Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

After virus infection can't download files from web


  • Please log in to reply
9 replies to this topic

#1 Ritoaniajin

Ritoaniajin

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 12 March 2018 - 02:05 PM

Hi,

 

As I stated in the title my PC got infected with some sort of virus that does not let me download any files neither from the web nor my google drive (there are some execptions). If I try to download a file I imediatelly get redirected to some other page (looks like some sort of cloud...) and I am asked if I want to download a file which is named (usually the begining is the same as the file I want) ***7a-11c.rar. Inside that rar is a file the with the same name only it is an exe file (I did not unrar or install this file, only opened the rar).

I also saw in my antivirus (kaspersky free) logs that it had quarantened a trojan which had the 7a-11c in it's name

(C:\Users\akoso\AppData\Local\Temp\Rar$DIa0.339\readerdc_uk_xa_cra_install-7a-11c.exe   Object name: UDS:Trojan.Win32.Loskad.a).

But the virus was deleted (at least the Kaspersky antivirus said so)

I tried some other free antivirus programs and many malware removal tools to clean my windows but nothing helped...

 

Also I believe that during the same virus infection my Windows Defender (WD) got infected too because in the exclusion section of WD the appeared 7-9 exclusions that I could not remove. I could only remove them by doing it from: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Paths

 

Currently apart from Window Defender no other antivirus programs installed.

 

For the FRST scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.03.2018 01
Ran by akoso (administrator) on DESKTOP-CO73S96 (12-03-2018 20:56:47)
Running from C:\Users\akoso\Downloads
Loaded Profiles: akoso (Available Profiles: akoso)
Platform: Windows 10 Pro Version 1709 16299.248 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(f.lux Software LLC) C:\Users\akoso\AppData\Local\FluxSoftware\Flux\flux.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe
(TODO: <Company name>) C:\Program Files (x86)\ASUS\GPU TweakII\Monitor.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP2\AIMP2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2018-02-27] (Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [TP-LINK USB Printer Controller] => C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe [4226048 2012-09-21] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Run: [f.lux] => C:\Users\akoso\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-10] (f.lux Software LLC)
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-06] (Disc Soft Ltd)
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Run: [Gaijin.Net Agent] => C:\Users\akoso\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2116168 2018-01-22] (Gaijin Entertainment)
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\MountPoints2: {13131ecd-0eb6-11e8-9cf1-3085a98e6b01} - "F:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b283b3f0-965d-4149-9f85-0cedbd2306eb}: [NameServer] 35.177.46.238,46.101.28.31,,192.168.0.1
Tcpip\..\Interfaces\{b283b3f0-965d-4149-9f85-0cedbd2306eb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cd731e0d-c83a-471b-b7c6-aec5d613e600}: [NameServer] 35.177.46.238,46.101.28.31,

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-522091178-3401052546-1187609887-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-522091178-3401052546-1187609887-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-11] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-11] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-522091178-3401052546-1187609887-1001 -> hxxp://google.lt/

