869
FirewallRules: [{6C1638F0-62DD-477C-BC8C-F29204C0E871}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{32E63DD0-3458-4B66-A552-C90B68778CD5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{AF4EB825-7683-4646-A80A-CB1A20E25A8F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{82BCE034-DA59-41D0-A46E-E4D1C6C20222}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{A04ECFA2-794A-4463-91E8-FB46A5A2F967}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{24E681A3-7D09-4D91-B642-237A914FE3A8}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [TCP Query User{F984E0CF-28F2-4AF2-9F03-7D08F91C4658}C:\users\abin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{033EE97E-704F-41B1-A8E8-37E4B7949BAC}C:\users\abin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A6F5AF84-543C-47FC-AB3F-463A6712B570}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{E03284CE-83BE-4386-9BCD-3D1BB53D1DB5}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{83039288-4551-4F9D-878A-1337977D83CD}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{81602BAF-ACEF-4BAB-991B-B53236FFFC36}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{1E3F7C3D-39DB-47D0-9AD7-F012123572A3}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{BADB810B-8993-4B4C-B60D-5B42272AA25C}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{A3F80A59-AE09-455A-95A4-971D4C2C6BB1}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{B0388973-F5B8-4586-AC5E-75784E31DD98}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{54EA36ED-4CE9-499A-B58B-F789B11E5213}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{418B53F0-8570-47CD-94A1-BCEDF2255A0F}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{622E23DD-D705-4CE3-8399-E3C64D804AE0}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{B34CB457-648A-46BC-866A-5B6B6C49A30F}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{7756BE83-265B-4113-A732-C43E964C053D}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{44D9E646-8432-4987-A7A1-105DE97DA208}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{5C152B37-EC02-4CD3-B32C-B2D79569D2FD}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{68B5AFAC-1DBF-4E04-BFEF-9592E3AAC850}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [TCP Query User{14CFCFB0-E9E3-44E2-8217-5607EFDBB75C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{35610654-961B-44B5-BA34-746B7F2BA067}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{F4542BF1-50DD-4CCC-BABF-74B55BE4AA1F}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{3874FBEB-AE7E-4165-85C7-CC4423EEE23F}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{EFE34DE5-07A1-4C4F-AD97-13F628DB6779}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{BFD854F5-857E-44AE-99FB-E20A9EA571B8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{EEBC157D-71C1-463F-9C05-008D520CF804}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{703A5067-A4C5-4E1F-890A-74E5E60829C9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{18753A56-5481-4DE0-89C9-38DB5E1BEEA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{2D48FF83-5FBD-400A-8F69-73147F2136D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [TCP Query User{CE260C96-94D1-4E0F-9083-AAD49FB898C9}C:\program files (x86)\ubisoft\assassin's creed ii\server.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed ii\server.exe
FirewallRules: [UDP Query User{4078974D-1353-41EC-934C-88ABEDFED94C}C:\program files (x86)\ubisoft\assassin's creed ii\server.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed ii\server.exe
FirewallRules: [{A96AF338-9DCF-47A2-93DA-463BAD200800}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAA13560-67CB-4F75-B449-831B6D03BC70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{92980660-865C-4C5C-9910-C2DCA56EA7D5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4DDA2C5E-8162-4D91-8CA1-C6D480F9DD05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{4229402B-EC60-4B7E-AFBA-1D99FD41DFF5}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe] => (Block) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{61C3E475-5232-4378-8E64-128074E0FEC7}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe] => (Block) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{49C7820E-DED2-42E1-B5DF-A13DEA3EF727}C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{E1A868E9-735D-4310-A85D-A5C5029BF58D}C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{6AC584DD-A084-473C-820D-B89018FE96B0}C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe] => (Allow) C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe
FirewallRules: [UDP Query User{020A148D-A612-478F-8046-4AFC038F08BB}C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe] => (Allow) C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe
FirewallRules: [{015B236C-CCCA-4465-AF69-21F78673527F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8C26D8D3-1AC0-43F8-BDB1-601497CDF137}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{DDA85352-A454-4DFD-A18F-F1EB07A2DE6D}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{688F9864-B621-4741-9C91-DCD0CA791AD4}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{D5EDF3FF-231C-43A6-AE20-80F6E1E582B8}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{29FD985B-41EB-41C1-9B41-094F74E96F63}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{11D0A962-C7B9-46E0-BBAA-35F20FC4BD8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C858684E-561B-4151-B469-2270215E02A1}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{67B3BEB7-479E-4B3B-8E12-EA3956CB486C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{25EF8F08-431D-4420-93B6-1BA7ADC15D09}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{4F282836-F324-4E36-8D59-C3627211DFED}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{43301E34-418A-4914-AF19-F1B487F394AB}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{8FF067CA-1826-4112-B80B-C388655AF807}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{F366C376-80E6-42F3-8891-43B473423EDF}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{672B9682-2966-4392-A7AD-76E2369696E6}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{915F6A26-3755-4FCF-9F26-8EC2455D55EE}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{A61A018D-2347-4AE8-BEEA-07EDF56BA1E0}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{5D3B0E31-BC1F-488C-8765-8CB842613C70}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{5EB091B4-229D-4693-A63F-6BD0E21A1DFF}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{0A6ACA25-6974-4B39-87C2-32C6062380A8}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{4C27E9C0-51E0-4EE9-9334-5D4B44875195}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{E13EC6B9-37C6-46A3-B347-D902B48D3D19}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{55430966-770C-438E-883D-C0EBF94AE029}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{DDCE2957-235E-4B15-99A6-D6A535F5C127}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{1C5BE86C-97E5-4934-8017-6E7D8F6FCD14}] => (Allow) %USERPROFILE%\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{7724C8AB-AC28-41C6-A4F5-5941AB3895E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
20-09-2017 06:53:45 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/22/2017 01:25:10 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (09/21/2017 01:06:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.14393.82, time stamp: 0x57a55dc6
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.1715, time stamp: 0x59b0d4d8
Exception code: 0xc0000005
Fault offset: 0x0000000000207f1a
Faulting process id: 0x1f64
Faulting application start time: 0x01d3329f83de7cb7
Faulting application path: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: f51ecd17-db2c-42b6-b1a8-a18626e6ae6d
Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
 
Error: (09/20/2017 06:54:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (09/20/2017 06:36:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.14393.0, time stamp: 0x57899bb2
Faulting module name: ntdll.dll, version: 10.0.14393.1715, time stamp: 0x59b0d03e
Exception code: 0xc0000409
Fault offset: 0x00000000000aab10
Faulting process id: 0x128c
Faulting application start time: 0x01d33203f2e792ea
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 01d18a6a-09ea-4a2c-8b05-3787edf17faa
Faulting package full name: Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
 
Error: (09/13/2017 09:25:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OommenHP)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (09/13/2017 08:36:58 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
 
Error: (09/13/2017 08:36:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (09/13/2017 08:36:56 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Disabled performance counter data collection from the "ASP.NET_64_2.0.50727" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.
 
Error: (09/13/2017 08:36:56 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: Windows cannot open the 64-bit extensible counter DLL ASP.NET_64_2.0.50727 in a 32-bit environment. Contact the file vendor to obtain a 32-bit version. Alternatively if you are running a 64-bit native environment, you can open the 64-bit extensible counter DLL by using the 64-bit version of Performance Monitor. To use this tool, open the Windows folder, open the System32 folder, and then start Perfmon.exe.
 
Error: (09/13/2017 08:20:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (09/22/2017 01:08:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/22/2017 01:08:01 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (09/20/2017 07:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LicCtrl Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/20/2017 06:32:16 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (09/20/2017 01:02:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/20/2017 01:02:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetMsmqActivator service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/20/2017 01:02:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetMsmqActivator service to connect.
 
Error: (09/20/2017 01:02:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NetPipeActivator service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (09/20/2017 01:02:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NetPipeActivator service to connect.
 
Error: (09/20/2017 01:02:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HPSupportSolutionsFrameworkService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
 
CodeIntegrity:
===================================
  Date: 2017-02-12 01:39:36.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:36.690
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:36.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:36.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.416
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:34.900
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD E-300 APU with Radeon™ HD Graphics
Percentage of memory in use: 71%
Total physical RAM: 2662.54 MB
Available physical RAM: 757.24 MB
Total Virtual: 7270.54 MB
Available Virtual: 4378 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:453.86 GB) (Free:16.89 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.37 GB) (Free:1.34 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7B343CE4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:36 PM

Posted 25 September 2017 - 08:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/658000 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 ao3

ao3
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 26 September 2017 - 02:07 AM

I can update the definitions to Windows Defender with no problems. I can use Chrome with no problems. Pretty much every other app has trouble connecting to the internet. So I have no problem actually updating those apps, but I can't do anything once they're updated.



#5 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 26 September 2017 - 04:35 PM

Hi ao3

 

My name is polskamachina and I would like to :welcome: you to the Malware Removal Forum. I will be helping you with your malware issues.

What follows below are some ground rules for this forum.
 
I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-7 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine. Running any additional tools may detect false positives, interfere with our tools, cause unforeseen damage, or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
  • NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
  • NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Please give me some time to review your situation and I will get back to you with further instructions.
 
polskamachina



#6 ao3

ao3
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 27 September 2017 - 07:42 PM

Hi,

I tried booting into Safe Mode with Networking, and it still didn't. I scanned with Malwarebytes while there, but I wasn't able to download updated definitions. I scanned anyway and it found nothing. Zemana Portable isn't compatible in Safe Mode.



#7 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 27 September 2017 - 09:44 PM

Hi ao3,
 
Thank you for the update. I'm still working on a fix for you... :busy:

 

polskamachina



#8 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 29 September 2017 - 06:51 PM

Hi ao3 :)

Sorry for the delay. Let's try the following:

- Download Windows Repair All-In-One Portable Version from here.

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on QfBzvq1.png and select Run as Administrator Accept UAC warning if it is enabled.)

  • Click Step 1 To Begin
  • Continue pressing the blue, right arrow and follow the directions at each step
  • Though some of the steps are marked optional, it's a good idea to do them anyway as they will make sure that important parts of your system are tested, a restore point is created, and the registry is backed up.
  • When you get to the Repairs-Main tab, check the following boxes which are related to Permissions and the Windows Apps Store:
    • 01 Reset Registry Permissions
    • 02 Reset File Permissions
    • 02.01 File Permissions C:\
    • 03 Reset Service Permissions
    • 27.01 Repair Windows 8/10 App Store
    • 27.02 Repair Windows 8/10 App Store (Completely Reset App Store)
    • 28 Repair Windows 8/10 Component Store
  • All the other boxes may be left unchecked.
  • Click on the Start Repairs button
  • Wait for Windows Repair to finish scanning.
  • By default Windows Repair All-In-One will create a Logs folder in its folder on the Desktop.
  • Please copy and paste the contents of the log into your next reply to me

In summary I will need from you:

  • The log from the Windows Repair All-In-One tool
  • How is your computer performing now?

Let me know if you have any questions.

 

polskamachina



#9 ao3

ao3
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 30 September 2017 - 12:40 AM

I had to skip 02.01 since it wasn't there. There were 4 files in the Logs folder so I pasted all 4. I still can't scan with Zemana. I had to 'x' out of the last command prompt since it didn't seem to be doing anything.

 

Tweaking.com - Windows Repair 2018 (v4.0.6)
--------------------------------------------------------------------------------
 
System Variables
--------------------------------------------------------------------------------
OS: Windows 10 Home
OS Architecture: 64-bit
OS Version: 10.0.14393.1715
OS Service Pack: 
Computer Name: OOMMENHP
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Abin
Current Profile SID: S-1-5-21-1663178125-4035939000-1347949975-1000
Current Profile Classes: S-1-5-21-1663178125-4035939000-1347949975-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Users\Abin\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 02 Days 00:59:34
 
Process Count: 88
Commit Total: 2.69 GB
Commit Limit: 7.10 GB
Commit Peak: 3.32 GB
Handle Count: 33856
Kernel Total: 376.89 MB
Kernel Paged: 296.49 MB
Kernel Non Paged: 80.40 MB
System Cache: 711.32 MB
Thread Count: 1035
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.60 GB
Memory Used: 1.79 GB(68.8242%)
Memory Avail.: 830.07 MB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.60 GB
Memory Used: 1.51 GB(58.1973%)
Memory Avail.: 1.09 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Started at (9/29/2017 8:18:08 PM)
 
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 84
 
01 - Reset Registry Permissions
   Restore Windows 7/8/10 Default Registry Permissions
   Start (9/29/2017 8:18:17 PM)
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\hku.7z
Done,  2.52 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\hklm.7z
Done,  57.96 seconds.
 
   Running Repair Under System Account
   Done (9/29/2017 8:25:48 PM)
 
02 - Reset File Permissions
   Restore Windows 7/8/10 Default File Permissions
   Start (9/29/2017 8:25:48 PM)
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\default.7z
Done,  0.44 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\profile.7z
Done,  2.05 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\program_files.7z
Done,  8.69 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\program_files_x86.7z
Done,  0.65 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\programdata.7z
Done,  1.94 seconds.
 
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\windows.7z
Done,  20.91 seconds.
 
   Running Repair Under System Account
   Done (9/29/2017 9:39:21 PM)
 
03 - Reset Service Permissions
   Start (9/29/2017 9:39:21 PM)
 
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (9/29/2017 9:47:18 PM)
 
27.02 - Repair Windows 8/10 App Store (Completely Reset App Store)
   Start (9/29/2017 9:47:18 PM)
 
Decompressing & Updating Windows Permission File C:\Users\Abin\Desktop\Tweaking.com - Windows Repair\files\permissions\10\hku.7z
Done,  7.13 seconds.
 