FireFox:
========
FF DefaultProfile: zd0of4xc.default
FF ProfilePath: C:\Users\akoso\AppData\Roaming\Mozilla\Firefox\Profiles\zd0of4xc.default [2018-03-12]
FF Homepage: Mozilla\Firefox\Profiles\zd0of4xc.default -> google.com
FF NewTabOverride: Mozilla\Firefox\Profiles\zd0of4xc.default -> Enabled: "id":"{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7
FF Extension: (Simple YouTube MP3 Button) - C:\Users\akoso\AppData\Roaming\Mozilla\Firefox\Profiles\zd0of4xc.default\Extensions\{e33788ea-0bb9-4502-9c77-bdc551afc8ab}.xpi [2018-02-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-11] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin HKU\S-1-5-21-522091178-3401052546-1187609887-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\akoso\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-08] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default [2018-03-10]
CHR Extension: (Docs) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-22]
CHR Extension: (Google Drive) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-22]
CHR Extension: (YouTube) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-22]
CHR Extension: (Sheets) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-22]
CHR Extension: (Kaspersky Protection) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-01-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-07]
CHR Extension: (Gmail) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-22]
CHR Extension: (Chrome Media Router) - C:\Users\akoso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-22]
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9302688 2018-02-17] (Emsisoft Ltd)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [382424 2018-01-05] (ASUSTeK Computer Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-03-16] ()
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-04-19] (Apple Inc.)
S3 DAUpdaterSvc; E:\Games\Steam Games\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2018-02-05] (BioWare)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-06] (Disc Soft Ltd)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [521064 2018-01-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2017-10-28] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-08] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [873968 2017-06-30] (Tunngle.net GmbH) [File not signed]
R2 UserAccess7; C:\WINDOWS\SysWOW64\UAService7.exe [143360 2017-12-08] (Sony DADC Austria AG.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-03-02] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-03-02] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-04-14] ()
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-17] (Disc Soft Ltd)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2017-05-08] (ASUSTeK Computer Inc.)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-27] (Malwarebytes)
R1 MpKsl57e4b39f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E975E75D-0202-45A8-95B3-95C55C084A33}\MpKsl57e4b39f.sys [58120 2018-03-12] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_048172e9d7cc483d\nvlddmkm.sys [17524720 2018-02-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [32104 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-24] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
R3 TPLINKUDSMBus; C:\WINDOWS\system32\drivers\TplinkUDSMBus.sys [102688 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S3 TplinkUDSTcpBus; C:\WINDOWS\System32\drivers\TplinkUDSTcpBus.sys [181024 2012-09-21] (Windows ® Codename Longhorn DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-03-02] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288296 2018-03-02] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-03-02] (Microsoft Corporation)
S3 GPUZ; \??\C:\Users\akoso\AppData\Local\Temp\GPUZ.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-12 20:45 - 2018-03-12 20:55 - 000063385 _____ C:\Users\akoso\Downloads\Addition.txt
2018-03-12 20:44 - 2018-03-12 20:56 - 000017076 _____ C:\Users\akoso\Downloads\FRST.txt
2018-03-12 20:44 - 2018-03-12 20:56 - 000000000 ____D C:\FRST
2018-03-12 20:43 - 2018-03-12 20:43 - 002402816 _____ (Farbar) C:\Users\akoso\Downloads\FRST64.exe
2018-03-12 17:27 - 2018-03-12 17:30 - 000000000 ____D C:\ProgramData\HitmanPro
2018-03-12 17:27 - 2018-03-12 17:27 - 011605440 _____ (SurfRight B.V.) C:\Users\akoso\Downloads\hitmanpro_x64.exe
2018-03-12 17:27 - 2018-03-12 17:27 - 000000000 ____D C:\Program Files\HitmanPro
2018-03-11 21:15 - 2018-03-11 21:15 - 000000000 ____D C:\Users\akoso\Documents\Electronic Arts
2018-03-11 21:15 - 2018-03-11 21:15 - 000000000 ____D C:\Users\akoso\AppData\Local\Electronic Arts
2018-03-11 21:14 - 2018-03-11 21:14 - 000000000 ____D C:\Users\akoso\Documents\Electrontic Arts
2018-03-07 23:01 - 2018-03-07 23:01 - 000000000 ____D C:\Users\akoso\AppData\Roaming\SUPERAntiSpyware.com
2018-03-07 23:00 - 2018-03-07 23:01 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-03-07 23:00 - 2018-03-07 23:00 - 031945112 _____ (SUPERAntiSpyware) C:\Users\akoso\Downloads\SUPERAntiSpyware.exe
2018-03-07 23:00 - 2018-03-07 23:00 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-03-07 23:00 - 2018-03-07 23:00 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2018-03-07 23:00 - 2018-03-07 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-03-04 17:23 - 2018-03-04 17:23 - 000000000 ____D C:\Users\akoso\Documents\Rise of the Tomb Raider
2018-03-04 17:23 - 2018-03-04 17:23 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Crystal Dynamics
2018-03-04 00:01 - 2018-03-04 00:01 - 000002986 _____ C:\WINDOWS\System32\Tasks\AURA
2018-03-03 18:11 - 2018-03-03 18:11 - 009309675 _____ (ASUS / Geeks3D ) C:\Users\akoso\Downloads\ASUS_FurMark_ROG_Edition_Setup_v0.6.1.0.exe
2018-03-03 18:11 - 2018-03-03 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2018-03-03 18:11 - 2018-03-03 18:11 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2018-03-02 22:22 - 2018-03-02 22:22 - 000000000 ____D C:\ProgramData\ASUS
2018-03-02 22:21 - 2018-03-12 17:12 - 000003094 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
2018-03-02 22:21 - 2018-03-04 00:01 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-03-02 22:21 - 2018-03-02 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-03-02 22:21 - 2017-05-08 21:52 - 000034064 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\IOMap64.sys
2018-03-02 22:21 - 2017-04-14 23:50 - 000028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2018-03-02 22:21 - 2017-04-14 23:50 - 000015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2018-03-02 22:20 - 2018-03-02 22:20 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2018-03-02 22:19 - 2018-03-02 22:19 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2018-03-02 21:39 - 2018-03-02 21:39 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-02 21:39 - 2018-02-23 21:28 - 000136536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-03-02 21:39 - 2017-12-09 00:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-03-02 21:39 - 2017-12-09 00:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-03-02 21:39 - 2017-12-09 00:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-03-02 21:39 - 2017-12-09 00:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-03-02 21:38 - 2018-03-02 21:38 - 000000000 ____D C:\WINDOWS\LastGood
2018-03-02 21:36 - 2018-02-26 05:46 - 000997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-02 21:36 - 2018-02-26 05:46 - 000949280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-02 21:36 - 2018-02-26 05:46 - 000625696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-03-02 21:36 - 2018-02-26 05:46 - 000516128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 019854816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 016496072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 013571008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 011131688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 004317160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 003717432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 001985384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439101.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 001684000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439101.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 001136944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 001065880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 000749416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-03-02 21:36 - 2018-02-26 05:44 - 000608344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 040277488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 035188640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 001355408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 001345944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 001153752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 001067368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 000902280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 000811992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 000650424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-03-02 21:36 - 2018-02-26 05:43 - 000633040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-03-02 21:36 - 2018-02-26 05:42 - 012966216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-02 21:36 - 2018-02-26 05:42 - 011000480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-02 21:36 - 2018-02-26 05:42 - 004630848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-03-02 21:36 - 2018-02-26 05:42 - 003938208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-02 21:36 - 2018-02-26 05:42 - 001061352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-03-02 21:20 - 2018-03-02 21:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-27 22:51 - 2018-02-27 22:51 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-02-27 22:51 - 2018-02-27 22:51 - 000000000 ____D C:\Program Files\Realtek
2018-02-27 22:51 - 2018-02-27 22:38 - 072113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-02-27 22:51 - 2018-02-27 22:38 - 007164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 005615552 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 005234952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 003262184 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 003218800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 002907864 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 002702040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-02-27 22:51 - 2018-02-27 22:38 - 002531544 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 002162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 002101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 002014958 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-02-27 22:51 - 2018-02-27 22:38 - 001739992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 001413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 001361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 001316056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 001104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000995120 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000856992 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000837776 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000654480 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000544400 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2018-02-27 22:51 - 2018-02-27 22:38 - 000518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000435344 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000213432 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000168816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-02-27 22:51 - 2018-02-27 22:38 - 000065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-02-27 22:51 - 2018-02-27 22:37 - 000003008 ____N C:\WINDOWS\system32\Drivers\DTSU2P.DAT
2018-02-27 22:50 - 2018-03-04 00:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-27 22:50 - 2018-02-27 22:37 - 014048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 012975360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 012834736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 007087448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 006242576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 003182104 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 002825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 002789808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 002041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001933584 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001559744 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001499984 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001360640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 001136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000979280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000336144 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000328816 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000284944 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000109848 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2018-02-27 22:50 - 2018-02-27 22:37 - 000096568 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-02-27 22:48 - 2018-02-27 22:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-27 22:47 - 2018-02-27 22:51 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-27 22:47 - 2018-02-27 22:47 - 000001769 _____ C:\WINDOWS\Language_trs.ini
2018-02-27 22:41 - 2018-02-27 22:41 - 008222496 _____ (Malwarebytes) C:\Users\akoso\Desktop\adwcleaner_7.0.8.0.exe
2018-02-27 22:39 - 2018-03-10 00:21 - 000000000 ____D C:\AdwCleaner
2018-02-27 22:38 - 2018-02-27 22:41 - 000000000 ____D C:\Users\akoso\Desktop\Realtek
2018-02-27 22:27 - 2018-02-27 22:27 - 000000000 ____D C:\Users\akoso\AppData\Local\ElevatedDiagnostics
2018-02-27 22:23 - 2018-02-27 22:23 - 061387704 _____ (Skype Technologies S.A.) C:\Users\akoso\Downloads\Skype-8.16.0.4.exe
2018-02-26 19:02 - 2018-02-26 19:02 - 000137128 _____ C:\Users\akoso\Downloads\document.pdf
2018-02-24 19:45 - 2018-02-24 19:45 - 000000000 ____D C:\Users\akoso\AppData\Local\Ruiner
2018-02-24 19:15 - 2018-02-24 19:15 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-02-18 14:22 - 2018-02-18 14:22 - 028893625 _____ C:\Users\akoso\Downloads\wetransfer-a03599.zip
2018-02-18 10:27 - 2018-02-18 10:27 - 000236825 _____ C:\Users\akoso\Downloads\BoardingCard_162303330_LTN_VNO.pdf
2018-02-18 10:26 - 2018-02-18 10:26 - 000236832 _____ C:\Users\akoso\Downloads\BoardingCard_161899354_VNO_LTN.pdf
2018-02-18 10:18 - 2018-02-18 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2018-02-18 10:18 - 2018-02-18 10:18 - 000000000 ____D C:\Program Files (x86)\TP-LINK
2018-02-18 10:18 - 2012-09-21 09:47 - 000102688 _____ (Windows ® Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\TplinkUDSMBus.sys
2018-02-18 10:18 - 2012-09-21 09:44 - 000181024 _____ (Windows ® Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\TplinkUDSTcpBus.sys
2018-02-18 10:17 - 2018-02-18 10:17 - 014951525 _____ C:\Users\akoso\Downloads\USB_Printer_Controller_Utility_Windows_1479888897042h.zip
2018-02-16 00:47 - 2018-02-16 00:47 - 000000000 ____D C:\Users\akoso\Documents\DeadIslandDI
2018-02-14 19:09 - 2018-02-10 08:24 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-14 19:09 - 2018-02-10 08:23 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-14 19:09 - 2018-02-10 08:23 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-14 19:09 - 2018-02-10 08:23 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-14 19:09 - 2018-02-10 08:23 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 19:09 - 2018-02-10 08:22 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-14 19:09 - 2018-02-10 08:22 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-14 19:09 - 2018-02-10 08:22 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-14 19:09 - 2018-02-10 08:22 - 000387480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-14 19:09 - 2018-02-10 08:22 - 000272800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-14 19:09 - 2018-02-10 08:22 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 19:09 - 2018-02-10 08:22 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 19:09 - 2018-02-10 08:21 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-14 19:09 - 2018-02-10 08:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-14 19:09 - 2018-02-10 08:21 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-14 19:09 - 2018-02-10 08:20 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-14 19:09 - 2018-02-10 08:20 - 001055640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-14 19:09 - 2018-02-10 08:20 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-14 19:09 - 2018-02-10 08:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-02-14 19:09 - 2018-02-10 08:20 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-02-14 19:09 - 2018-02-10 08:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-14 19:09 - 2018-02-10 08:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-14 19:09 - 2018-02-10 08:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-14 19:09 - 2018-02-10 08:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-02-14 19:09 - 2018-02-10 08:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 19:09 - 2018-02-10 08:17 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-14 19:09 - 2018-02-10 08:16 - 008603032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 19:09 - 2018-02-10 08:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-14 19:09 - 2018-02-10 08:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-14 19:09 - 2018-02-10 08:15 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-02-14 19:09 - 2018-02-10 08:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-14 19:09 - 2018-02-10 08:15 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-14 19:09 - 2018-02-10 08:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-14 19:09 - 2018-02-10 08:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-14 19:09 - 2018-02-10 08:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-14 19:09 - 2018-02-10 08:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-14 19:09 - 2018-02-10 08:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-02-14 19:09 - 2018-02-10 08:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-14 19:09 - 2018-02-10 08:13 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-02-14 19:09 - 2018-02-10 08:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-14 19:09 - 2018-02-10 08:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-02-14 19:09 - 2018-02-10 08:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-02-14 19:09 - 2018-02-10 08:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-14 19:09 - 2018-02-10 08:12 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-14 19:09 - 2018-02-10 08:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-02-14 19:09 - 2018-02-10 08:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-14 19:09 - 2018-02-10 08:11 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-14 19:09 - 2018-02-10 08:11 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-14 19:09 - 2018-02-10 08:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-14 19:09 - 2018-02-10 08:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-14 19:09 - 2018-02-10 08:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-14 19:09 - 2018-02-10 08:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-14 19:09 - 2018-02-10 08:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-14 19:09 - 2018-02-10 08:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-14 19:09 - 2018-02-10 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-14 19:09 - 2018-02-10 08:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-14 19:09 - 2018-02-10 08:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-02-14 19:09 - 2018-02-10 08:09 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-14 19:09 - 2018-02-10 08:08 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-14 19:09 - 2018-02-10 08:08 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-14 19:09 - 2018-02-10 08:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-14 19:09 - 2018-02-10 08:08 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-14 19:09 - 2018-02-10 08:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 19:09 - 2018-02-10 08:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-14 19:09 - 2018-02-10 08:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-14 19:09 - 2018-02-10 08:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-14 19:09 - 2018-02-10 08:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-14 19:09 - 2018-02-10 08:07 - 002710728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-14 19:09 - 2018-02-10 08:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-14 19:09 - 2018-02-10 08:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-02-14 19:09 - 2018-02-10 08:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-02-14 19:09 - 2018-02-10 08:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 000519144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-14 19:09 - 2018-02-10 08:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-14 19:09 - 2018-02-10 08:06 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-14 19:09 - 2018-02-10 08:06 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-14 19:09 - 2018-02-10 08:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-14 19:09 - 2018-02-10 08:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-14 19:09 - 2018-02-10 08:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-14 19:09 - 2018-02-10 08:05 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-02-14 19:09 - 2018-02-10 08:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-02-14 19:09 - 2018-02-10 08:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-02-14 19:09 - 2018-02-10 08:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-14 19:09 - 2018-02-10 08:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-14 19:09 - 2018-02-10 08:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-14 19:09 - 2018-02-10 08:04 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-14 19:09 - 2018-02-10 08:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-02-14 19:09 - 2018-02-10 08:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-14 19:09 - 2018-02-10 08:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-14 19:09 - 2018-02-10 08:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-14 19:09 - 2018-02-10 08:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-14 19:09 - 2018-02-10 08:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-14 19:09 - 2018-02-10 08:02 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-02-14 19:09 - 2018-02-10 08:02 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-02-14 19:09 - 2018-02-10 08:02 - 000231320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-02-14 19:09 - 2018-02-10 08:02 - 000040352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-02-14 19:09 - 2018-02-10 07:22 - 001930224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-02-14 19:09 - 2018-02-10 07:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-14 19:09 - 2018-02-10 07:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-02-14 19:09 - 2018-02-10 07:18 - 000022424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2018-02-14 19:09 - 2018-02-10 07:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-02-14 19:09 - 2018-02-10 07:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-14 19:09 - 2018-02-10 07:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-02-14 19:09 - 2018-02-10 07:17 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-14 19:09 - 2018-02-10 07:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-14 19:09 - 2018-02-10 07:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-02-14 19:09 - 2018-02-10 07:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-02-14 19:09 - 2018-02-10 07:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-02-14 19:09 - 2018-02-10 07:09 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-14 19:09 - 2018-02-10 07:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-14 19:09 - 2018-02-10 07:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-14 19:09 - 2018-02-10 07:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-02-14 19:09 - 2018-02-10 07:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-14 19:09 - 2018-02-10 07:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-14 19:09 - 2018-02-10 07:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-02-14 19:09 - 2018-02-10 07:08 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-14 19:09 - 2018-02-10 07:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 