   Running Repair Under Current User Account
   Done (9/29/2017 10:26:34 PM)
 
28 - Repair Windows 8/10 Component Store
   Start (9/29/2017 10:26:34 PM)
   Running Repair Under Current User Account
   Done (9/29/2017 10:35:46 PM)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done at (9/29/2017 10:35:47 PM)
   Total Repair Time: 02:17:42
 
 
...YOU MUST RESTART YOUR SYSTEM...
 
 
ERROR: Writing SD to <machine\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage> failed with: The handle is invalid.
ERROR: Writing SD to <machine\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Perflib\009> failed with: The handle is invalid.
ERROR: Writing SD to <machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\CurrentLanguage> failed with: The handle is invalid.
ERROR: Writing SD to <machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009> failed with: The handle is invalid.
 
 
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\9E2F88E3.Twitter_5.2.0.0_x86__wgeqdkkx372wm\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\9E2F88E3.Twitter_5.2.0.0_x86__wgeqdkkx372wm\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\AD2F1837.HPWelcome_0.1.50.0_x64__v10z8vjag6ke6\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\AD2F1837.HPWelcome_0.1.50.0_x64__v10z8vjag6ke6\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.3DBuilder_11.1.9.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1066_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1066_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1198_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1198_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1358_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1358_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1378_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1378_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1715_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.1715_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.187_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.187_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.206_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.206_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.447_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.447_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.576_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.576_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.693_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.693_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.953_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AccountsControl_10.0.14393.953_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1605.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1605.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1606.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1606.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1606.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Advertising.Xaml_10.0.1606.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingSports_4.12.207.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BioEnrollment_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.BioEnrollment_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.DesktopAppInstaller_1.0.1471.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.DesktopAppInstaller_1.0.1471.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Messaging_3.19.1001.0_x86__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftOfficeHub_17.7031.23501.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftOfficeHub_17.7031.23501.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftSolitaireCollection_3.11.7081.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftSolitaireCollection_3.11.7081.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftStickyNotes_1.0.136.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.MicrosoftStickyNotes_1.0.136.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.OneNote_17.6868.57981.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.OneNote_17.6868.57981.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.OneNote_17.7167.57761.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.OneNote_17.7167.57761.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Sway_17.7167.45121.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Sway_17.7167.45121.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.OneConnect_1.1605.17.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.OneConnect_1.1605.17.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.People_10.0.11902.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.PPIProjection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.StorePurchaseApp_1.0.45.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.StorePurchaseApp_1.0.45.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Apprep.ChxApp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.CloudExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ContentDeliveryManager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
The process cannot access the file because it is being used by another process.
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
The process cannot access the file because it is being used by another process.
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ParentalControls_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.SecondaryTileExperience_10.0.0.0_neutral__cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1198_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1198_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1378_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1378_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
The process cannot access the file because it is being used by another process.
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
The process cannot access the file because it is being used by another process.
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.187_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.187_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.206_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.206_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.447_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.447_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.953_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Windows.ShellExperienceHost_10.0.14393.953_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1605.1742.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1605.1742.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1607.1991.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsAlarms_10.1607.1991.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCamera_2016.404.190.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsCamera_2016.404.190.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.6868.41201.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.6868.41201.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsFeedbackHub_1.3.1741.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsFeedbackHub_1.3.1741.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsPhone_10.1607.1991.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1605.1622.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1605.1622.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1607.1891.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsSoundRecorder_10.1607.1891.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_11606.1001.39.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.WindowsStore_11606.1001.39.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxApp_19.19.28029.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxApp_19.19.28029.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxGameCallableUI_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxIdentityProvider_11.18.16009.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.XboxIdentityProvider_11.18.16009.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.ContactSupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.MiracastView_6.3.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG1
Deleted file - C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Windows.PrintDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy\ActivationStore.dat.LOG2
File not found - C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb
Could Not Find C:\ProgramData\Microsoft\Windows\AppRepository\PackageRepository.edb
Add-AppxPackage : Cannot find path 'C:\WINDOWS\WinStore\AppxManifest.XML' 
because it does not exist.
At line:1 char:1
+ Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\Win ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\WINDOWS\WinStore\AppxManifes 
   t.XML:String) [Add-AppxPackage], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.Windows.Appx.PackageManag 
   er.Commands.AddAppxPackageCommand
 
Add-AppxPackage : Cannot find path 'C:\WINDOWS\camera\AppxManifest.xml' 
because it does not exist.
At line:1 char:1
+ Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\cam ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\WINDOWS\camera\AppxManifest. 
   xml:String) [Add-AppxPackage], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.Windows.Appx.PackageManag 
   er.Commands.AddAppxPackageCommand
 
Add-AppxPackage : Cannot find path 'C:\WINDOWS\FileManager\AppxManifest.xml' 
because it does not exist.
At line:1 char:1
+ Add-AppxPackage -DisableDevelopmentMode -Register $Env:SystemRoot\Fil ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (C:\WINDOWS\FileManager\AppxMani 
   fest.xml:String) [Add-AppxPackage], ItemNotFoundException
    + FullyQualifiedErrorId : PathNotFound,Microsoft.Windows.Appx.PackageManag 
   er.Commands.AddAppxPackageCommand
 
 
Deployment Image Servicing and Management tool
Version: 10.0.14393.0
 
Image Version: 10.0.14393.0
 
 
[                           0.1%                           ] 
 
[                           0.2%                           ] 
 
[                           0.4%                           ] 
 
[                           0.6%                           ] 
 
[                           0.9%                           ] 
 
[                           1.0%                           ] 
 
[                           1.3%                           ] 
 
[                           1.5%                           ] 
 
[                           1.7%                           ] 
 
[=                          1.9%                           ] 
 
[=                          2.0%                           ] 
 
[=                          2.2%                           ] 
 
[=                          2.3%                           ] 
 
[=                          2.5%                           ] 
 
[=                          2.6%                           ] 
 
[=                          2.8%                           ] 
 
[=                          2.9%                           ] 
 
[=                          3.1%                           ] 
 
[=                          3.2%                           ] 
 
[=                          3.4%                           ] 
 
[==                         3.5%                           ] 
 
[==                         3.7%                           ] 
 
[==                         3.8%                           ] 
 
[==                         3.9%                           ] 
 
[==                         4.1%                           ] 
 
[==                         4.2%                           ] 
 
[==                         4.3%                           ] 
 
[==                         4.5%                           ] 
 
[==                         4.6%                           ] 
 
[==                         4.7%                           ] 
 
[==                         4.8%                           ] 
 
[==                         4.9%                           ] 
 
[==                         5.0%                           ] 
 
[==                         5.1%                           ] 
 
[===                        5.2%                           ] 
 
[===                        5.4%                           ] 
 
[===                        5.4%                           ] 
 
[===                        5.5%                           ] 
 
[===                        5.6%                           ] 
 
[===                        5.7%                           ] 
 
[===                        5.7%                           ] 
 
[===                        5.7%                           ] 
 
[===                        5.7%                           ] 
 
[===                        5.8%                           ] 
 
[===                        5.8%                           ] 
 
[===                        5.9%                           ] 
 
[===                        6.0%                           ] 
 
[===                        6.0%                           ] 
 
[===                        6.1%                           ] 
 
[===                        6.1%                           ] 
 
[===                        6.2%                           ] 
 
[===                        6.3%                           ] 
 
[===                        6.3%                           ] 
 
[===                        6.4%                           ] 
 
[===                        6.4%                           ] 
 
[===                        6.4%                           ] 
 
[===                        6.5%                           ] 
 
[===                        6.5%                           ] 
 
[===                        6.6%                           ] 
 
[===                        6.6%                           ] 
 
[===                        6.7%                           ] 
 
[===                        6.7%                           ] 
 
[===                        6.8%                           ] 
 
[===                        6.8%                           ] 
 
[====                       6.9%                           ] 
 
[====                       6.9%                           ] 
 
[====                       7.0%                           ] 
 
[====                       7.0%                           ] 
 
[====                       7.1%                           ] 
 
[====                       7.1%                           ] 
 
[====                       7.1%                           ] 
 
[====                       7.2%                           ] 
 
[====                       7.2%                           ] 
 
[====                       7.3%                           ] 
 
[====                       7.3%                           ] 
 
[====                       7.3%                           ] 
 
[====                       7.4%                           ] 
 
[====                       7.4%                           ] 
 
[====                       7.5%                           ] 
 
[====                       7.5%                           ] 
 
[====                       7.6%                           ] 
 
[====                       7.6%                           ] 
 
[====                       7.7%                           ] 
 
[====                       7.8%                           ] 
 
[====                       7.9%                           ] 
 
[====                       7.9%                           ] 
 
[====                       8.0%                           ] 
 
[====                       8.0%                           ] 
 
[====                       8.1%                           ] 
 
[====                       8.2%                           ] 
 
[====                       8.2%                           ] 
 
[====                       8.3%                           ] 
 
[====                       8.3%                           ] 
 
[====                       8.4%                           ] 
 
[====                       8.4%                           ] 
 
[====                       8.5%                           ] 
 
[====                       8.5%                           ] 
 
[====                       8.6%                           ] 
 
[====                       8.6%                           ] 
 
[=====                      8.7%                           ] 
 
[=====                      8.7%                           ] 
 
[=====                      8.9%                           ] 
 
[=====                      8.9%                           ] 
 
[=====                      9.0%                           ] 
 
[=====                      9.0%                           ] 
 
[=====                      9.1%                           ] 
 
[=====                      9.2%                           ] 
 
[=====                      9.2%                           ] 
 
[=====                      9.2%                           ] 
 
[=====                      9.3%                           ] 
 
[=====                      9.3%                           ] 
 
[=====                      9.4%                           ] 
 
[=====                      9.5%                           ] 
 
[=====                      9.5%                           ] 
 
[=====                      9.6%                           ] 
 
[=====                      9.6%                           ] 
 
[=====                      9.6%                           ] 
 
[=====                      9.7%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.8%                           ] 
^C

Edited by ao3, 30 September 2017 - 12:42 AM.


#10 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 30 September 2017 - 06:39 PM

Hi ao3 :)
 
Other than the incomplete Deployment Image Service Manger report which you manually terminated, were any of your other apps affected by running the all-in-one tool? In other words, is Zemana the only software not working properly?
 
Let me know if you have any questions.
 
polskamachina



#11 ao3

ao3
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 30 September 2017 - 07:23 PM

Sorry for not clarifying. None of my apps were affected. I can't update Malwarebytes definitions or scan with HitmanPro either.

 

There's something I don't know whether is relevant or not that I haven't mentioned. I used to illegally use the paid versions of Zemana and Malwarebytes using keygens and all that. Once they stopped working, I just stuck with Defender only. I remember scanning with Malwarebytes afterwards, and it showed an infected HOSTS file. 



#12 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 02 October 2017 - 01:08 PM

Hi ao3 :)

You said:

I used to illegally use the paid versions of Zemana and Malwarebytes using keygens and all that.

Pirated products are a good source of malware infection as you do not know what was included when the original product was patched/pirated. Ethics aside, it may be illegal depending on the cyber law of your country. We at Bleeping Computer would like to give the user who seeks assistance the benefit of the doubt and would give you a chance to remove the cracked software and the associated files. If you decide to remove the cracked software, please follow steps below and attach the log into your next reply to me. If you decide to keep the cracked software the topic will be closed.

In order to be able to fully remove Zemana, we need to start with the fully installed program. (Your logs show that pieces of it are missing.)

  • Click this link to the Zemana webpage
  • Select the Free Download button
  • Download the program and run the setup software
  • When the installation has completed, restart your computer if the software requires it
  • Now that it's installed properly, it should be easier to remove

Next:

We need to remove some (pirated) programs with Revo Uninstaller Free:

Please read these directions all the way through before beginning. Be especially careful that you DO NOT RESTART your computer before Revo has completed all of its steps

Note: Revo Uninstaller is more thorough in deleting programs on your computer than using the Add/Remove option in Windows. Since it is a more powerful tool, please be sure to follow the instructions carefully.
Note: If the program you want to uninstall is not listed by Revo, let me know and we will try an alternate method of removal.

  • Please download and install Revo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed programs, one at a time, or anything similar, to remove both of them::
    Malwarebytes version 3.2.2.2029
    Zemana
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished, you may be prompted to restart your computer
  • DO NOT RESTART YOUR COMPUTER AT THIS TIME! Click on Cancel if asked to restart your computer
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done, click Finish
  • Please feel free to install the legitimate versions of Malwarebytes and/or Zemana again (free or premium) if you want to keep them

Next:

  • Download CKScanner from here:http://downloads.malwareremoval.com/CKScanner.exe
  • Important - Save it to your Desktop
  • Right Click CKScanner.exe and select, Run as administrator
  • Give permission if necessary, and click Search For Files
  • After a very short time, when the cursor hourglass disappears, click Save List To File
  • A message box will verify the file saved. Please run the program only once
  • Double-click the CKFiles.txt icon on your desktop
  • Copy and paste the contents of the logfile into your next reply to me

Next:

  • Right-click FRST64 and run it as administrator
  • If the program needs to update, let it update
  • Click the Scan button
  • When the scan has completed, FRST.txt and Addition.txt will appear in Notepad
  • Please copy and paste those two logs into your next reply to me

In summary I will need from you,

  • CKFiles log
  • FRST.txt
  • Addition.txt
  • How is your computer performing now?

Let me know if you have any questions.

polskamachina



#13 ao3

ao3
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:36 PM

Posted 02 October 2017 - 08:21 PM

By the way, I had to update FRST manually, since it can't access the internet on its own. It's not just the security programs. Even Firefox was able to update on its own (I use Chrome), but these programs can't. And each time I try to open them I get a pop-up that says SmartScreen isn't working. None of this helped.
 