025253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-14 19:09 - 2018-02-10 07:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-14 19:09 - 2018-02-10 07:06 - 006481640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 19:09 - 2018-02-10 07:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-14 19:09 - 2018-02-10 07:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-14 19:09 - 2018-02-10 07:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-02-14 19:09 - 2018-02-10 07:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-02-14 19:09 - 2018-02-10 07:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-02-14 19:09 - 2018-02-10 07:04 - 001491352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-02-14 19:09 - 2018-02-10 07:04 - 000027032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2018-02-14 19:09 - 2018-02-10 07:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-02-14 19:09 - 2018-02-10 06:50 - 003665408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-14 19:09 - 2018-02-10 06:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-14 19:09 - 2018-02-10 06:50 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-14 19:09 - 2018-02-10 06:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-02-14 19:09 - 2018-02-10 06:50 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-14 19:09 - 2018-02-10 06:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-14 19:09 - 2018-02-10 06:49 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-14 19:09 - 2018-02-10 06:49 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-14 19:09 - 2018-02-10 06:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-02-14 19:09 - 2018-02-10 06:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-14 19:09 - 2018-02-10 06:49 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-14 19:09 - 2018-02-10 06:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-02-14 19:09 - 2018-02-10 06:49 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-14 19:09 - 2018-02-10 06:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-14 19:09 - 2018-02-10 06:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-14 19:09 - 2018-02-10 06:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-02-14 19:09 - 2018-02-10 06:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-02-14 19:09 - 2018-02-10 06:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-14 19:09 - 2018-02-10 06:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-02-14 19:09 - 2018-02-10 06:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-14 19:09 - 2018-02-10 06:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-02-14 19:09 - 2018-02-10 06:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 19:09 - 2018-02-10 06:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-02-14 19:09 - 2018-02-10 06:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-02-14 19:09 - 2018-02-10 06:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-02-14 19:09 - 2018-02-10 06:44 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-02-14 19:09 - 2018-02-10 06:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 018923008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 008020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-14 19:09 - 2018-02-10 06:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppManagementConfiguration.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-02-14 19:09 - 2018-02-10 06:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 023671808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-02-14 19:09 - 2018-02-10 06:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-02-14 19:09 - 2018-02-10 06:42 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 19:09 - 2018-02-10 06:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-14 19:09 - 2018-02-10 06:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-02-14 19:09 - 2018-02-10 06:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-02-14 19:09 - 2018-02-10 06:41 - 019352576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-02-14 19:09 - 2018-02-10 06:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-14 19:09 - 2018-02-10 06:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppManagementConfiguration.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-02-14 19:09 - 2018-02-10 06:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 012831744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 008110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 19:09 - 2018-02-10 06:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-02-14 19:09 - 2018-02-10 06:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-02-14 19:09 - 2018-02-10 06:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-02-14 19:09 - 2018-02-10 06:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-02-14 19:09 - 2018-02-10 06:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 011925504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-02-14 19:09 - 2018-02-10 06:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-02-14 19:09 - 2018-02-10 06:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-02-14 19:09 - 2018-02-10 06:38 - 006567936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-14 19:09 - 2018-02-10 06:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-14 19:09 - 2018-02-10 06:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-02-14 19:09 - 2018-02-10 06:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-02-14 19:09 - 2018-02-10 06:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-02-14 19:09 - 2018-02-10 06:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-14 19:09 - 2018-02-10 06:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 003678720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-14 19:09 - 2018-02-10 06:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-14 19:09 - 2018-02-10 06:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-14 19:09 - 2018-02-10 06:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-14 19:09 - 2018-02-10 06:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-14 19:09 - 2018-02-10 06:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-14 19:09 - 2018-02-10 06:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-14 19:09 - 2018-02-10 06:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-14 19:09 - 2018-02-10 06:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-14 19:09 - 2018-02-10 06:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-14 19:09 - 2018-02-10 06:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-14 19:09 - 2018-02-10 06:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-14 19:09 - 2018-02-10 06:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-14 19:09 - 2018-02-10 06:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-14 19:09 - 2018-02-10 06:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-14 19:09 - 2018-02-10 06:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-14 19:09 - 2018-02-10 06:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-14 19:09 - 2018-02-10 06:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-14 19:09 - 2018-02-10 06:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-02-14 19:09 - 2018-02-10 06:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-14 19:09 - 2018-02-10 06:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-14 19:09 - 2018-02-10 06:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-14 19:09 - 2018-02-10 06:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-02-14 19:09 - 2018-02-10 06:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-14 19:09 - 2018-02-10 06:32 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-02-14 19:09 - 2018-02-10 06:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-14 19:09 - 2018-02-10 06:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-14 19:09 - 2018-02-10 06:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-14 19:09 - 2018-02-10 06:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-02-14 19:09 - 2018-02-10 06:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-02-14 19:09 - 2018-02-10 04:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-02-14 19:09 - 2018-02-10 04:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-02-14 19:09 - 2018-02-09 05:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 19:09 - 2018-02-09 05:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-14 19:09 - 2018-02-09 05:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 19:09 - 2018-02-09 05:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-14 19:09 - 2018-02-09 05:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 19:09 - 2018-02-02 05:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-14 19:09 - 2018-02-02 05:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-14 19:09 - 2018-02-02 05:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-14 19:09 - 2018-02-02 05:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-14 19:09 - 2018-02-02 05:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-14 19:08 - 2018-02-10 06:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-02-13 21:16 - 2018-03-10 13:56 - 000000000 ____D C:\Users\akoso\AppData\Local\CrashDumps
2018-02-11 13:15 - 2018-02-11 13:15 - 000000000 ____D C:\ProgramData\BioWare
2018-02-11 13:01 - 2018-02-11 13:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-02-11 12:59 - 2018-01-24 02:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-11 12:59 - 2018-01-24 02:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-11 12:59 - 2018-01-24 02:23 - 000045600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-02-11 12:53 - 2018-02-11 12:53 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Sun
2018-02-11 12:53 - 2018-02-11 12:53 - 000000000 ____D C:\Users\akoso\AppData\LocalLow\Sun
2018-02-11 12:52 - 2018-02-12 17:12 - 000000000 ____D C:\Users\akoso\AppData\Local\NVIDIA Corporation
2018-02-11 12:52 - 2018-02-11 12:53 - 000000000 ____D C:\ProgramData\Oracle
2018-02-11 12:52 - 2018-02-11 12:52 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-02-11 12:52 - 2018-02-11 12:52 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-02-11 12:52 - 2018-02-11 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-11 12:52 - 2018-02-11 12:52 - 000000000 ____D C:\Program Files (x86)\Java
2018-02-11 12:52 - 2018-01-24 02:23 - 000057928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-02-11 12:52 - 2018-01-10 16:05 - 002426728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-02-11 12:52 - 2018-01-10 16:05 - 002091880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-02-11 12:52 - 2018-01-10 16:05 - 001311080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-02-11 12:52 - 2018-01-10 11:41 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-02-11 12:52 - 2017-12-18 14:07 - 000187704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-02-11 12:52 - 2017-12-18 14:06 - 000152976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-02-11 12:52 - 2017-12-15 04:03 - 000059240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-02-11 12:47 - 2018-02-11 12:47 - 000000000 ____D C:\Users\akoso\Documents\BioWare
2018-02-11 01:05 - 2018-02-11 01:05 - 000000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2018-02-11 00:59 - 2018-02-12 17:10 - 000000324 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2018-02-11 00:59 - 2018-02-11 00:59 - 000003148 _____ C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2018-02-11 00:59 - 2018-02-11 00:59 - 000000000 ____D C:\Users\akoso\AppData\Roaming\dll-files.com
2018-02-11 00:58 - 2018-02-11 00:58 - 000000000 ____D C:\ProgramData\TEMP
2018-02-11 00:58 - 2018-02-11 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2018-02-10 21:01 - 2018-02-10 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-02-10 20:51 - 2018-02-10 20:51 - 000000000 ____D C:\Users\akoso\AppData\Local\TeamViewer
2018-02-10 20:50 - 2018-02-10 20:50 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-02-10 20:50 - 2018-02-10 20:50 - 000000000 ____D C:\Users\akoso\AppData\Roaming\TeamViewer
2018-02-10 20:49 - 2018-03-06 20:24 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-10 13:30 - 2018-02-10 13:30 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Call of Duty WWII_Uninstall
2018-02-10 13:30 - 2018-02-10 13:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-02-10 13:17 - 2018-02-10 14:06 - 000000000 ____D C:\Users\akoso\Documents\Earth 2160

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-12 20:56 - 2017-04-14 21:14 - 000000000 ____D C:\Users\akoso\AppData\Roaming\AIMP
2018-03-12 20:34 - 2018-01-26 10:08 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-03-12 19:30 - 2017-03-17 17:24 - 000000000 ____D C:\Users\akoso\AppData\Local\Warframe
2018-03-12 18:51 - 2017-03-16 17:31 - 000000000 ____D C:\Program Files (x86)\Steam
2018-03-12 17:51 - 2017-03-16 12:43 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Skype
2018-03-12 17:44 - 2017-04-12 17:25 - 000000000 ____D C:\Users\akoso\AppData\LocalLow\Mozilla
2018-03-12 17:15 - 2017-12-07 17:25 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{32013FEB-0C6B-4003-A45C-DBBC340EA99B}
2018-03-12 17:15 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-12 17:14 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-12 17:14 - 2017-03-16 11:35 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-11 22:31 - 2017-03-16 18:05 - 000000000 ____D C:\Users\akoso\Desktop\Games
2018-03-11 20:31 - 2017-03-16 17:47 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-03-11 19:47 - 2017-03-16 13:28 - 000000000 ____D C:\Users\akoso\AppData\Roaming\vlc
2018-03-11 19:38 - 2017-12-07 17:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-11 18:07 - 2017-12-24 12:58 - 000000000 ____D C:\Program Files\Battle.net
2018-03-11 18:07 - 2017-12-24 12:56 - 000000000 ____D C:\Users\akoso\AppData\Local\Battle.net
2018-03-11 10:44 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-10 23:38 - 2017-03-17 16:20 - 000000000 ____D C:\Users\akoso\AppData\Roaming\uTorrent
2018-03-10 01:48 - 2017-11-03 21:47 - 000000000 ____D C:\Users\akoso\ansel
2018-03-10 01:44 - 2017-03-17 16:54 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Tunngle
2018-03-10 00:28 - 2017-12-07 17:28 - 001320358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-10 00:23 - 2017-07-13 21:37 - 000000000 ____D C:\ProgramData\Tunngle
2018-03-10 00:22 - 2017-12-07 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-10 00:22 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-03-07 22:31 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-06 20:37 - 2017-12-10 18:26 - 000000000 ____D C:\Users\akoso\AppData\Local\Ubisoft Game Launcher
2018-03-04 00:02 - 2017-03-16 13:27 - 000000000 ___RD C:\Users\akoso\Desktop\Programos
2018-03-03 18:12 - 2017-12-29 14:13 - 000000000 ____D C:\Users\akoso\AppData\Local\NVIDIA
2018-03-02 22:22 - 2017-12-07 17:18 - 000314816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-02 22:14 - 2017-11-19 23:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-03-02 22:11 - 2017-11-19 23:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-03-02 21:40 - 2017-12-07 17:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-03-02 21:39 - 2017-04-15 21:44 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-02 21:30 - 2017-09-29 15:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-02-28 00:41 - 2017-12-07 17:19 - 000000000 ____D C:\Users\akoso
2018-02-27 22:51 - 2017-04-15 21:44 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-02-27 22:51 - 2017-04-15 21:44 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-02-27 22:38 - 2016-08-18 18:05 - 002846424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-02-27 22:38 - 2016-08-18 17:51 - 004467928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-02-27 22:38 - 2016-08-18 17:51 - 000014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-02-24 22:04 - 2017-12-24 12:59 - 000000000 ____D C:\Users\akoso\AppData\Local\Blizzard Entertainment
2018-02-24 22:03 - 2017-12-24 13:00 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2018-02-24 06:36 - 2017-11-09 03:57 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-02-23 22:02 - 2017-11-28 23:50 - 000000000 ____D C:\Users\akoso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2018-02-23 22:01 - 2017-03-16 11:35 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-02-23 21:58 - 2017-11-28 23:51 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-02-23 21:22 - 2017-04-15 21:44 - 005953096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-02-23 21:22 - 2017-04-15 21:44 - 002587992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-02-23 21:22 - 2017-04-15 21:44 - 001768008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-02-23 21:22 - 2017-04-15 21:44 - 000633984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-02-23 21:22 - 2017-04-15 21:44 - 000451144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-02-23 21:22 - 2017-04-15 21:44 - 000122896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-02-23 21:22 - 2017-04-15 21:44 - 000081752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-02-23 18:05 - 2017-11-07 20:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-19 17:49 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-16 16:48 - 2017-04-15 21:44 - 008083703 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-02-16 11:09 - 2018-01-31 22:03 - 000000000 ____D C:\Users\akoso\AppData\Local\Frontier_Developments
2018-02-16 10:05 - 2017-12-07 17:27 - 000000000 ___RD C:\Users\akoso\3D Objects
2018-02-16 10:05 - 2017-03-16 12:40 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-16 02:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-16 02:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-16 02:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-16 02:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-16 02:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-02-16 02:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-02-15 20:22 - 2017-03-17 18:16 - 000000000 ____D C:\Users\akoso\AppData\Roaming\DAEMON Tools Lite
2018-02-15 20:21 - 2017-12-07 17:25 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-15 19:51 - 2017-03-16 18:07 - 000000000 ____D C:\Users\akoso\Documents\My Games
2018-02-14 19:14 - 2017-03-17 17:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-14 19:13 - 2017-10-11 17:42 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 19:13 - 2017-03-17 17:16 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-14 19:11 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-12 17:10 - 2017-04-12 17:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-12 17:10 - 2017-04-12 17:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-02-11 13:02 - 2017-04-15 21:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-02-11 13:02 - 2017-03-24 21:17 - 000000000 ____D C:\Users\akoso\AppData\Roaming\NVIDIA
2018-02-11 12:52 - 2017-04-15 21:44 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-02-11 11:51 - 2017-03-17 18:30 - 000000000 ____D C:\ProgramData\Media Center Programs