EDIT: I installed Malwarebytes again after this. The first pop-up I got was something saying it was unable to contact the license server.
 
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\gds\fast break college basketball 2010\images\buttons\removewatch.jpg
c:\program files (x86)\gds\fast break college basketball 2010\images\buttons\removewatchdown.jpg
c:\program files (x86)\gds\fast break college basketball 2010\images\buttons\removewatchover.jpg
scanner sequence 3.CA.11.PXNAEZ
 ----- EOF ----- 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2017 01
Ran by Abin (administrator) on OOMMENHP (02-10-2017 20:06:24)
Running from C:\Users\Abin\Desktop
Loaded Profiles: Abin (Available Profiles: Abin & Owner & Guest & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Windows\Runservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Mouse\Amoumain.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [WheelMouse] => C:\Program Files\Mouse\Amoumain.exe [196608 1999-12-31] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\MountPoints2: {eaf92516-6bd8-11e6-9bec-386077411891} - "F:\WMMA3_Retail.exe" 
Startup: C:\Users\Abin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2014-10-11]
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-09-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3b130b83-c9c2-48ee-9aff-1377b736edad}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3b130b83-c9c2-48ee-9aff-1377b736edad}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
Toolbar: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
 
FireFox:
========
FF ProfilePath: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039 [2017-09-30]
FF NewTab: Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039 -> about:newtab
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039 -> Google
FF Extension: (uBlock Origin) - C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\Extensions\uBlock0@raymondhill.net.xpi [2017-09-30]
FF SearchPlugin: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\searchplugins\google-images.xml [2015-08-25]
FF SearchPlugin: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\searchplugins\kickassto.xml [2015-07-31]
FF SearchPlugin: C:\Users\Abin\AppData\Roaming\Mozilla\Firefox\Profiles\ebj8r14w.default-1438303943039\searchplugins\youtube.xml [2015-07-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-07-06] <==== ATTENTION
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default [2017-10-02]
CHR Extension: (Google Slides) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27]
CHR Extension: (YouTube) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-27]
CHR Extension: (uBlock Origin) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-09-06]
CHR Extension: (Google Search) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-05]
CHR Extension: (Google Sheets) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (HTTPS Everywhere) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2017-09-15]
CHR Extension: (Google Docs Offline) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Abin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fffefoflbnnklnhpcjohenokjnpjfcad] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 LicCtrlService; C:\Windows\runservice.exe [2560 2013-07-06] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
U2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2015-06-24] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2015-08-20] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2015-08-20] (Windows ® Win 7 DDK provider)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [46960 2016-06-14] ()
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [161408 2017-01-30] (Zemana Ltd.)
R1 MpKsl048cddd9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{91B58B1B-3A65-4339-941B-FF7AEBEE92AC}\MpKsl048cddd9.sys [58120 2017-10-01] (Microsoft Corporation)
R1 MpKsl3e779f9d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{94509E43-649A-4CEC-98F4-0460E6606FBD}\MpKsl3e779f9d.sys [58120 2017-10-01] (Microsoft Corporation)
R1 MpKsl7e8eedf0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{16A78558-469C-4B22-BA80-F443132A949F}\MpKsl7e8eedf0.sys [58120 2017-09-29] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-10-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-03-25] (Zemana Ltd.)
S3 cleanhlp; \??\C:\EEK\bin\cleanhlp64.sys [X]
S1 epp; \??\C:\EEK\bin64\epp.sys [X]
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-02 20:06 - 2017-10-02 20:08 - 000015604 _____ C:\Users\Abin\Desktop\FRST.txt
2017-10-02 20:04 - 2017-10-02 20:04 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-10-02 20:02 - 2017-10-02 20:04 - 015808656 _____ (Copyright 2017.) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
2017-10-02 20:00 - 2017-10-02 20:05 - 002399744 _____ (Farbar) C:\Users\Abin\Desktop\FRST64.exe
2017-10-02 19:34 - 2017-10-02 19:34 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-10-02 19:34 - 2017-10-02 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-10-02 19:34 - 2017-10-02 19:34 - 000000000 ____D C:\Program Files\VS Revo Group
2017-10-01 19:28 - 2017-10-01 20:21 - 323129607 _____ C:\Users\Abin\Downloads\275_092117_195 nia.mp4
2017-09-29 20:13 - 2017-09-29 20:13 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-OOMMENHP-Windows-10-Home-(64-bit).dat
2017-09-29 20:13 - 2017-09-29 20:13 - 000000000 ____D C:\RegBackup
2017-09-29 20:02 - 2017-09-29 20:03 - 000000000 ____D C:\Users\Abin\Desktop\Tweaking.com - Windows Repair
2017-09-28 18:16 - 2017-09-28 18:26 - 000000000 ____D C:\Program Files\rempl
2017-09-27 23:43 - 2017-09-28 00:27 - 264915924 _____ C:\Users\Abin\Downloads\275_092417_217 monica.mp4
2017-09-26 14:52 - 2017-09-26 14:52 - 000000000 ___HD C:\$SysReset
2017-09-25 00:47 - 2017-09-25 00:47 - 000371671 _____ C:\Users\Abin\Desktop\AllyTaxIDCertification.pdf
2017-09-24 19:51 - 2017-10-01 21:04 - 000000000 ____D C:\Users\Abin\AppData\Local\ElevatedDiagnostics
2017-09-22 23:13 - 2017-09-22 23:14 - 000002366 _____ C:\Users\Abin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-20 20:22 - 2017-10-02 20:06 - 000000000 ____D C:\FRST
2017-09-20 00:26 - 2017-09-20 00:28 - 008182736 _____ (Malwarebytes) C:\Users\Abin\Desktop\adwcleaner_7.0.2.1.exe
2017-09-19 23:58 - 2017-09-05 21:35 - 320644815 _____ C:\Users\Abin\Downloads\KL-NN kendra.mp4
2017-09-19 20:07 - 2017-09-19 20:11 - 000000000 ____D C:\Users\Abin\AppData\Local\IIIQF
2017-09-19 19:58 - 2017-09-19 19:58 - 000001968 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-09-19 19:58 - 2017-09-19 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-09-19 19:47 - 2017-09-20 19:29 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Abin\Desktop\iExplore.exe
2017-09-14 13:55 - 2017-09-30 00:29 - 000210480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-14 00:25 - 2017-09-07 02:07 - 000315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-09-14 00:25 - 2017-09-07 01:22 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-09-14 00:25 - 2017-09-07 01:21 - 002265368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-14 00:25 - 2017-09-07 01:21 - 000780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-14 00:25 - 2017-09-07 01:17 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-09-14 00:25 - 2017-09-07 01:13 - 000546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-14 00:25 - 2017-09-07 01:12 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-09-14 00:25 - 2017-09-07 01:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-14 00:25 - 2017-09-07 01:00 - 000037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-09-14 00:25 - 2017-09-07 00:57 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-09-14 00:25 - 2017-09-07 00:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-09-14 00:25 - 2017-09-07 00:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-09-14 00:25 - 2017-09-07 00:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-09-14 00:25 - 2017-09-07 00:50 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-09-14 00:25 - 2017-09-07 00:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-09-14 00:25 - 2017-09-07 00:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-09-14 00:25 - 2017-09-07 00:48 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-09-14 00:25 - 2017-09-07 00:47 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-09-14 00:25 - 2017-09-07 00:47 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-09-14 00:25 - 2017-09-07 00:44 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-09-14 00:25 - 2017-09-07 00:42 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-09-14 00:25 - 2017-09-07 00:42 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-09-14 00:25 - 2017-09-07 00:40 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-09-14 00:25 - 2017-09-07 00:40 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-09-14 00:25 - 2017-09-07 00:39 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-09-14 00:25 - 2017-09-07 00:36 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-09-14 00:25 - 2017-09-07 00:36 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-09-14 00:25 - 2017-09-07 00:35 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-09-14 00:25 - 2017-09-07 00:34 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-14 00:25 - 2017-09-07 00:34 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-09-14 00:25 - 2017-09-07 00:33 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-14 00:25 - 2017-09-07 00:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-09-14 00:25 - 2017-09-07 00:32 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-14 00:25 - 2017-09-07 00:32 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-09-14 00:25 - 2017-09-07 00:32 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-09-14 00:25 - 2017-09-07 00:31 - 001988608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-09-14 00:25 - 2017-09-07 00:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-09-14 00:25 - 2017-09-07 00:30 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-09-14 00:25 - 2017-09-07 00:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-09-14 00:25 - 2017-09-07 00:29 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-14 00:25 - 2017-09-07 00:29 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-09-14 00:25 - 2017-09-07 00:07 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-14 00:25 - 2017-08-21 23:55 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-09-14 00:25 - 2017-03-04 01:05 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-09-14 00:25 - 2017-03-04 01:01 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-09-14 00:24 - 2017-09-07 01:29 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-14 00:24 - 2017-09-07 01:24 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-09-14 00:24 - 2017-09-07 01:21 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-09-14 00:24 - 2017-09-07 01:21 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-09-14 00:24 - 2017-09-07 01:20 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-14 00:24 - 2017-09-07 01:19 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-14 00:24 - 2017-09-07 01:19 - 000606560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-09-14 00:24 - 2017-09-07 01:19 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-09-14 00:24 - 2017-09-07 01:17 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-09-14 00:24 - 2017-09-07 01:16 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-09-14 00:24 - 2017-09-07 01:01 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-14 00:24 - 2017-09-07 01:01 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-14 00:24 - 2017-09-07 00:56 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-09-14 00:24 - 2017-09-07 00:54 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-09-14 00:24 - 2017-09-07 00:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-09-14 00:24 - 2017-09-07 00:49 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-09-14 00:24 - 2017-09-07 00:48 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-14 00:24 - 2017-09-07 00:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-09-14 00:24 - 2017-09-07 00:48 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-09-14 00:24 - 2017-09-07 00:47 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-09-14 00:24 - 2017-09-07 00:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-09-14 00:24 - 2017-09-07 00:46 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-14 00:24 - 2017-09-07 00:45 - 013875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-14 00:24 - 2017-09-07 00:44 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-09-14 00:24 - 2017-09-07 00:40 - 000746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-09-14 00:24 - 2017-09-07 00:40 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-09-14 00:24 - 2017-09-07 00:38 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-14 00:24 - 2017-09-07 00:37 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-14 00:24 - 2017-09-07 00:35 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-09-14 00:24 - 2017-09-07 00:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-09-14 00:24 - 2017-09-07 00:33 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-14 00:24 - 2017-09-07 00:32 - 001993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-09-14 00:24 - 2017-09-07 00:32 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-14 00:24 - 2017-09-07 00:32 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-09-14 00:24 - 2017-09-07 00:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 002747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-09-14 00:24 - 2017-09-07 00:30 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-09-14 00:24 - 2017-09-07 00:29 - 001576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-09-14 00:24 - 2017-09-07 00:29 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-09-14 00:24 - 2017-09-07 00:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-09-14 00:24 - 2017-08-08 01:03 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-09-14 00:24 - 2017-08-08 00:21 - 000340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-09-14 00:24 - 2017-08-07 23:56 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-09-14 00:24 - 2017-08-07 23:48 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-09-14 00:24 - 2017-08-07 23:41 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-09-14 00:24 - 2017-03-04 01:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-09-14 00:23 - 2017-09-07 01:32 - 001573792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-14 00:23 - 2017-09-07 01:32 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-09-14 00:23 - 2017-09-07 01:24 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-09-14 00:23 - 2017-09-07 01:22 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-09-14 00:23 - 2017-09-07 01:21 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-14 00:23 - 2017-09-07 01:21 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-09-14 00:23 - 2017-09-07 01:20 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-09-14 00:23 - 2017-09-07 01:20 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-14 00:23 - 2017-09-07 01:20 - 000267104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-14 00:23 - 2017-09-07 01:20 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-14 00:23 - 2017-09-07 01:20 - 000037200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-14 00:23 - 2017-09-07 01:19 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-09-14 00:23 - 2017-09-07 01:17 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-14 00:23 - 2017-09-07 01:16 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-14 00:23 - 2017-09-07 01:13 - 001412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-14 00:23 - 2017-09-07 00:59 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-14 00:23 - 2017-09-07 00:58 - 000554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-14 00:23 - 2017-09-07 00:58 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-09-14 00:23 - 2017-09-07 00:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-09-14 00:23 - 2017-09-07 00:57 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-09-14 00:23 - 2017-09-07 00:56 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-09-14 00:23 - 2017-09-07 00:55 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-09-14 00:23 - 2017-09-07 00:55 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-09-14 00:23 - 2017-09-07 00:55 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-09-14 00:23 - 2017-09-07 00:54 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-09-14 00:23 - 2017-09-07 00:53 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-09-14 00:23 - 2017-09-07 00:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 001300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-09-14 00:23 - 2017-09-07 00:52 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-09-14 00:23 - 2017-09-07 00:51 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-09-14 00:23 - 2017-09-07 00:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-14 00:23 - 2017-09-07 00:50 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-09-14 00:23 - 2017-09-07 00:50 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-09-14 00:23 - 2017-09-07 00:49 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-14 00:23 - 2017-09-07 00:49 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-14 00:23 - 2017-09-07 00:48 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-14 00:23 - 2017-09-07 00:47 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-14 00:23 - 2017-09-07 00:47 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-09-14 00:23 - 2017-09-07 00:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-09-14 00:23 - 2017-09-07 00:45 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-09-14 00:23 - 2017-09-07 00:44 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-09-14 00:23 - 2017-09-07 00:44 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-09-14 00:23 - 2017-09-07 00:44 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-09-14 00:23 - 2017-09-07 00:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-09-14 00:23 - 2017-09-07 00:42 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-09-14 00:23 - 2017-09-07 00:41 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-09-14 00:23 - 2017-09-07 00:40 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-09-14 00:23 - 2017-09-07 00:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-09-14 00:23 - 2017-09-07 00:39 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-09-14 00:23 - 2017-09-07 00:38 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-09-14 00:23 - 2017-09-07 00:38 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-09-14 00:23 - 2017-09-07 00:37 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-09-14 00:23 - 2017-09-07 00:36 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-09-14 00:23 - 2017-09-07 00:35 - 007470080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-14 00:23 - 2017-09-07 00:35 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-09-14 00:23 - 2017-09-07 00:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 001135616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-14 00:23 - 2017-09-07 00:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-09-14 00:23 - 2017-09-07 00:32 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-09-14 00:23 - 2017-09-07 00:31 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-09-14 00:23 - 2017-09-07 00:30 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-14 00:23 - 2017-09-07 00:28 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-09-14 00:23 - 2017-09-07 00:28 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-14 00:23 - 2017-08-22 00:08 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-14 00:23 - 2017-08-21 23:57 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-14 00:23 - 2017-08-21 23:49 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-09-14 00:23 - 2017-08-08 01:03 - 000102240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2017-09-14 00:23 - 2017-08-08 00:56 - 000054240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-14 00:23 - 2017-08-08 00:53 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-09-14 00:23 - 2017-08-08 00:53 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-09-14 00:23 - 2017-08-08 00:25 - 000255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2017-09-14 00:23 - 2017-08-08 00:16 - 000294952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-14 00:23 - 2017-08-08 00:16 - 000086232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2017-09-14 00:23 - 2017-08-07 23:58 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-09-14 00:23 - 2017-08-07 23:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidtel.exe
2017-09-14 00:23 - 2017-08-07 23:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-09-14 00:23 - 2017-08-07 23:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-09-14 00:23 - 2017-08-07 23:53 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-14 00:23 - 2017-08-07 23:53 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2017-09-14 00:23 - 2017-08-07 23:50 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-09-14 00:23 - 2017-08-07 23:50 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-09-14 00:23 - 2017-08-07 23:50 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-09-14 00:23 - 2017-08-07 23:49 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-09-14 00:23 - 2017-08-07 23:47 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-14 00:23 - 2017-03-04 01:53 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-09-14 00:23 - 2017-03-04 01:24 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-09-14 00:23 - 2017-03-04 01:13 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-09-14 00:23 - 2016-12-20 23:43 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-09-14 00:22 - 2017-09-07 00:54 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-14 00:22 - 2017-09-07 00:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-09-14 00:22 - 2017-09-07 00:36 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-09-14 00:22 - 2017-09-07 00:22 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-14 00:22 - 2017-09-07 00:19 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-09-14 00:22 - 2017-09-07 00:17 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-14 00:22 - 2017-09-07 00:16 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-09-14 00:22 - 2017-09-07 00:15 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-09-14 00:22 - 2017-09-07 00:14 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-09-14 00:22 - 2017-09-07 00:14 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-09-14 00:22 - 2017-09-07 00:13 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-09-14 00:22 - 2017-09-07 00:13 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-09-14 00:22 - 2017-09-07 00:12 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-09-14 00:22 - 2017-09-07 00:01 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-09-14 00:22 - 2017-09-07 00:01 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-09-14 00:22 - 2017-09-06 23:58 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-09-14 00:22 - 2017-09-06 23:56 - 002539008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-09-14 00:22 - 2017-09-06 23:55 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-09-14 00:22 - 2017-09-06 23:54 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-09-14 00:22 - 2016-09-15 11:40 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-09-14 00:22 - 2016-09-15 11:24 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-09-14 00:21 - 2017-09-07 00:54 - 007220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 008168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-09-14 00:21 - 2017-09-07 00:50 - 000244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-14 00:21 - 2017-09-07 00:23 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-09-14 00:21 - 2017-09-07 00:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-09-14 00:21 - 2017-09-07 00:21 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-09-14 00:21 - 2017-09-07 00:17 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-09-14 00:21 - 2017-09-07 00:15 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-09-14 00:21 - 2017-09-07 00:07 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-09-14 00:21 - 2017-09-07 00:07 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-09-14 00:21 - 2017-09-07 00:04 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-14 00:21 - 2017-09-07 00:01 - 002390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-09-14 00:21 - 2017-09-07 00:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-09-14 00:21 - 2017-09-07 00:01 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-09-14 00:21 - 2017-09-07 00:00 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-14 00:21 - 2017-09-06 23:57 - 003134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-09-14 00:21 - 2017-09-06 23:57 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-09-14 00:21 - 2017-09-06 23:56 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-09-14 00:21 - 2017-09-06 23:56 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-09-14 00:21 - 2017-09-06 23:56 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-09-14 00:21 - 2017-09-06 23:55 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-14 00:21 - 2017-09-06 23:55 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-09-14 00:21 - 2017-09-06 23:52 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-09-14 00:21 - 2017-09-06 23:52 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-09-14 00:21 - 2017-08-22 00:02 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-14 00:21 - 2017-08-21 23:53 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-09-14 00:21 - 2017-08-21 23:50 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-09-14 00:21 - 2017-03-04 01:27 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-09-14 00:20 - 2017-09-07 01:32 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-14 00:20 - 2017-09-07 01:03 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-14 00:20 - 2017-09-07 01:03 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-09-14 00:20 - 2017-09-07 01:01 - 002049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-09-14 00:20 - 2017-09-07 00:54 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-09-14 00:20 - 2017-09-07 00:53 - 000097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-09-14 00:20 - 2017-09-07 00:52 - 000858464 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-09-14 00:20 - 2017-09-07 00:52 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-09-14 00:20 - 2017-09-07 00:52 - 000044464 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-14 00:20 - 2017-09-07 00:51 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-14 00:20 - 2017-09-07 00:50 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-14 00:20 - 2017-09-07 00:50 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-14 00:20 - 2017-09-07 00:50 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-09-14 00:20 - 2017-09-07 00:45 - 002532704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-14 00:20 - 2017-09-07 00:45 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-14 00:20 - 2017-09-07 00:21 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-09-14 00:20 - 2017-09-07 00:20 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-09-14 00:20 - 2017-09-07 00:20 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-09-14 00:20 - 2017-09-07 00:20 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-14 00:20 - 2017-09-07 00:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-09-14 00:20 - 2017-09-07 00:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-09-14 00:20 - 2017-09-07 00:18 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-09-14 00:20 - 2017-09-07 00:18 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-09-14 00:20 - 2017-09-07 00:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-09-14 00:20 - 2017-09-07 00:16 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-14 00:20 - 2017-09-07 00:15 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-09-14 00:20 - 2017-09-07 00:15 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-09-14 00:20 - 2017-09-07 00:14 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-09-14 00:20 - 2017-09-07 00:14 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-09-14 00:20 - 2017-09-07 00:13 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-09-14 00:20 - 2017-09-07 00:13 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-09-14 00:20 - 2017-09-07 00:12 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-09-14 00:20 - 2017-09-07 00:12 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-09-14 00:20 - 2017-09-07 00:11 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-14 00:20 - 2017-09-07 00:08 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-09-14 00:20 - 2017-09-07 00:07 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-09-14 00:20 - 2017-09-07 00:07 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-09-14 00:20 - 2017-09-07 00:03 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-09-14 00:20 - 2017-09-07 00:03 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-14 00:20 - 2017-09-06 23:59 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-09-14 00:20 - 2017-09-06 23:58 - 001700352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-14 00:20 - 2017-09-06 23:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-09-14 00:20 - 2017-09-06 23:55 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-14 00:20 - 2017-09-06 23:54 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-14 00:20 - 2017-08-21 23:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-14 00:20 - 2017-08-08 01:06 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-14 00:20 - 2017-08-08 00:59 - 000357984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2017-09-14 00:20 - 2017-08-08 00:59 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-09-14 00:20 - 2017-08-08 00:45 - 000453544 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-09-14 00:20 - 2017-08-08 00:23 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-09-14 00:20 - 2017-08-08 00:15 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-09-14 00:20 - 2017-08-08 00:14 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-14 00:20 - 2017-08-08 00:12 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-14 00:20 - 2017-03-04 01:39 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-09-14 00:20 - 2017-03-04 01:28 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-09-14 00:20 - 2017-03-04 01:08 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-09-14 00:20 - 2016-09-15 11:34 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-09-14 00:19 - 2017-09-07 01:10 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-09-14 00:19 - 2017-09-07 00:57 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-14 00:19 - 2017-09-07 00:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-14 00:19 - 2017-09-07 00:49 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-14 00:19 - 2017-09-07 00:49 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-09-14 00:19 - 2017-09-07 00:43 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-14 00:19 - 2017-09-07 00:41 - 019413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-14 00:19 - 2017-09-07 00:39 - 018363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-14 00:19 - 2017-09-07 00:37 - 012204544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-14 00:19 - 2017-09-07 00:31 - 002028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-14 00:19 - 2017-09-07 00:24 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-14 00:19 - 2017-09-07 00:22 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-14 00:19 - 2017-09-07 00:21 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-09-14 00:19 - 2017-09-07 00:21 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-09-14 00:19 - 2017-09-07 00:21 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-14 00:19 - 2017-09-07 00:18 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2017-09-14 00:19 - 2017-09-07 00:18 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-14 00:19 - 2017-09-07 00:18 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-14 00:19 - 2017-09-07 00:17 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-09-14 00:19 - 2017-09-07 00:17 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2017-09-14 00:19 - 2017-09-07 00:16 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-14 00:19 - 2017-09-07 00:15 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-14 00:19 - 2017-09-07 00:15 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-14 00:19 - 2017-09-07 00:14 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-09-14 00:19 - 2017-09-07 00:14 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-09-14 00:19 - 2017-09-07 00:14 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-09-14 00:19 - 2017-09-07 00:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-09-14 00:19 - 2017-09-07 00:11 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-09-14 00:19 - 2017-09-07 00:10 - 017200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-14 00:19 - 2017-09-07 00:09 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-14 00:19 - 2017-09-07 00:08 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-14 00:19 - 2017-09-07 00:07 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-14 00:19 - 2017-09-07 00:07 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-09-14 00:19 - 2017-09-07 00:05 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-09-14 00:19 - 2017-09-07 00:05 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-09-14 00:19 - 2017-09-07 00:05 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-09-14 00:19 - 2017-09-07 00:04 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-09-14 00:19 - 2017-09-07 00:03 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-09-14 00:19 - 2017-09-07 00:01 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-09-14 00:19 - 2017-09-07 00:00 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-09-14 00:19 - 2017-09-06 23:59 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-14 00:19 - 2017-09-06 23:59 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-09-14 00:19 - 2017-09-06 23:58 - 002097152 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-14 00:19 - 2017-09-06 23:57 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-09-14 00:19 - 2017-09-06 23:56 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-09-14 00:19 - 2017-09-06 23:56 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-09-14 00:19 - 2017-09-06 23:55 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-14 00:19 - 2017-09-06 23:53 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-09-14 00:19 - 2017-09-06 23:52 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-14 00:19 - 2017-09-06 23:52 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-14 00:19 - 2017-08-22 00:46 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-09-14 00:19 - 2017-08-22 00:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-14 00:19 - 2017-08-22 00:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-09-14 00:19 - 2017-08-22 00:04 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-14 00:19 - 2017-08-21 23:43 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-09-14 00:19 - 2017-08-08 00:53 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-09-14 00:19 - 2017-08-08 00:18 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-09-14 00:19 - 2017-08-08 00:17 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-09-14 00:19 - 2017-08-07 23:54 - 001228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-09-14 00:19 - 2017-03-04 02:03 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-09-14 00:19 - 2017-03-04 01:28 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-09-14 00:19 - 2017-03-04 01:27 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-09-14 00:19 - 2017-03-04 01:13 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-09-14 00:19 - 2016-09-15 11:30 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-09-14 00:18 - 2017-09-07 01:20 - 000367208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-09-14 00:18 - 2017-09-07 01:03 - 007780704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-14 00:18 - 2017-09-07 01:02 - 032693432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-09-14 00:18 - 2017-09-07 01:01 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-14 00:18 - 2017-09-07 00:56 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-14 00:18 - 2017-09-07 00:56 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 002761248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 002188128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-14 00:18 - 2017-09-07 00:54 - 001739072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-09-14 00:18 - 2017-09-07 00:54 - 000658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-09-14 00:18 - 2017-09-07 00:54 - 000402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-09-14 00:18 - 2017-09-07 00:53 - 000431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-09-14 00:18 - 2017-09-07 00:52 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-14 00:18 - 2017-09-07 00:50 - 001694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-09-14 00:18 - 2017-09-07 00:50 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-14 00:18 - 2017-09-07 00:49 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-09-14 00:18 - 2017-09-07 00:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-14 00:18 - 2017-09-07 00:34 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-14 00:18 - 2017-09-07 00:31 - 003663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-14 00:18 - 2017-09-07 00:31 - 001509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-14 00:18 - 2017-09-07 00:23 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-14 00:18 - 2017-09-07 00:22 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-14 00:18 - 2017-09-07 00:18 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-14 00:18 - 2017-09-07 00:17 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-14 00:18 - 2017-09-07 00:17 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-09-14 00:18 - 2017-09-07 00:17 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-14 00:18 - 2017-09-07 00:16 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-14 00:18 - 2017-09-07 00:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-14 00:18 - 2017-09-07 00:14 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-09-14 00:18 - 2017-09-07 00:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-14 00:18 - 2017-09-07 00:13 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-09-14 00:18 - 2017-09-07 00:13 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-14 00:18 - 2017-09-07 00:11 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-14 00:18 - 2017-09-07 00:11 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-09-14 00:18 - 2017-09-07 00:11 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-14 00:18 - 2017-09-07 00:10 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-14 00:18 - 2017-09-07 00:09 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-14 00:18 - 2017-09-07 00:08 - 001639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-09-14 00:18 - 2017-09-07 00:08 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-14 00:18 - 2017-09-07 00:08 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2017-09-14 00:18 - 2017-09-07 00:07 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-09-14 00:18 - 2017-09-07 00:04 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-09-14 00:18 - 2017-09-07 00:02 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-14 00:18 - 2017-09-07 00:02 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-09-14 00:18 - 2017-09-07 00:01 - 023675904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-14 00:18 - 2017-09-07 00:01 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 008114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-09-14 00:18 - 2017-09-07 00:00 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-09-14 00:18 - 2017-09-06 23:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-09-14 00:18 - 2017-09-06 23:58 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-09-14 00:18 - 2017-09-06 23:58 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-09-14 00:18 - 2017-09-06 23:57 - 005611520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-09-14 00:18 - 2017-09-06 23:57 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-14 00:18 - 2017-09-06 23:57 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 002286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-14 00:18 - 2017-09-06 23:56 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-09-14 00:18 - 2017-09-06 23:55 - 002820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-09-14 00:18 - 2017-09-06 23:55 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-14 00:18 - 2017-09-06 23:55 - 001512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-14 00:18 - 2017-09-06 23:55 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-09-14 00:18 - 2017-09-06 23:54 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-14 00:18 - 2017-09-06 23:54 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-09-14 00:18 - 2017-09-06 23:52 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-09-14 00:18 - 2017-08-08 01:15 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-09-14 00:18 - 2017-08-08 01:01 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-09-14 00:18 - 2017-08-08 00:55 - 000404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-09-14 00:18 - 2017-08-08 00:52 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-09-14 00:18 - 2017-08-08 00:45 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-09-14 00:18 - 2017-08-08 00:18 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-14 00:18 - 2017-08-08 00:17 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-09-14 00:18 - 2017-08-08 00:16 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2017-09-14 00:18 - 2017-08-08 00:15 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-09-14 00:18 - 2017-08-08 00:15 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-09-14 00:18 - 2017-08-08 00:14 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-14 00:18 - 2017-08-08 00:13 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-09-14 00:18 - 2017-08-08 00:10 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-14 00:18 - 2017-08-08 00:04 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-09-14 00:18 - 2017-08-07 23:55 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-09-14 00:18 - 2017-08-01 00:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-09-14 00:18 - 2016-11-02 05:43 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-14 00:17 - 2017-09-07 01:16 - 000379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-09-14 00:17 - 2017-09-07 01:03 - 001887408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-14 00:17 - 2017-09-07 01:00 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-14 00:17 - 2017-09-07 00:58 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-09-14 00:17 - 2017-09-07 00:57 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-14 00:17 - 2017-09-07 00:54 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-09-14 00:17 - 2017-09-07 00:53 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-09-14 00:17 - 2017-09-07 00:53 - 000684896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-14 00:17 - 2017-09-07 00:53 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-09-14 00:17 - 2017-09-07 00:52 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-14 00:17 - 2017-09-07 00:52 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-09-14 00:17 - 2017-09-07 00:52 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-14 00:17 - 2017-09-07 00:52 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-14 00:17 - 2017-09-07 00:49 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-14 00:17 - 2017-09-07 00:46 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-14 00:17 - 2017-09-07 00:46 - 000628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-14 00:17 - 2017-09-07 00:30 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-14 00:17 - 2017-09-07 00:22 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-14 00:17 - 2017-09-07 00:22 - 000045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-09-14 00:17 - 2017-09-07 00:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-09-14 00:17 - 2017-09-07 00:21 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-09-14 00:17 - 2017-09-07 00:20 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-09-14 00:17 - 2017-09-07 00:19 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-09-14 00:17 - 2017-09-07 00:18 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-09-14 00:17 - 2017-09-07 00:18 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-09-14 00:17 - 2017-09-07 00:17 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-09-14 00:17 - 2017-09-07 00:16 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-09-14 00:17 - 2017-09-07 00:16 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-09-14 00:17 - 2017-09-07 00:16 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-14 00:17 - 2017-09-07 00:15 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-09-14 00:17 - 2017-09-07 00:15 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-09-14 00:17 - 2017-09-07 00:15 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-09-14 00:17 - 2017-09-07 00:14 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-14 00:17 - 2017-09-07 00:14 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-09-14 00:17 - 2017-09-07 00:14 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-14 00:17 - 2017-09-07 00:13 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-09-14 00:17 - 2017-09-07 00:12 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-09-14 00:17 - 2017-09-07 00:12 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-09-14 00:17 - 2017-09-07 00:12 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-09-14 00:17 - 2017-09-07 00:11 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-09-14 00:17 - 2017-09-07 00:08 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-14 00:17 - 2017-09-07 00:05 - 005114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-09-14 00:17 - 2017-09-07 00:04 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-09-14 00:17 - 2017-09-07 00:04 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-09-14 00:17 - 2017-09-07 00:03 - 000942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-09-14 00:17 - 2017-09-07 00:02 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-09-14 00:17 - 2017-09-07 00:00 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-14 00:17 - 2017-09-06 23:59 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-09-14 00:17 - 2017-09-06 23:58 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-09-14 00:17 - 2017-09-06 23:57 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-14 00:17 - 2017-09-06 23:55 - 003616256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-14 00:17 - 2017-09-06 23:54 - 003542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-09-14 00:17 - 2017-09-06 23:54 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-09-14 00:17 - 2017-09-06 23:53 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-09-14 00:17 - 2017-08-21 23:57 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-09-14 00:17 - 2017-08-21 23:52 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-09-14 00:17 - 2017-08-21 23:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-14 00:17 - 2017-08-21 23:41 - 002319872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-14 00:17 - 2017-08-08 01:03 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-09-14 00:17 - 2017-08-08 00:52 - 000386408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-14 00:17 - 2017-08-08 00:52 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-09-14 00:17 - 2017-08-08 00:20 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-09-14 00:17 - 2017-08-07 23:51 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-09-14 00:17 - 2017-03-04 02:09 - 000178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-09-14 00:17 - 2017-03-04 02:07 - 000947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-09-14 00:17 - 2017-03-04 01:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-09-14 00:17 - 2017-03-04 01:29 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-09-14 00:17 - 2017-03-04 01:10 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-09-14 00:16 - 2017-09-07 01:04 - 000894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-09-14 00:16 - 2017-09-07 00:53 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-14 00:16 - 2017-09-07 00:53 - 000296288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-14 00:16 - 2017-09-07 00:53 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-14 00:16 - 2017-09-07 00:45 - 000372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-09-14 00:16 - 2017-09-07 00:22 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-14 00:16 - 2017-09-07 00:22 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2017-09-14 00:16 - 2017-09-07 00:18 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-09-14 00:16 - 2017-09-07 00:17 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-09-14 00:16 - 2017-09-07 00:17 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-14 00:16 - 2017-09-07 00:16 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-14 00:16 - 2017-09-07 00:16 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-09-14 00:16 - 2017-09-07 00:15 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-09-14 00:16 - 2017-09-07 00:15 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-09-14 00:16 - 2017-09-07 00:14 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-14 00:16 - 2017-09-07 00:14 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-14 00:16 - 2017-09-07 00:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-14 00:16 - 2017-09-07 00:13 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-14 00:16 - 2017-09-07 00:12 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-14 00:16 - 2017-09-07 00:04 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-09-14 00:16 - 2017-09-07 00:01 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-14 00:16 - 2017-09-06 23:59 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-14 00:16 - 2017-09-06 23:55 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-14 00:16 - 2017-08-22 00:43 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-09-14 00:16 - 2017-08-22 00:09 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-14 00:16 - 2017-08-08 01:09 - 000065648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-14 00:16 - 2017-08-08 00:52 - 000649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-14 00:16 - 2017-08-08 00:52 - 000101776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2017-09-14 00:16 - 2017-08-08 00:20 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-09-14 00:16 - 2017-08-08 00:20 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-14 00:16 - 2017-08-08 00:20 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2017-09-14 00:16 - 2017-08-08 00:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-09-14 00:16 - 2017-08-08 00:16 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-09-14 00:16 - 2017-08-08 00:13 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2017-09-14 00:16 - 2017-08-07 23:58 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-09-13 20:01 - 2017-09-14 13:55 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-09-13 20:00 - 2017-09-13 20:58 - 000000000 ____D C:\Users\Abin\AppData\Local\Bluestacks
2017-09-11 00:29 - 2017-09-11 00:30 - 004705092 _____ (Marcus Kleinehagenbrock) C:\Users\Abin\Downloads\cspy34.exe
2017-09-09 21:38 - 2017-09-20 22:25 - 000000458 _____ C:\Users\Abin\Desktop\talk diaphragm.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-02 20:08 - 2016-05-21 00:52 - 000002432 _____ C:\WINDOWS\ZAM.krnl.trace
2017-10-02 20:08 - 2016-05-21 00:49 - 000151368 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-10-02 20:04 - 2016-05-20 23:43 - 000000000 ____D C:\Users\Abin\AppData\Local\Zemana
2017-10-02 19:45 - 2017-03-24 22:39 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-02 19:45 - 2012-07-11 00:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-02 19:13 - 2016-08-07 02:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-02 00:45 - 2015-05-11 00:34 - 000000000 ____D C:\Users\Abin\AppData\Roaming\vlc
2017-10-01 21:20 - 2016-08-07 03:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-01 21:20 - 2013-07-06 02:37 - 000003793 ___SH C:\WINDOWS\SysWOW64\mmf.sys
2017-10-01 21:19 - 2012-09-04 18:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-01 20:57 - 2016-07-16 06:45 - 000000000 ____D C:\WINDOWS\INF
2017-09-30 21:51 - 2017-04-03 00:50 - 000000000 ____D C:\Users\Abin\AppData\LocalLow\Mozilla
2017-09-30 21:43 - 2017-03-31 19:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-30 00:52 - 2016-09-03 22:11 - 000000000 ____D C:\Users\Abin\AppData\Roaming\tixati
2017-09-30 00:36 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-30 00:28 - 2016-07-16 01:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-09-29 22:23 - 2015-07-29 16:38 - 000000000 ____D C:\Users\Abin\AppData\Local\Packages
2017-09-27 02:59 - 2016-05-28 02:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-24 19:51 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-22 23:14 - 2017-07-28 01:49 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1663178125-4035939000-1347949975-1000
2017-09-22 23:14 - 2015-07-29 16:53 - 000000000 ___RD C:\Users\Abin\OneDrive
2017-09-21 17:25 - 2014-09-17 17:12 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 17:25 - 2014-09-17 17:12 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-20 00:59 - 2014-10-03 16:30 - 000000000 ____D C:\AdwCleaner
2017-09-19 19:58 - 2016-05-22 00:29 - 000000000 ____D C:\Program Files\HitmanPro
2017-09-14 14:48 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\rescache
2017-09-14 14:05 - 2016-08-07 02:33 - 001554282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-14 14:01 - 2015-07-29 16:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-09-14 06:20 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-14 06:19 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-14 01:28 - 2016-07-16 06:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-13 22:09 - 2016-07-16 06:42 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-09-13 22:06 - 2016-07-16 06:43 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-09-13 22:04 - 2016-07-16 06:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-09-13 03:53 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 03:53 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 20:02 - 2016-10-14 21:41 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2017-09-12 20:02 - 2013-07-11 02:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 19:48 - 2012-07-12 17:52 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-08 23:38 - 2016-02-29 02:35 - 000000000 ____D C:\Users\Abin\Downloads\sydney
2017-09-08 22:50 - 2009-07-13 21:34 - 000000438 _____ C:\WINDOWS\win.ini
2017-09-06 06:30 - 2016-08-07 02:34 - 000000000 ____D C:\Users\Abin
2017-09-05 14:01 - 2016-07-16 06:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-05 14:01 - 2016-07-16 06:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-03 23:55 - 2016-05-12 23:06 - 000000000 ____D C:\Users\Abin\Desktop\Coloring Book
2017-09-03 23:48 - 2016-08-18 14:03 - 000000000 ____D C:\Users\Abin\Desktop\I Told You
2017-09-03 23:36 - 2016-04-23 22:06 - 000000000 ____D C:\Users\Abin\Desktop\Beyonce-LEMONADE-2016
 