==================== Files in the root of some directories =======

2017-10-28 09:47 - 2017-10-28 09:47 - 000000093 _____ () C:\Users\akoso\AppData\Local\fusioncache.dat
2017-11-07 20:25 - 2017-11-07 20:25 - 000140800 _____ () C:\Users\akoso\AppData\Local\installer.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-06 18:46

==================== End of FRST.txt ============================

 

Addition scan:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.03.2018 01
Ran by akoso (12-03-2018 20:57:18)
Running from C:\Users\akoso\Downloads
Windows 10 Pro Version 1709 16299.248 (X64) (2017-12-07 15:27:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-522091178-3401052546-1187609887-500 - Administrator - Disabled)
akoso (S-1-5-21-522091178-3401052546-1187609887-1001 - Administrator - Enabled) => C:\Users\akoso
ASPNET (S-1-5-21-522091178-3401052546-1187609887-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-522091178-3401052546-1187609887-503 - Limited - Disabled)
Guest (S-1-5-21-522091178-3401052546-1187609887-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-522091178-3401052546-1187609887-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-522091178-3401052546-1187609887-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Disabled - Out of date) {67773CDD-EA83-AD98-A2ED-386463EB3B0D}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Out of date) {DC16DD39-CCB9-A216-985D-0316186C71B0}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AIMP2 (HKLM-x32\...\AIMP2) (Version:  - AIMP DevTeam)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.0.5 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.6.0.5 - ASUSTek COMPUTER INC.)
AURA RGB Lighting Control for Graphic card & ROG-XG-STATION-2 (HKLM-x32\...\{AD025C19-8F13-4D1E-9DE1-5F10D3BA1CCC}) (Version: 0.0.5.5 - ASUSTek COMPUTER INC.) Hidden
AURA RGB Lighting Control for Graphic card & ROG-XG-STATION-2 (HKLM-x32\...\InstallShield_{AD025C19-8F13-4D1E-9DE1-5F10D3BA1CCC}) (Version: 0.0.5.5 - ASUSTek COMPUTER INC.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blitzkrieg Mod version 5.0.0 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 5.0.0 - Blitzkrieg Mod Team)
Call of Duty WWII (HKLM-x32\...\Call of Duty WWII_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Call of Duty: WWII ZM/MP (HKLM-x32\...\Call of Duty: WWII ZM/MP_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CF-100 Player (HKLM-x32\...\{B7A93318-8CC8-41C1-B2C9-A09FF4314905}) (Version: 0.5.4 - BlackSys)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Company of Heroes Tales of valor - Blitzkrieg & Eastern Front Mod - Repack by Archangel (HKLM-x32\...\{3E122A7F-2A31-4644-B040-86304E9A5957}_is1) (Version: 1.0.1.4 - Hell_Archangel)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.3.90 - Dll-Files.com)
Emsisoft Anti-Malware (HKLM\...\{CA975286-D816-410C-B6C9-F7213CA84695}) (Version: 17.12.1.8340 - Emsisoft Ltd.)
EVE Online (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\{c0cb8c54-0bb4-4496-869b-9e68b277c4d3}) (Version: 1.0.0 - CCP)
f.lux (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Flux) (Version:  - f.lux Software LLC)
FurMark ROG Edition 0.6.1.0 (32-bit) (HKLM-x32\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version:  - ASUS / Geeks3D)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
GREED - Black Border (HKLM-x32\...\GREED - Black Border_is1) (Version: 1.3.5 - ClockStone Software GmbH)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version:  - )
Knights and Merchants Remake (HKLM-x32\...\Knights and Merchants Remake_is1) (Version: r5503 - Tolyak26)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 5.4.4.2 (HKLM-x32\...\{53862C8D-D41F-47A1-A331-664EB405BECA}) (Version: 5.4.4.2 - The Document Foundation)
My.com Game Center (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\MyComGames) (Version: 3.198 - My.com B.V.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft OneDrive (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-GB)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
Mplayer.com (HKLM-x32\...\Mplayer.com) (Version:  - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Path of Exile (HKLM-x32\...\{7296c261-365e-4642-bbec-6a6fa255ea42}) (Version: 3.0.3.22607 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.0.3.22607 - Grinding Gear Games) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.5.0.0 - Zenimax Online Studios)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version:  - )
The Lord of the Rings Online™ v03.08.00.8029 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8029 - Turbine, Inc.)
Titan Quest Anniversary Edition (HKLM-x32\...\Titan Quest Anniversary Edition_is1) (Version:  - )
TP-LINK USB Printer Controller (HKLM-x32\...\{3EC900B5-28EE-4472-A9FF-B11A879EC838}) (Version: 1.12.0927 - TP-LINK)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.9 - Tunngle.net GmbH)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\UnityWebPlayer) (Version: 5.3.5f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 45.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\Wargaming.net Game Center) (Version: 18.0.1.7847 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17376 - Microsoft Corporation)
WinRAR 5.21 (64-bitų) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfenstein II The New Colossus (HKLM-x32\...\Wolfenstein II The New Colossus_is1) (Version:  - )
World of Tanks EU (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\WOT.EU.PRODUCTION) (Version:  - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\WOWS.EU.PRODUCTION) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\AIMP_S~1.DLL [2009-03-06] (AIMP DevTeam)
ContextMenuHandlers1-x32: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-01-01] ()
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers4-x32: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP2\System\AIMP_S~1.DLL [2009-03-06] (AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-02-23] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00578DA1-7ABD-4D7E-8964-240C000175E0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0C6C8149-DA2D-493A-9BFD-A5EEB26D3501} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {12BF10AE-45B0-4E94-A6E6-6CF4A36CF99D} - System32\Tasks\RunAsStdUser_MyComGames => C:\Users\akoso\AppData\Local\MyComGames\MyComGames.exe [2017-12-24] (MY.COM B.V.)
Task: {357982D1-2371-4ACB-A88E-F8F73E7B0314} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {3746603E-D521-464F-9E21-3FF06452DDF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-02] (Microsoft Corporation)
Task: {3AFE40D0-F26D-46B2-B0B0-6FF06B172646} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {40031DD1-2B11-4312-9013-56A7A6A283B1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {421EA475-4C62-4545-BAF8-586F3F8781FC} - System32\Tasks\iSunshare SMS Mouse Attendance => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\iSunshare SMS Mouse Attendance\iSunshare SMS Mouse Attendance.dll",kpIlmRraSNaj <==== ATTENTION
Task: {52B31679-466C-405C-A2FA-E337BE0D5177} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2018-01-10] (TODO: <Company name>)
Task: {5CA487FB-F8DE-482A-BFB9-10F4C7CC7944} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {6139407A-8398-45CD-AA8C-E9E1DE02B235} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-02] (Microsoft Corporation)
Task: {627D6986-3EE4-4628-811B-F82E6792A3EE} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2015-10-30] (Dll-FIles.Com)
Task: {6AB62092-C99C-43FD-93A7-A73CA84F808D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {71858AE0-757B-4661-B7CA-CCA74EED7C52} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {975BB8E2-A498-49E2-BCE1-EE89CEACFD99} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {A1998267-FF3C-4268-80EF-DE2EE164CF4C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-07] (Google Inc.)
Task: {B32AD6BB-88E0-4942-9E6B-62D8BF0AC794} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-02] (Microsoft Corporation)
Task: {B52431C5-155A-4337-9D76-9E688FCF4249} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
Task: {C54BB13C-BBCD-446A-A883-574A41A4DFCD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {C9FB75BB-DC2C-403B-B58C-3F1AD5819C2B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {D0BCA2C3-E0BF-4B85-8993-4D809B384729} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-02] (Microsoft Corporation)
Task: {D4909341-46F8-43F9-B0D0-F6959523599B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {F1BCC4C0-5637-410C-B7A8-7EA34A5BA410} - System32\Tasks\AURA => C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\ledcontrolservice.exe [2017-03-01] (ASUSTek COMPUTER INC.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-02-11 13:02 - 2018-02-24 06:36 - 000543248 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-09-15 16:00 - 2012-09-18 14:27 - 000192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2017-09-15 16:00 - 2012-09-18 14:27 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2018-02-11 12:52 - 2018-01-10 16:05 - 001269096 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-28 09:46 - 2017-10-28 09:46 - 000066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-04-15 21:44 - 2018-02-23 21:22 - 000133464 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-02-14 19:09 - 2018-02-10 06:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-14 19:09 - 2018-02-10 06:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-27 19:08 - 2018-02-27 19:08 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-02-27 19:08 - 2018-02-27 19:08 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-02-27 19:08 - 2018-02-27 19:08 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-02-27 19:08 - 2018-02-27 19:08 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-27 19:08 - 2018-02-27 19:08 - 000649216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-10 09:48 - 2018-01-10 09:48 - 001702912 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanServiceEx.exe
2018-02-06 19:45 - 2018-02-06 19:45 - 027803648 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll
2018-03-02 22:21 - 2017-12-26 21:26 - 000081368 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\ATKEX.dll
2018-03-02 22:21 - 2017-12-26 21:26 - 000229848 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\ASUS_WMI.dll
2018-03-02 22:21 - 2018-03-10 00:22 - 000023040 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\PEbiosinterface32.dll
2018-03-02 22:21 - 2017-12-26 21:26 - 000053248 _____ () C:\Program Files (x86)\ASUS\AXSP\4.00.01\cpuutil.dll
2016-12-27 19:27 - 2016-12-27 19:27 - 001753088 _____ () C:\Program Files (x86)\ASUS\AURA(GRAPHICS CARD)\Vender.dll
2017-11-27 18:10 - 2017-11-27 18:10 - 000065536 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Exeio.dll
2017-12-16 23:23 - 2017-12-16 23:23 - 001773056 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\Vender.dll
2018-02-11 12:52 - 2018-01-10 16:05 - 001042280 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-11-23 18:00 - 2017-11-23 18:00 - 000377344 _____ () C:\Program Files (x86)\ASUS\GPU TweakII\CPUPackageTempDLL.dll
2017-03-16 17:31 - 2017-11-29 07:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-03-16 17:31 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-03-16 17:31 - 2017-12-15 21:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
2017-03-16 17:31 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-03-16 17:31 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-12-14 22:03 - 2017-11-04 03:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2017-12-14 22:03 - 2017-11-04 03:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2017-12-14 22:03 - 2017-11-04 03:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2017-12-14 22:03 - 2017-11-04 03:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2017-12-14 22:03 - 2017-11-04 03:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2017-03-16 17:31 - 2017-12-15 21:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-03-16 17:31 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 19:36 - 2017-09-07 04:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-03-16 17:31 - 2017-10-31 06:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-03-16 17:31 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2009-12-26 22:23 - 2009-12-26 22:23 - 000186880 _____ () C:\Program Files (x86)\AIMP2\sqlite3.dll
2006-03-04 02:52 - 2006-03-04 02:52 - 000088576 _____ () C:\Program Files (x86)\AIMP2\OptimFROG.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\akoso\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-02-11 01:07 - 000002094 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com
127.0.0.1 downloadmyhost.com
127.0.0.1 lapapahoster.com
127.0.0.1 bratitlamio.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.wizzuniquify.com
127.0.0.1 wizzmonetize.com
127.0.0.1 laserveradedomaina.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-522091178-3401052546-1187609887-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\akoso\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\uplay_wallpaper.jpg
DNS Servers: 35.177.46.238 - 46.101.28.31
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "Comrade.exe"
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "dedetxgvnj"
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "Kaspersky Software Updater"