==================== Files in the root of some directories =======
 
2015-08-08 19:39 - 2014-11-08 13:45 - 000000226 _____ () C:\Program Files (x86)\update-FM2015.bat
2015-08-08 19:39 - 2013-11-06 06:28 - 000000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2012-09-05 23:46 - 2012-09-05 23:46 - 000003584 _____ () C:\Users\Abin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-17 17:35 - 2017-03-25 21:35 - 000007603 _____ () C:\Users\Abin\AppData\Local\Resmon.ResmonCfg
2014-09-04 01:18 - 2014-09-05 19:46 - 000023826 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
2017-09-13 20:58 - 2017-09-05 03:57 - 000961592 _____ (BlueStack Systems, Inc.) C:\Users\Abin\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-09-13 20:58 - 2017-09-05 03:56 - 000421400 _____ (CodeTitans) C:\Users\Abin\AppData\Local\Temp\JSON.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-10-02 04:38
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2017 01
Ran by Abin (02-10-2017 20:13:27)
Running from C:\Users\Abin\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-07 08:46:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Abin (S-1-5-21-1663178125-4035939000-1347949975-1000 - Administrator - Enabled) => C:\Users\Abin
Administrator (S-1-5-21-1663178125-4035939000-1347949975-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1663178125-4035939000-1347949975-503 - Limited - Disabled)
Guest (S-1-5-21-1663178125-4035939000-1347949975-501 - Limited - Disabled) => C:\Users\Guest
Owner (S-1-5-21-1663178125-4035939000-1347949975-1003 - Limited - Enabled) => C:\Users\Owner
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4500_Help (HKLM-x32\...\{572F2A62-70CD-4429-8758-6D4D6DC696E1}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
bpd_scan (HKLM-x32\...\{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (HKLM-x32\...\{0A5825FD-0FB7-4e45-9037-858D463F2943}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (HKLM-x32\...\{2951A232-69BA-4925-BB9A-CEEB72B18B4F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fast Break College Basketball 2010 (HKLM-x32\...\Fast Break College Basketball 2010_is1) (Version:  - )
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{348A1F5B-07B3-4436-9A47-FFE44EFE856E}) (Version: 11.51.0004 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
J4500 (HKLM-x32\...\{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTREGOPT 1.1j (HKLM-x32\...\NTREGOPT_is1) (Version:  - Lars Hederer)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
ProductContext (HKLM-x32\...\{6697D99E-E550-4498-B793-4A8DD8A1821F}) (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4222 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Smart-X7 7.80 (HKLM\...\WheelMouse) (Version:  - )
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Tixati (HKLM-x32\...\tixati) (Version:  - )
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.0 - Sysprogs)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll -> No File
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [Glary Utilities 3] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} =>  -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll -> No File
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-06-03] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {042937CB-5476-4C2A-8480-C5E036578E2B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A504F1B-12C3-48EC-9877-5D19F3843E00} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {135A4F94-8DF9-484A-BFE3-32D1D1BA1FD6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {173A5FF8-79E5-4C13-9DD4-1032A684ED1B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1F951709-70BB-447A-9A8A-DBCB05AB6BD6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {35A742C1-2971-4943-A2E3-29AD462FFAAC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3ACF76E4-F5DF-431C-BEA2-BE70CF85AE6D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4527151D-D854-44A3-9A42-23B6220E94F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4EF9C94A-BEB8-4886-8EFB-6F8DC72DE967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {53ABC437-1B0B-41C8-BFA8-0949927B2CAE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5530EFFD-764C-40BD-81B3-5C3AC1537CF1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5A56561D-C8FF-4AE6-B253-26131E684278} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {5C443EC6-947D-47E4-9023-8E7DA2978214} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {64A9481C-09D1-4E79-A25A-44F1C2C65CB6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {76028AB5-AC97-4F06-8327-7D5A47A19935} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7AB504BC-20C0-4B04-9062-58A81B04DE52} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {8019363D-BCAD-4773-B90D-F17D42075CBA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A3580BB-AADC-4EE2-9E7E-992260A2944C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8D77A25D-FD6A-481A-B0D6-9678902CB9A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98E27F6A-9B98-410A-9F9E-4200C5ED3EC6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-12] (Microsoft Corporation)
Task: {98F1F50F-9AEC-440C-8196-1ADCD6C86C25} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {9D2762FE-AFFC-4619-82AE-04B392499F8C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A16A0604-ED35-4D03-A9C8-ADE811234D59} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A5E0DE92-94F4-40D3-8999-DE7501A8E97F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BE7DC83D-A218-4B04-A8F8-22E532E97A7A} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: {C0F395F2-9715-4314-A840-2E6C417F6A32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0038086-7685-4209-A037-810F3EF0F5F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E7057AF8-4534-412F-BEBE-D8A8A7787CE5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E88B8595-3F79-4758-8679-90FEE4AFBA7F} - System32\Tasks\{14082079-744B-40B5-BBE2-E95DCA3A5437} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {EE44F1BC-3A65-4249-BBAC-F4DEB17CDF61} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F2511BEE-366D-49C8-BB06-D1D74AAAE162} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAD2BC7B-3110-4260-89A5-59BDDFA81666} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FE5084FB-86B3-4410-B015-536B68645CDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 06:42 - 2016-07-16 06:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-09-14 00:18 - 2017-09-07 01:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-21 13:47 - 2016-09-06 23:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 02:32 - 2017-03-04 01:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 02:33 - 2017-03-04 01:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 02:33 - 2017-03-04 01:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 02:33 - 2017-03-04 01:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-09-14 00:19 - 2017-09-06 23:53 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-09-14 00:19 - 2017-09-06 23:59 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 001328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-06 02:37 - 2013-07-06 02:37 - 000002560 _____ () C:\Windows\runservice.exe
2013-07-23 18:53 - 1999-12-31 19:00 - 000196608 _____ () C:\Program Files\Mouse\Amoumain.exe
2017-09-21 17:25 - 2017-09-21 02:29 - 002692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libglesv2.dll
2017-09-21 17:25 - 2017-09-21 02:29 - 000138584 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\swiftshader\libegl.dll
2016-07-16 09:32 - 2016-07-16 09:32 - 000071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-07-16 09:32 - 2016-07-16 09:32 - 000157184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-07-16 09:32 - 2016-07-16 09:32 - 029443072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.4.86.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-09-12 21:07 - 2017-09-01 12:06 - 031189504 _____ () C:\Users\Abin\AppData\Local\Google\Chrome\User Data\PepperFlash\27.0.0.130\pepflashplayer.dll
2013-07-06 02:37 - 2013-07-06 02:37 - 000048640 _____ () C:\Windows\mmfs.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\123simsen.com -> www.123simsen.com
 
There are 7865 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2017-09-18 23:16 - 000450998 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123moviedownload.com
 
There are 15468 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: RoxioNow Service => 2
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: ZAMSvc => 2
MSCONFIG\startupreg: 8841BA9B7D8C488D59C00E597852C5577DFF8882._service_run => "C:\Users\Abin\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: F.lux => "C:\Users\Abin\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Abin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\StartupFolder: => "ERUNT AutoBackup.lnk"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "WinPatrol"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Abin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-1663178125-4035939000-1347949975-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Abin\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{203A23B4-962C-4A55-8849-3D1E07B8998B}] => (Allow) C:\users\abin\desktop\hitmanpro_x64.exe
FirewallRules: [{0D761036-71A1-46E9-8542-195A5B1EF6F5}] => (Allow) C:\users\abin\desktop\hitmanpro_x64.exe
FirewallRules: [{B4BAAE39-2451-4AC5-A511-79212CA14507}] => (Allow) C:\users\abin\appdata\local\temp\{b5187abf-3e67-4e6f-9053-a1f9ca8766b1}\{024056c1-eeb3-40b9-ad92-451715028c33}.exe
FirewallRules: [{06CE654C-DCE4-4F22-917E-D514C8AEA0F6}] => (Allow) C:\program files\mpc-hc\mpc-hc64.exe
FirewallRules: [{EC527048-A889-41DD-BF88-400AA14B924F}] => (Allow) C:\users\abin\appdata\local\temp\{cb05680a-ce82-4f9e-a2e9-07afb7c24b9b}\{cd5d43b4-7088-4e9c-9f4c-fb3803980449}.exe
FirewallRules: [{E90059E9-8758-46B9-A5C9-8F1FD2B46F1F}] => (Allow) C:\program files\clonespy\clonespy64.exe
FirewallRules: [{8DD1691F-89E0-4999-8F4F-53A64F251ADC}] => (Allow) C:\windows\system32\taskhostw.exe
FirewallRules: [{7C53B4A4-C58A-4DFD-8980-4121A22AFB9C}] => (Allow) C:\users\abin\desktop\autodetectutility.exe
FirewallRules: [{70832784-8CC7-44C4-9596-139616207B85}] => (Allow) C:\users\abin\desktop\ccsetup518.exe
FirewallRules: [{199C8592-1D5F-474D-9BD8-03BBE81159EE}] => (Allow) C:\program files\cyberghost 5\data\openvpn\openvpn.exe
FirewallRules: [{25B5574B-622A-4D61-A599-42CCD25D8E6A}] => (Allow) C:\program files\cyberghost 5\wyupdate.exe
FirewallRules: [{2C59F283-6EE3-4501-BAFC-0F334DBBAEEA}] => (Allow) C:\program files\cyberghost 5\service.exe
FirewallRules: [{1905E932-D8AA-47D8-9699-AC66ED5C2AF3}] => (Allow) C:\program files\cyberghost 5\cyberghost.exe
FirewallRules: [{5F92F218-8684-45B5-9390-18A36DA54D71}] => (Allow) C:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
FirewallRules: [{E8D9D65F-DE56-4EAA-A49B-B8A47C88D379}] => (Allow) C:\windows\system32\sihclient.exe
FirewallRules: [{FAF7F855-BD78-4675-98D6-8F7372BBA4D4}] => (Allow) C:\users\abin\appdata\local\temp\namebench.exe
FirewallRules: [{D788E9D5-C088-4153-A5E4-AB023EDA2E02}] => (Allow) C:\program files\windows defender\msascui.exe
FirewallRules: [{A0968FE6-D5CA-49FD-A6AF-0601DA81B020}] => (Allow) C:\users\abin\desktop\chrome_cleanup_tool.exe
FirewallRules: [{84801658-0364-48AD-BF51-368CA1D1550D}] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\regasm.exe
FirewallRules: [{50747298-E428-400F-99D6-27D3C22759A5}] => (Allow) C:\windows\system32\werfault.exe
FirewallRules: [{AF8E54AF-CA76-49F4-87EC-486304284807}] => (Allow) C:\program files (x86)\secunia\psi\psi.exe
FirewallRules: [{1CB1AE29-AB9C-4BC7-9B27-25E29CFF3812}] => (Allow) C:\program files (x86)\secunia\psi\psia.exe
FirewallRules: [{57F71707-9445-4420-8E4C-65AAD669804A}] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{76A0D40A-B751-454A-8169-B359FD6F0639}] => (Allow) C:\EEK\bin\a2emergencykit.exe
FirewallRules: [{DDB74F09-75DB-4528-B1FE-EA5348D22623}] => (Allow) C:\eek\bin64\a2emergencykit.exe
FirewallRules: [{4E40D3C0-5A56-4F1E-960D-99C3D79CC1C9}] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [{018A8B34-5585-4472-B3A8-2AF0F87184B9}] => (Allow) C:\programdata\package cache\{28d41884-9b36-4f54-bed2-92863f08e65d}\avira.oe.setup.bundle.exe
FirewallRules: [{1AD0A0DF-7839-40D0-95EA-89EBE7EF6E13}] => (Allow) C:\program files (x86)\avira\antivirus\setup.exe
FirewallRules: [{2E13997E-63BD-439D-A9C9-026914D4A50B}] => (Allow) C:\program files (x86)\kc softwares\sumo\sumo.exe
FirewallRules: [{9341CD71-300A-4EAC-87C6-D1DC5ECB4A84}] => (Block) C:\program files (x86)\avira\antivirus\ipmgui.exe
FirewallRules: [{6FE155AF-AB15-483E-9678-F13D477924D2}] => (Allow) C:\program files (x86)\avira\antivirus\sched.exe
FirewallRules: [{34630173-27DD-48F6-9912-693FC8E2B5AE}] => (Allow) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
FirewallRules: [{F7E25D1F-E783-480F-B44E-C52A439607A6}] => (Allow) C:\program files (x86)\google\update\googleupdate.exe
FirewallRules: [{3F466519-4D2B-4F08-BC50-DAAA854C1317}] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{31B20AEE-4BE6-41D5-855D-6FEE7E8303A1}] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{0C7A8D2C-D467-4CD4-8F11-45F94D3C462D}] => (Allow) C:\program files (x86)\malwarebytes anti exploit\mbae-svc.exe
FirewallRules: [{6BB2057D-1DAE-47FB-B1BF-7223E6A3D644}] => (Allow) C:\program files (x86)\avira\antivirus\avconfig.exe
FirewallRules: [{8DC27785-DE14-4A65-9311-917265D32507}] => (Allow) C:\program files (x86)\avira\antivirus\avcenter.exe
FirewallRules: [{93A53E4C-E5AB-4D18-AC18-4716CB478353}] => (Allow) C:\program files (x86)\avira\launcher\avira.servicehost.exe
FirewallRules: [{B8DA0BA7-455A-4929-98D1-4A09430ECFB2}] => (Allow) C:\program files (x86)\avira\antivirus\update.exe
FirewallRules: [{DDF455F9-1E98-421F-88AB-08131FB556B6}] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{9481002E-1651-4A32-AE03-3637D02B4AC0}] => (Allow) C:\program files (x86)\malwarebytes anti-malware\mbam.exe
FirewallRules: [{BB529300-0E22-42FA-8286-86E50AA4D4E8}] => (Allow) C:\program files (x86)\avira\launcher\avira.systray.exe
FirewallRules: [{667FD222-E6F6-473B-ADE6-14B1805168BD}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{021E74DE-EDC2-4766-B4FD-2DCE67A4B3CA}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{7650AA4E-5472-44A6-A220-2EA0C26BB401}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{DE3C1E55-544E-437E-AE7F-FD92E3E4767C}] => (Block) C:\WINDOWS\system32\svchost.exe
FirewallRules: [{869AC4E4-5DA0-4A57-BAFF-FED4A5C7C67D}] => (Allow) C:\WINDOWS\system32\wwahost.exe
FirewallRules: [{99FA509F-BBFF-49E7-8A64-99E970C47037}] => (Allow) C:\Program Files\Windows Firewall Control\wfc.exe
FirewallRules: [{C98327DD-FE3F-461A-82B2-B77B5C590EDB}] => (Allow) C:\WINDOWS\explorer.exe
FirewallRules: [{AF314CE0-3BD3-40F9-907A-CFE33B912F85}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E010EB5F-A8BC-468F-B517-4774840648CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC60EBC6-876F-45B5-B826-289769D54328}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7938\HPDiagnosticCoreUI.exe
FirewallRules: [{C406DBEA-3A05-4D61-85F6-73015B477617}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7938\HPDiagnosticCoreUI.exe
FirewallRules: [{57CD4019-4872-4993-AE85-C87CD76981B3}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7374\HPDiagnosticCoreUI.exe
FirewallRules: [{1F769068-F2CA-4817-ADA0-E0803FA5C2D5}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS7374\HPDiagnosticCoreUI.exe
FirewallRules: [{BECD627D-4D82-4D4B-B76F-258B4B1C1E61}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS6991\HPDiagnosticCoreUI.exe
FirewallRules: [{994B4A9E-0FFD-425E-9F04-08669F898CEB}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS6991\HPDiagnosticCoreUI.exe
FirewallRules: [{EBCFE991-417B-429D-9BAE-0D83792D0BBF}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS62B2\hppiw.exe
FirewallRules: [{7E11DC61-7C7D-4BA0-8286-3A7E6BFB06DE}] => (Allow) C:\Users\Abin\AppData\Local\Temp\7zS62B2\hppiw.exe
FirewallRules: [{01023072-AD06-40A4-8AB0-38C004A9A331}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{DCE1A5DC-3846-475D-9A5C-4F4F8A973B85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{F10FFC57-3BE2-410F-98DB-7F3806C7C398}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{33C64222-2C9C-46BA-A323-DFDFCDE903BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{21D201AE-2471-42F9-9457-CF4386D05B2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{8A1FEB8C-4702-40FB-A0C2-2633A0FC3A2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{56F8D9D1-D7DB-4871-B366-437810B4C12B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{C426EF47-98AF-47AF-B816-CD81B1B50386}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DE1B0CA6-B37C-4882-810C-6F1A2F8CF88A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FBE96CCA-C6F8-44BF-BDC1-1B14C8A64034}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5E72031E-C9E6-432D-AD5C-DFD449CCCA2F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E818394A-5F4C-4267-83F5-BD1D8EC51369}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{1E1F1F74-626B-413A-A50F-944242910BFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{887B3BC8-40F7-449E-8687-306BEC8A42FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{267FFC44-0293-4E51-8710-849D750D5F6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{44D8533C-E3B7-4798-A6D5-27384431F930}] => (Allow) C:\windows\temp\{93400781-7319-4a6e-9eec-7c23be13121b}\installflashplayer.exe
FirewallRules: [{B30E96B8-1C06-48BB-8E30-DCA59227B0BC}] => (Allow) C:\windows\temp\{200b0f2e-7306-41df-8cb6-60d07fee3a13}\installflashplayer.exe
FirewallRules: [{74ED75A6-5DC9-4F96-9CBA-AB2829563A91}] => (Allow) C:\program files (x86)\microsoft application virtualization client\sftlist.exe
FirewallRules: [{615E205A-18A6-40D9-A7F4-C4DE06ECE74B}] => (Allow) C:\windows\temp\{66040e8f-55fe-4808-ad52-7d0a4d371679}\installflashplayer.exe
FirewallRules: [{8673448A-48A8-41E9-B39E-479B34319D16}] => (Allow) C:\windows\system32\msdt.exe
FirewallRules: [{AAE27E30-452A-4E94-AE9E-7501E40FA264}] => (Allow) C:\windows\system32\mrt.exe
FirewallRules: [{935361E2-53C6-41AE-8C46-F8C9F5842887}] => (Allow) C:\windows\system32\wat\watadminsvc.exe
FirewallRules: [{2F8881A1-9417-4B88-A358-26D8556BD756}] => (Allow) C:\windows\temp\{874087f5-f082-49d3-9636-d455510a4bbb}\installflashplayer.exe
FirewallRules: [{931E0E81-A1F9-4A7B-9992-4EC52154A406}] => (Allow) C:\windows\temp\{1978861d-fb58-4178-a2f7-52c39c6833ee}\installflashplayer.exe
FirewallRules: [{5372395C-B4BA-4EE3-8200-6A7136871069}] => (Allow) C:\program files (x86)\adobe\adobe digital editions 2.0\digitaleditions.exe
FirewallRules: [{4BD4D89E-1C65-44EF-92F4-D2D24343D6E3}] => (Allow) C:\windows\system32\msiexec.exe
FirewallRules: [{C8484A06-06A1-47BB-8B25-1AD8024FFFF2}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{26CDD7C8-29EA-4D43-92D9-AF5FDEAC4E01}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{442868FE-7F17-4A87-96CB-46C9B1031A32}] => (Allow) G:\kasperskytdsskillerportable\app\tdsskiller\tdsskiller.exe
FirewallRules: [{9D4C38BB-506B-4A8F-A1F9-AA01ADE6B5AA}] => (Allow) G:\spybotportable\app\spybot\sdupdate.exe
FirewallRules: [{6709EFE5-7EB0-4DEC-B0DF-319AE673F7C8}] => (Allow) C:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
FirewallRules: [{F5C8AE8D-B753-405A-9708-1A2916E2D032}] => (Allow) C:\program files (x86)\common files\java\java update\jucheck.exe
FirewallRules: [{C8394D7C-23B0-40FA-9BBC-4489377398FA}] => (Allow) C:\program files\windows defender\mpcmdrun.exe
FirewallRules: [{F0D35B4B-8417-45E8-AB59-652660F79874}] => (Allow) C:\program files\windows media player\wmplayer.exe
FirewallRules: [{8B55A8BD-DBCE-4F25-B253-596A5CEDCBD6}] => (Allow) C:\users\abin\appdata\local\fluxsoftware\flux\flux.exe
FirewallRules: [{0A2227DC-9DB8-4065-9811-A75C1AF8D944}] => (Allow) C:\windows\temp\{7191f3fd-aa8e-4d0a-a643-a93fd322ca4f}\installflashplayer.exe
FirewallRules: [{A366D7B9-4DC4-4D11-A019-C76AC5762FDE}] => (Allow) C:\windows\temp\{f576f7e5-32c3-4a94-b16a-4c61a73ebc51}\installflashplayer.exe
FirewallRules: [{8569F9DA-A8E3-4B1F-8E4B-FD5B1118FC7F}] => (Allow) C:\windows\temp\{517812cf-138d-4693-8059-ba9f638ab45c}\installflashplayer.exe
FirewallRules: [{EB2346B8-3C63-4BD4-9CB7-9FFAE069CBB5}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{15100B92-C6EB-4F98-9CE9-75566AAF0B3B}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{75F43569-D047-474A-9771-758FE776515C}] => (Allow) G:\kasperskytdsskillerportable\app\tdsskiller\tdsskiller.exe
FirewallRules: [{3BA473C2-7261-47E5-B28D-DB6B73EBB8C5}] => (Allow) G:\spybotportable\app\spybot\sdupdate.exe
FirewallRules: [{0CBC8614-9D24-4C47-B858-03484407BF64}] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{8D8A4ABB-7126-42AF-B151-A16F736B0EA9}] => (Allow) C:\windows\temp\{03233cb2-7d11-4f32-8795-e347c123a2c1}\installflashplayer.exe
FirewallRules: [{738FC138-A870-46EF-9A01-ECD0AA879C4A}] => (Allow) C:\windows\temp\{7df26176-a4de-4d39-bed7-d0ac7de25d9c}\installflashplayer.exe
FirewallRules: [{C4A25A47-AA0D-4D88-B24B-2171D297C234}] => (Allow) C:\windows\temp\{7042179e-732a-44d4-bfb2-d2333bc6fe8b}\installflashplayer.exe
FirewallRules: [{3FE170EE-E4C4-422E-95C3-6F744737F909}] => (Allow) C:\program files\hewlett-packard\hp client services\hpclientservices.exe
FirewallRules: [{1A0BE179-62C3-4127-AC32-1E6C4BCDA255}] => (Allow) C:\programdata\avira\antivir desktop\temp\selfupdate\update.exe
FirewallRules: [{9E91B948-CEB1-4D0B-B4E9-5553294EDFDE}] => (Allow) C:\program files (x86)\common files\microsoft shared\source engine\ose.exe
FirewallRules: [{07B60173-A11E-495D-AFF9-F2F68AD1C5A2}] => (Allow) C:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
FirewallRules: [{D9C1B018-4C46-45A8-BFAF-D29C21A71146}] => (Allow) C:\program files (x86)\ati technologies\ati.ace\core-static\ccc.exe
FirewallRules: [{FA1237FB-3641-4DA5-B5C1-31AD60E3E8F5}] => (Allow) C:\program files\hewlett-packard\hp client services\hpclientservices.exe
FirewallRules: [{AF00B6CF-8CF1-4F3B-8C19-17A9DFB8EB01}] => (Allow) C:\windows\syswow64\werfault.exe
FirewallRules: [{C74D38A7-D5DF-4BDC-AF16-D6E1F484FF14}] => (Allow) C:\program files (x86)\common files\microsoft shared\source engine\ose.exe