HKU\S-1-5-21-522091178-3401052546-1187609887-1001\...\StartupApproved\Run: => "World of Tanks"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5CD29033-441A-4A33-BD95-96E71658F42C}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{31005ECB-39B8-49AA-BD93-58711A1ACEEE}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{75AB336F-22A7-4C06-A43D-997F7027423F}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D7048488-3F34-4463-88C9-6014390061BD}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{4F671862-6BF9-4E42-AD4B-BA032E28F1B5}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{705ACE36-2DDC-4287-AF0F-B0F610F25A3D}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{1CB53F64-6AEF-47F3-82F2-45B6455F96CA}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3216B83C-CEC8-4147-B654-E6E2AEB9F00F}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{D565B1AE-7F44-42C5-8CBC-62090ACA3814}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{10386CCD-2163-4DF6-8D9F-1A8083674298}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{76B1EC75-35B1-4C93-BD33-12CE6404EBC2}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{5F817447-0D96-4E0D-AF31-4112AF90D878}] => (Allow) E:\Games\Steam Games\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [TCP Query User{627B94B7-3093-4277-8F95-868570413EC5}C:\users\akoso\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\akoso\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B0DBD472-7C71-413A-BFC3-7A7194D83B95}C:\users\akoso\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\akoso\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{F1A7DCCB-0C31-4763-98C2-56A129858A9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{554A6BCC-7273-41F4-A153-BA2870895AD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00AAF4E9-6EEF-416F-A304-6EC354C38AF8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F9A865A7-0FDA-426A-BA21-2A81B04CA1FA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{C6AC7E8D-C889-42D0-B41C-FAAB64EA0839}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{781DCD51-CE11-4D4F-AC00-F2E993CC7DF4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A2065597-564D-4FE2-929B-33C8CA22707D}E:\games\steam games\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) E:\games\steam games\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [UDP Query User{99BDE733-2880-433B-B5BA-0B0464C82571}E:\games\steam games\steamapps\common\hunted\binaries\win32\p4dftre.dll] => (Allow) E:\games\steam games\steamapps\common\hunted\binaries\win32\p4dftre.dll
FirewallRules: [TCP Query User{0374CC3A-5921-408F-8546-7C1BCFA6A8E1}E:\games\wargaming\wargaming.net\gamecenter\wgc.exe] => (Allow) E:\games\wargaming\wargaming.net\gamecenter\wgc.exe
FirewallRules: [UDP Query User{4581CDD2-0EEF-4347-9BB3-F8FA0139CE17}E:\games\wargaming\wargaming.net\gamecenter\wgc.exe] => (Allow) E:\games\wargaming\wargaming.net\gamecenter\wgc.exe
FirewallRules: [{F404D887-19C9-481F-9BA8-BD0228011882}] => (Allow) E:\Games\Steam Games\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{FCB3DCE9-FCAF-40A2-93BC-980AA58CA107}] => (Allow) E:\Games\Steam Games\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{19A18237-F8C4-4A12-B7F4-29DF15B66DC0}] => (Allow) E:\Games\Steam Games\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{9000277F-260D-4175-9569-D8750BAE112C}] => (Allow) E:\Games\Steam Games\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [TCP Query User{CEF65CD9-A14D-4265-8493-C2882DEA9026}E:\games\eve\sharedcache\tq\bin\exefile.exe] => (Allow) E:\games\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{0B62575E-3183-417E-B91D-B6472FF55CF7}E:\games\eve\sharedcache\tq\bin\exefile.exe] => (Allow) E:\games\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{2931CD91-4B6A-45B8-B6B1-4334F48C0E5F}E:\games\coh\reliccoh.exe] => (Block) E:\games\coh\reliccoh.exe
FirewallRules: [UDP Query User{3CA94517-7B13-4CC8-945B-8C2E3BADE8C9}E:\games\coh\reliccoh.exe] => (Block) E:\games\coh\reliccoh.exe
FirewallRules: [TCP Query User{5E5C51A5-94E8-493B-98C8-54385F722A5A}E:\games\coh\relicdownloader\relicdownloader.exe] => (Allow) E:\games\coh\relicdownloader\relicdownloader.exe
FirewallRules: [UDP Query User{31CDBE02-76DF-42D1-8285-E0237768BCC6}E:\games\coh\relicdownloader\relicdownloader.exe] => (Allow) E:\games\coh\relicdownloader\relicdownloader.exe
FirewallRules: [{06B8DE7A-51E9-4461-8BE8-50D177BC361F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7C2B766-8CD6-4BAE-BAFC-5C1182498E84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B1DCD262-F717-4F1F-A845-B3657901F858}E:\games\steam games\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) E:\games\steam games\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{7B24E0A3-07C5-44FA-9DB5-1EAFB95EE2D7}E:\games\steam games\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) E:\games\steam games\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [{FB4F5FA1-DDE6-408A-A101-C256016BCEA5}] => (Allow) E:\Games\Steam Games\steamapps\common\star conflict\game.exe
FirewallRules: [{348DFE9F-EB83-4D8B-A61B-6D7BD90A9904}] => (Allow) E:\Games\Steam Games\steamapps\common\star conflict\game.exe
FirewallRules: [{4B5ECE6B-F38A-4A0C-BBA2-E72FD158A93B}] => (Allow) E:\Games\Steam Games\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{2CE54059-C9DA-45EC-BE83-D512B8E3BCB1}] => (Allow) E:\Games\Steam Games\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{9A2A2774-514B-4A5B-8DFE-AD9A5B625536}] => (Allow) E:\Games\Steam Games\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{50C73154-91B9-4EBE-BC88-1B7244580E01}] => (Allow) E:\Games\Steam Games\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{3D4E57DD-CE78-4006-B6A5-417E934CFB42}] => (Allow) E:\Games\Steam Games\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{140C6E5F-8026-44CF-AD43-3C8ACD30934F}] => (Allow) E:\Games\Steam Games\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{4D3961CF-D156-4DAD-BE1B-A8F81F9BD0A9}] => (Allow) E:\Games\Steam Games\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{F6BF8814-329B-4A50-A670-48DB4A7B34CA}] => (Allow) E:\Games\Steam Games\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{947D76D9-EB2F-418D-8B49-95A2B1CB99E3}] => (Allow) E:\Games\Steam Games\steamapps\common\Heliborne\heliborne.exe
FirewallRules: [{66E7828D-5DD9-4BD4-89A9-9E3C5E7F5B0F}] => (Allow) E:\Games\Steam Games\steamapps\common\Heliborne\heliborne.exe
FirewallRules: [{ECBBA2D0-3998-43B1-A982-E4A4F8260740}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 EftbP\Earth2150.exe
FirewallRules: [{663BFE6C-B70A-470C-9B8E-A374D1C4ADB3}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 EftbP\Earth2150.exe
FirewallRules: [{87BB3F67-8C10-4FED-BAA2-61D033D8E47A}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 EftbP\Setup.exe
FirewallRules: [{30CD1499-C233-44EA-BBCB-F9A349081ED7}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 EftbP\Setup.exe
FirewallRules: [{1D88B690-5717-43DB-A71A-482F428208B8}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 The Moon Project\TheMoonProject.exe
FirewallRules: [{FECBB876-A948-410C-A289-00CE05487517}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 The Moon Project\TheMoonProject.exe
FirewallRules: [{8E3072D7-BB33-4531-BA90-D522F97F9867}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 The Moon Project\Setup.exe
FirewallRules: [{A1F62917-1D04-43EE-9F9E-9DBDE04ED117}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 The Moon Project\Setup.exe
FirewallRules: [{CD7CC8E3-807D-4859-BA74-6D570537C5D0}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 Lost Souls\LostSouls.exe
FirewallRules: [{8B8A8E85-9E75-4257-9954-A8B12585F201}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 Lost Souls\LostSouls.exe
FirewallRules: [{8AFDD842-AC94-442C-90C0-3FE765D17F48}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 Lost Souls\Setup.exe
FirewallRules: [{FFD36A58-F8E0-4117-A535-CBCA55478912}] => (Allow) E:\Games\Steam Games\steamapps\common\Earth 2150 Lost Souls\Setup.exe
FirewallRules: [{6812F198-4BD1-497A-9661-081CB97FC8A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B5A88371-194A-4529-AB1E-C27FE79C207D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D5DD0C37-BF30-430F-8644-A60C6BCEB27E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B2912D7A-BB4F-450A-BA92-4D684A1C3F3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2CE48641-6215-43E4-89E1-97E416578035}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{39F4AA6E-EE5B-4709-B5CA-A1D2FD5090DC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{98620934-C145-4CC8-AB08-B0BF7418549B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E0112F2-FAE9-423B-A888-C86BEE81F4B1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{E59E2727-BA5A-4AD7-B101-8E0EF2BC882B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{02FD7EFD-E0F9-4F59-BED9-77BE5B0D3569}] => (Allow) E:\Games\Steam Games\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{B0C59725-4CCD-4733-94D0-9B2AA8B396FB}] => (Allow) E:\Games\Steam Games\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{2C682577-44B4-4BE9-8394-A15F9E2647B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{1B528103-8F3A-47DA-8728-55234E83EB8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FD445AB1-DD45-4F38-8B09-42E69CF1F2B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D5D8B023-C1C0-4A5C-90B5-99B206084065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{89E5C450-FCB2-4286-B99B-66EC0ABF8568}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{41A7C0EB-1E20-401D-95E0-1661CF11DC39}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B00DF8D-BFA3-4487-964D-E13A2D849BA4}] => (Allow) E:\Games\Steam Games\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{1FA62725-7C10-404F-9854-6F657B140E8A}] => (Allow) E:\Games\Steam Games\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{AF9FA7AD-AF00-45B4-9528-58A4AABDD994}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B0567C08-ABAB-4706-AFC2-7DBB3FF78446}] => (Allow) C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe
FirewallRules: [{45437D8A-DB9B-4E16-B77C-61B4D8CDEC79}] => (Allow) C:\Program Files (x86)\TP-LINK\USB Printer Controller\USB Printer Controller.exe
FirewallRules: [{D565B5A6-FD6B-449A-96F6-DBFFBA6EFCE2}] => (Allow) LPort=7437
FirewallRules: [{13F2ED5A-7C43-4601-951B-C914132B937F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{44EF860E-B345-4CEE-9532-49BFAC01F3B5}] => (Allow) E:\Games\Steam Games\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe
FirewallRules: [{7E0940E6-252D-4611-BFF1-672AFF30C108}] => (Allow) E:\Games\Steam Games\steamapps\common\Alien Swarm Reactive Drop\reactivedrop.exe
FirewallRules: [{082D1681-BE72-4818-A087-B1B872EF2FF4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CFB0732C-0C02-474B-82C0-31B9A490C5DB}] => (Allow) E:\Games\Steam Games\steamapps\common\Project Genom\ProjectGenom.exe
FirewallRules: [{0E97E7B4-1A72-4B08-8A7C-A4F463BF9C5F}] => (Allow) E:\Games\Steam Games\steamapps\common\Project Genom\ProjectGenom.exe
FirewallRules: [{ED58A78B-A65D-4328-9A1C-936411B5D215}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E90967C-B164-4585-BB0E-544FD355B7C1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A5B74939-737D-42AD-904B-5F7AE7518B59}] => (Allow) E:\Games\Steam Games\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{999C8447-B9E5-4A6D-929A-8E4E30C298C8}] => (Allow) E:\Games\Steam Games\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{2F1AA094-44B7-4291-8E4B-26D9F5548168}] => (Allow) E:\Games\Steam Games\steamapps\common\Defiance\Patcher.exe
FirewallRules: [{686127E2-170D-4FFF-A949-2E4CC177B67B}] => (Allow) E:\Games\Steam Games\steamapps\common\Defiance\Patcher.exe
FirewallRules: [{4FE50B92-CD74-4606-88E4-8CDF4435B3D4}] => (Allow) E:\Games\Steam Games\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{4069753B-B5B9-49BA-A2C5-4B494568EBFD}] => (Allow) E:\Games\Steam Games\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{4A445813-E394-4479-8CE9-E8E0ABB7C957}] => (Allow) E:\Games\Steam Games\steamapps\common\Call to Arms\call_to_arms.exe
FirewallRules: [{E2864E84-11DF-4446-8954-4B65479EB87B}] => (Allow) E:\Games\Steam Games\steamapps\common\Call to Arms\call_to_arms.exe
FirewallRules: [{39EC5A02-E1C6-4E67-9456-AD8FF43A9F3B}] => (Allow) E:\Games\Steam Games\steamapps\common\Call to Arms\call_to_arms_ed.exe
FirewallRules: [{30D8F6ED-B4C0-4AA6-89F4-9AE70D0AD8C5}] => (Allow) E:\Games\Steam Games\steamapps\common\Call to Arms\call_to_arms_ed.exe
FirewallRules: [{E0FB2C83-3BE9-42DB-8A87-ED3680949B7B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{74654D25-9E40-4D8C-B1A5-8E6B79EDAA72}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C6788973-A8F9-40EB-ADA0-CBA4E6C2E88B}] => (Allow) E:\Games\Steam Games\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{5516D1FA-199C-4EAF-BEEB-FCA9E370B4CA}] => (Allow) E:\Games\Steam Games\steamapps\common\Dead Space\Dead Space.exe
FirewallRules: [{85422D88-2385-4376-AEDF-CFA1B199E9CE}] => (Allow) E:\Games\Steam Games\steamapps\common\Dead Space 2\deadspace2.exe
FirewallRules: [{DEBF9DE1-FB82-479D-953E-A02D0CB67F0D}] => (Allow) E:\Games\Steam Games\steamapps\common\Dead Space 2\deadspace2.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2018 05:12:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/12/2018 05:12:29 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=4