FirewallRules: [{05B38DBA-A939-4B16-96E6-F47A037AC5F6}] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [{90FEFE92-1197-4698-9046-C28F4CE634CF}] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [{097E00F5-48F6-4073-8063-C1F067815DB7}] => (Allow) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{4A82213F-C0EF-4AB3-A9AE-180FC1BB0794}] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
FirewallRules: [{A7CE4014-8B39-41C5-852C-F1D4ED13277E}] => (Allow) C:\program files\ccleaner\ccleaner64.exe
FirewallRules: [{040DC528-5F32-4589-BD40-0EF9A50290F5}] => (Allow) C:\program files (x86)\windows media player\wmplayer.exe
FirewallRules: [{DDA31466-EC2C-4F25-A395-BFF6F3C2C85A}] => (Allow) C:\program files (x86)\apple software update\softwareupdate.exe
FirewallRules: [{CDE2B697-6F7A-4CE4-8D33-86BA95CE21B0}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{B3442A4B-25C6-433B-BC55-003FACB14831}] => (Allow) G:\clamwinportable\app\clamwin\bin\freshclam.exe
FirewallRules: [{E2700E41-8F9C-429B-BB0C-BA68910447CB}] => (Allow) G:\kasperskytdsskillerportable\app\tdsskiller\tdsskiller.exe
FirewallRules: [{E76269EA-0B5D-4659-81B5-28172E6A1324}] => (Allow) G:\spybotportable\app\spybot\sdupdate.exe
FirewallRules: [{A223E609-1C98-40F3-90AA-E7E06AACEFC3}] => (Allow) C:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
FirewallRules: [{F1BC4450-7CD5-4300-9104-A993C66F00C7}] => (Allow) C:\program files (x86)\adobe\reader 10.0\reader\acrord32.exe
FirewallRules: [{DEC27EEA-9AF6-428E-90B8-35D98C96754D}] => (Allow) C:\program files (x86)\driverupdate\driverupdate.exe
FirewallRules: [{7DB18DA1-7B70-4105-BF4B-473F6EAB0217}] => (Allow) C:\windows\explorer.exe
FirewallRules: [{C7537AE4-DD3C-4897-821F-D295C1CC6EA4}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{46A7149D-A8C9-4FAE-B027-B3010C9F23C5}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{6F73B122-5072-4FD1-BFAF-F4287E7B219A}] => (Allow) C:\windows\system32\devicedisplayobjectprovider.exe
FirewallRules: [{0D93F3B5-761C-4503-B4A1-D65958089168}] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [{218A4A59-5C06-4E11-BD6D-3B96D29D6D8C}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{50E142B7-CF63-426F-8FC0-BF8124206F62}] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{05AE4DFE-552F-46E0-9C57-45CB50226337}] => (Allow) C:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe
FirewallRules: [{F84BB2BA-E8E1-4EB1-8FC5-05E977DAD3F7}] => (Allow) C:\windows\system32\wermgr.exe
FirewallRules: [{3CD5BBB2-9E70-4DC7-8E73-694DB61D7DAA}] => (Allow) C:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe
FirewallRules: [{C78C7BEC-AF07-4F26-B59C-DC16DDC98E7B}] => (Allow) C:\program files (x86)\common files\java\java update\jusched.exe
FirewallRules: [{4A80B9F3-056D-40CF-8223-3EABC890E3E1}] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{99844D38-3122-4074-92E5-DD64AD47D34D}] => (Allow) C:\program files (x86)\vs revo group\revo uninstaller\revouninstaller.exe
FirewallRules: [{3CA888A6-E0A0-4181-A35E-9906C61E01F0}] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{76E80EFE-11D9-45C3-8949-E9F0898EDD66}] => (Allow) C:\windows\system32\msfeedssync.exe
FirewallRules: [{57BFB7EF-EC39-41A2-8E58-CC57F8912A08}] => (Allow) C:\program files (x86)\avira\antivir desktop\ipmgui.exe
FirewallRules: [{2B098466-22FD-42C4-9498-92E91FA3F5D7}] => (Allow) C:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
FirewallRules: [{DA76F091-C114-4A00-A74F-06261C0FEE8E}] => (Allow) C:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
FirewallRules: [{F39EE366-6A84-4F2A-9ED3-CB3867898052}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{505BC64C-24F2-4713-B185-5F11E352CF31}] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{90F374E9-3797-448E-AACD-75612DA0CAB4}] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{7E17F482-7AF0-4F8C-9C82-18E73318C633}] => (Allow) C:\program files (x86)\avira\antivir desktop\avnotify.exe
FirewallRules: [{868DD741-D72C-4790-A55A-4A3D39B0BEA4}] => (Allow) C:\program files (x86)\avira\antivir desktop\update.exe
FirewallRules: [{C50B49EF-13C4-4C8A-9F2C-DD1169847B20}] => (Allow) C:\users\abin\appdata\local\google\update\googleupdate.exe
FirewallRules: [{548ECDEC-1CD0-468F-AD81-55992D0A2EEC}] => (Allow) C:\program files\bonjour\mdnsresponder.exe
FirewallRules: [{DB7F0021-E6DA-4DDA-ACCE-6DF6B8E29A8F}] => (Allow) C:\program files\bonjour\mdnsresponder.exe
FirewallRules: [{9F0B2E5E-36D7-498B-9F3B-CD9C0F652B25}] => (Allow) C:\program files\windows defender\mpcmdrun.exe
FirewallRules: [{2F65421E-C637-4D34-8919-0580A6A69932}] => (Allow) C:\Users\Abin\AppData\Local\Temp\{65728795-4D29-8320-B5D9-4914615E76E8}\Addons\incredibar_install.exe
FirewallRules: [{B845509F-C9B2-42CE-B7F0-87796E4A9144}] => (Allow) C:\Users\Abin\AppData\Local\Temp\{65728795-4D29-8320-B5D9-4914615E76E8}\Addons\incredibar_install.exe
FirewallRules: [UDP Query User{4DA27C0B-32C8-4433-8F35-402D9F842D7D}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [TCP Query User{7ED9AC77-DC3C-47F7-89B9-0456FB0657D1}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe
FirewallRules: [{38B9F4CC-0D58-4823-B802-485F51225AAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D65364C4-3B66-4A22-8ADA-E6FA7969F6E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{489C4B55-B806-4232-8CB9-7FF66E60B6C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FF486062-D819-489B-B0C4-EAD719E88E17}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B655DDE7-0CEC-4DCA-9901-EBEEC34274F1}] => (Allow) LPort=1900
FirewallRules: [{A81B75E9-6DF9-46B8-9DEA-206BCCC67D34}] => (Allow) LPort=2869
FirewallRules: [{6C1638F0-62DD-477C-BC8C-F29204C0E871}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{32E63DD0-3458-4B66-A552-C90B68778CD5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{AF4EB825-7683-4646-A80A-CB1A20E25A8F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{82BCE034-DA59-41D0-A46E-E4D1C6C20222}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{A04ECFA2-794A-4463-91E8-FB46A5A2F967}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{24E681A3-7D09-4D91-B642-237A914FE3A8}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [TCP Query User{F984E0CF-28F2-4AF2-9F03-7D08F91C4658}C:\users\abin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abin\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{033EE97E-704F-41B1-A8E8-37E4B7949BAC}C:\users\abin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\abin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A6F5AF84-543C-47FC-AB3F-463A6712B570}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{E03284CE-83BE-4386-9BCD-3D1BB53D1DB5}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{83039288-4551-4F9D-878A-1337977D83CD}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{81602BAF-ACEF-4BAB-991B-B53236FFFC36}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
FirewallRules: [{1E3F7C3D-39DB-47D0-9AD7-F012123572A3}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{BADB810B-8993-4B4C-B60D-5B42272AA25C}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{A3F80A59-AE09-455A-95A4-971D4C2C6BB1}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{B0388973-F5B8-4586-AC5E-75784E31DD98}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe
FirewallRules: [{54EA36ED-4CE9-499A-B58B-F789B11E5213}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{418B53F0-8570-47CD-94A1-BCEDF2255A0F}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{622E23DD-D705-4CE3-8399-E3C64D804AE0}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{B34CB457-648A-46BC-866A-5B6B6C49A30F}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
FirewallRules: [{7756BE83-265B-4113-A732-C43E964C053D}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{44D9E646-8432-4987-A7A1-105DE97DA208}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{5C152B37-EC02-4CD3-B32C-B2D79569D2FD}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [{68B5AFAC-1DBF-4E04-BFEF-9592E3AAC850}] => (Allow) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
FirewallRules: [TCP Query User{14CFCFB0-E9E3-44E2-8217-5607EFDBB75C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{35610654-961B-44B5-BA34-746B7F2BA067}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{F4542BF1-50DD-4CCC-BABF-74B55BE4AA1F}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [UDP Query User{3874FBEB-AE7E-4165-85C7-CC4423EEE23F}C:\program files (x86)\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2016\pes2016.exe
FirewallRules: [{EFE34DE5-07A1-4C4F-AD97-13F628DB6779}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{BFD854F5-857E-44AE-99FB-E20A9EA571B8}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{EEBC157D-71C1-463F-9C05-008D520CF804}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{703A5067-A4C5-4E1F-890A-74E5E60829C9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{18753A56-5481-4DE0-89C9-38DB5E1BEEA1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{2D48FF83-5FBD-400A-8F69-73147F2136D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [TCP Query User{CE260C96-94D1-4E0F-9083-AAD49FB898C9}C:\program files (x86)\ubisoft\assassin's creed ii\server.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed ii\server.exe
FirewallRules: [UDP Query User{4078974D-1353-41EC-934C-88ABEDFED94C}C:\program files (x86)\ubisoft\assassin's creed ii\server.exe] => (Allow) C:\program files (x86)\ubisoft\assassin's creed ii\server.exe
FirewallRules: [{A96AF338-9DCF-47A2-93DA-463BAD200800}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FAA13560-67CB-4F75-B449-831B6D03BC70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{92980660-865C-4C5C-9910-C2DCA56EA7D5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4DDA2C5E-8162-4D91-8CA1-C6D480F9DD05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{4229402B-EC60-4B7E-AFBA-1D99FD41DFF5}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe] => (Block) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{61C3E475-5232-4378-8E64-128074E0FEC7}C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe] => (Block) C:\program files (x86)\r.g. mechanics\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{49C7820E-DED2-42E1-B5DF-A13DEA3EF727}C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe
FirewallRules: [UDP Query User{E1A868E9-735D-4310-A85D-A5C5029BF58D}C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\abin\desktop\left 4 dead 2  v2.0.2.7  full-rip  {blaze69}\left 4 dead 2\left4dead2.exe
FirewallRules: [TCP Query User{6AC584DD-A084-473C-820D-B89018FE96B0}C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe] => (Allow) C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe
FirewallRules: [UDP Query User{020A148D-A612-478F-8046-4AFC038F08BB}C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe] => (Allow) C:\program files (x86)\r.g. mechanics\gears of war\binaries\wargame-g4wlive.exe
FirewallRules: [{015B236C-CCCA-4465-AF69-21F78673527F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8C26D8D3-1AC0-43F8-BDB1-601497CDF137}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{DDA85352-A454-4DFD-A18F-F1EB07A2DE6D}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{688F9864-B621-4741-9C91-DCD0CA791AD4}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{D5EDF3FF-231C-43A6-AE20-80F6E1E582B8}] => (Allow) C:\Program Files (x86)\Out of the Park Developments\Franchise Hockey Manager 2\fhm2.exe
FirewallRules: [{29FD985B-41EB-41C1-9B41-094F74E96F63}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{11D0A962-C7B9-46E0-BBAA-35F20FC4BD8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C858684E-561B-4151-B469-2270215E02A1}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{67B3BEB7-479E-4B3B-8E12-EA3956CB486C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{25EF8F08-431D-4420-93B6-1BA7ADC15D09}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{4F282836-F324-4E36-8D59-C3627211DFED}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{43301E34-418A-4914-AF19-F1B487F394AB}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{8FF067CA-1826-4112-B80B-C388655AF807}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{F366C376-80E6-42F3-8891-43B473423EDF}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{672B9682-2966-4392-A7AD-76E2369696E6}] => (Allow) C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
FirewallRules: [{915F6A26-3755-4FCF-9F26-8EC2455D55EE}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
FirewallRules: [{A61A018D-2347-4AE8-BEEA-07EDF56BA1E0}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{5D3B0E31-BC1F-488C-8765-8CB842613C70}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{5EB091B4-229D-4693-A63F-6BD0E21A1DFF}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{0A6ACA25-6974-4B39-87C2-32C6062380A8}] => (Allow) C:\Program Files\HitmanPro\HitmanPro.exe
FirewallRules: [{4C27E9C0-51E0-4EE9-9334-5D4B44875195}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{E13EC6B9-37C6-46A3-B347-D902B48D3D19}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{55430966-770C-438E-883D-C0EBF94AE029}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{DDCE2957-235E-4B15-99A6-D6A535F5C127}] => (Allow) C:\Users\Abin\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{1C5BE86C-97E5-4934-8017-6E7D8F6FCD14}] => (Allow) %USERPROFILE%\Desktop\Zemana.AntiMalware.Portable.exe
FirewallRules: [{7724C8AB-AC28-41C6-A4F5-5941AB3895E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
20-09-2017 06:53:45 Scheduled Checkpoint
28-09-2017 18:16:00 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/02/2017 07:45:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (10/02/2017 07:43:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/02/2017 07:37:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (10/02/2017 07:35:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/02/2017 07:35:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3b64adc5-c3a6-4249-8d17-ddcfff8ebdbb}
 
Error: (10/01/2017 07:18:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 3.0.0.1169, time stamp: 0x599723f1
Faulting module name: Qt5Qml.dll, version: 5.6.2.0, time stamp: 0x59a6405a
Exception code: 0xc0000005
Fault offset: 0x000aaf28
Faulting process id: 0x520
Faulting application start time: 0x01d33b1317a4116c
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
Report Id: 487b5b72-5748-402f-b3ba-dd1ef5ae1ac8
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/01/2017 07:17:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 3.0.0.1169, time stamp: 0x599723f1
Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x59a63e00
Exception code: 0xc0000005
Fault offset: 0x001aa3b6
Faulting process id: 0x520
Faulting application start time: 0x01d33b1317a4116c
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: b47c5c11-2e0c-40e8-8da7-2ac0c193fb27
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/01/2017 07:17:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.556, time stamp: 0x5988c3f1
Faulting module name: mbamservice.exe, version: 3.1.0.556, time stamp: 0x5988c3f1
Exception code: 0xc0000005
Fault offset: 0x00000000000f9b03
Faulting process id: 0x1070
Faulting application start time: 0x01d33b1319397319
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Report Id: c3eb5bb3-5082-4c77-85bf-cfab78561380
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/01/2017 01:13:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OommenHP)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147467259 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (10/01/2017 01:13:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: OommenHP)
Description: Package Microsoft.Windows.ShellExperienceHost_10.0.14393.1715_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.
 
 
System errors:
=============
Error: (10/02/2017 07:37:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/01/2017 09:20:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (10/01/2017 09:20:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (10/01/2017 09:13:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The HP CUE DeviceDiscovery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/01/2017 09:13:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The hpqcxs08 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/30/2017 12:30:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (09/30/2017 12:29:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (09/29/2017 09:49:30 PM) (Source: DCOM) (EventID: 10010) (User: OommenHP)
Description: The server Microsoft.ZuneVideo.AppX33njnjhzx79sr2vn13w10ca357txr5yn.mca did not register with DCOM within the required timeout.
 
Error: (09/28/2017 06:16:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
Error: (09/28/2017 06:16:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error: 
Incorrect function.
 
 
CodeIntegrity:
===================================
  Date: 2017-02-12 01:39:36.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:36.690
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:36.657
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:36.332
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.416
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.219
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:35.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-02-12 01:39:34.900
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD E-300 APU with Radeon™ HD Graphics
Percentage of memory in use: 76%
Total physical RAM: 2662.54 MB
Available physical RAM: 623.05 MB
Total Virtual: 7270.54 MB
Available Virtual: 4525.07 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:453.86 GB) (Free:15.85 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.37 GB) (Free:1.34 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7B343CE4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.4 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

Edited by ao3, 02 October 2017 - 10:29 PM.


#14 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 04 October 2017 - 08:18 PM

Hi ao3 :)

 

I'm still working and consulting with staff on the next steps to get your computer functioning again. Thank you for your patience. :busy:

 

polskamachina



#15 polskamachina

polskamachina

  • Malware Response Team
  • 4,067 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:06:36 PM

Posted 06 October 2017 - 12:19 AM

Hi ao3 :)

You said:

By the way, I had to update FRST manually, since it can't access the internet on its own. It's not just the security programs. Even Firefox was able to update on its own (I use Chrome), but these programs can't. And each time I try to open them I get a pop-up that says SmartScreen isn't working.

Let's try to attack this problem from a different angle. Please perform the following steps:

Disable SmartScreen in Windows 10

Right-click the start button and open the Control Panel
Select Security and Maintenance.
Or, you can click Start and type: security and maintenance and select the result from the top.
security-and-maintenance-Start.png
Now click Change Windows SmartScreen settings.
2-Control-Panel-Settings.png
Now you have three options, keep it on with admin approval to allow running the app (the default), warn about unrecognized apps but not require admin approval, or turn it off completely.
Please select the last option which is, Don't do anything (turn off Windows SmartScreen)
3-Turn-Off.png
When you turn it off, right away a notification will pop-up telling you how unsafe you’re being.
bugging-screen.png
But, if you don’t want to be nagged about the fact you turned SmartScreen off, click Turn off messages about Windows SmartScreen under the Security section.
Turn-off-Messages.pngSave

Disable SmartScreen Filter for IE or Microsoft Edge
In IE 11 click Settings (gear icon) > Safety > Turn on SmartScreen Filter.
IE-Settings.png
Then select the option to turn it off and click OK.
turn-off-in-IE.png
Microsoft Edge makes turning it off a bit easier. Open Edge and go to Settings > View Advanced Settings. Then scroll down to the bottom under Privacy and Services and turn off Help protect me from malicious sites and downloads with SmartScreen Filter.
edge.png

After you have followed all of these steps and turned off the SmartScreen filter, try your previously nonworking applications and see if you have noticed any improvements.

Let me know if you have any questions.

polskamachina






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users