Error: (03/11/2018 05:25:55 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/11/2018 05:25:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/11/2018 05:24:51 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/11/2018 10:40:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/11/2018 10:40:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (03/11/2018 10:39:48 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=3


System errors:
=============
Error: (03/12/2018 08:41:39 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CO73S96)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user DESKTOP-CO73S96\akoso SID (S-1-5-21-522091178-3401052546-1187609887-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 08:41:32 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CO73S96)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user DESKTOP-CO73S96\akoso SID (S-1-5-21-522091178-3401052546-1187609887-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 08:41:26 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CO73S96)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
 and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
 to the user DESKTOP-CO73S96\akoso SID (S-1-5-21-522091178-3401052546-1187609887-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 05:47:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 05:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 05:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 05:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/12/2018 05:11:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-03-09 22:48:11.807
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {526A5C86-72F2-4BBE-811A-91E1D97C0029}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-01-26 10:07:24.085
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.287.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help.

Date: 2018-01-26 10:07:24.085
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help.

Date: 2018-01-26 10:07:23.313
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.287.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help.

Date: 2018-01-26 10:07:23.313
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.287.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help.

Date: 2018-01-26 10:07:23.313
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.287.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x800704e8
Error description: The remote system is not available. For information about network troubleshooting, see Windows Help.

CodeIntegrity:
===================================

Date: 2018-03-12 20:55:45.279
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 20:10:21.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 19:10:21.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 19:10:21.280
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 18:55:03.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 18:44:55.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 18:34:47.470
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

Date: 2018-03-12 18:13:46.841
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

Processor: Intel® Core™ i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 42%
Total physical RAM: 8147.02 MB
Available physical RAM: 4687.98 MB
Total Virtual: 11987.02 MB
Available Virtual: 6518.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:15.26 GB) NTFS
Drive e: () (Fixed) (Total:1396.77 GB) (Free:193.37 GB) NTFS

\\?\Volume{d1cb96ff-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{f708053c-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: D1CB96FF)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1396.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: F708053C)
Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== End of Addition.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 Android8888

Android8888

  • Malware Response Team
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:37 AM

Posted 12 March 2018 - 08:04 PM

Hello Ritoaniajin and :welcome: to Bleeping Computer!

My screen name is Android8888 but if you wish you can call me Rui which is my real name. I will be helping you with your malware issues. Please ask questions if anything is unclear.

Some set of instructions may be long or you can stay without Internet connection for a while so I suggest printing out each set of instructions or copy them to a Notepad file and reading the entire post before proceeding. It will make following them easier.

Please read the instructions carefully and follow the directions in the order listed.

Make sure to run all tools from the computer's Desktop and with Administrator privileges (i.e. right-click the tool icon and select Run as administrator).

Please run one scan at a time.

Once started the malware removal process has to be completed in order to ensure the success of the clean-up. Even if your computer appears to be running better after performing a first set of instructions, it may still be infected as some infections are difficult to remove and can leave remnants on the System. Please consider it clean and safe only when I declare it free of malware.


Going over your logs I noticed that you have uTorrent installed.
In many cases P2P programs also represent a risk of infection from the program itself, as some have installed adware/spyware, or other programs without consent. Even if the program itself is clean, many P2P networks are riddled with malware, and it's often the newest, most difficult to remove malware. There are many risks associated with P2P programs, none are worth the risks. If you don't uninstall the P2P software, we will continue to clean your system, but realize that it's likely only a matter of time before you are infected again.
I would recommend that you uninstall Torrent, however that choice is up to you.
If you wish to keep it, please do not use it, and remove all files downloaded from it until your computer is cleaned!


The System Restore is disabled in your system and it should be enabled by default. It captures resident programs, their settings, and Windows Registry as an image and backs up a few things that are necessary to reconstruct the system drive to the point – if you opt to go back. Remember that it is better to have an infected Restore Point than none.

Please read the information on this link How To Turn On System Restore and enable System Restore.


Next,

Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST64.exe executable is located); DO NOT open or modify that file!
  • Attached File  fixlist.txt   1.74KB   2 downloads
  • Right-click on the FRST executable and select Run as Administrator;
  • Click on the Fix button;
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Please copy and paste the contents of Fixlog.txt in your next reply;

 

Next,

  • Download AdwCleaner and move it to your computer Desktop;
  • Right-click on AdwCleaner.exe and select Run as Administrator;
  • Accept the EULA (I accept), then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button;
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, please do it;
  • After the restart, a log will open when logging in.
  • Please copy and paste the content of that log in your next reply.

 

Next,

  • Download and install the free version of Malwarebytes;
  • Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button;
  • If it asks you to restart your computer to complete the removal, do so;
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard;
  • Please copy and paste the contents of that log in your next reply.

 

To summarize, please copy and paste the entire contents of the following logs:
Fixlog.txt
AdwCleaner clean log
that can be found in C:\AdwCleaner\AdwCleaner[Cx].txt
Malwarebytes log

Let me know how is the computer behaving now. Are there any redirects when navigating on the Internet?

Thank you.

Android8888
(Rui)


Proud graduate of SpywareInfo

Member of UNITE - Unified Network of Instructors and Trusted Eliminators

Website: http://android8888.comlu.com

Tavira - Here's where I live!


#3 Ritoaniajin

Ritoaniajin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 13 March 2018 - 03:02 PM

Hello Rui.

 

Thank you very much for the help.

I did everything that you said to do including deleting uTorrent.

 

After all the steps I tried to download some files that I know I could not and now I can :)

 

here are the log files.

Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 13.03.2018
Ran by akoso (13-03-2018 21:43:20) Run:1
Running from C:\Users\akoso\Desktop
Loaded Profiles: akoso (Available Profiles: akoso)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{b283b3f0-965d-4149-9f85-0cedbd2306eb}: [NameServer] 35.177.46.238,46.101.28.31,,192.168.0.1
Tcpip\..\Interfaces\{cd731e0d-c83a-471b-b7c6-aec5d613e600}: [NameServer] 35.177.46.238,46.101.28.31,
SearchScopes: HKU\S-1-5-21-522091178-3401052546-1187609887-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
SearchScopes: HKU\S-1-5-21-522091178-3401052546-1187609887-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE15
FF NewTabOverride: Mozilla\Firefox\Profiles\zd0of4xc.default -> Enabled: "id":"{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7
S3 GPUZ; \??\C:\Users\akoso\AppData\Local\Temp\GPUZ.sys [X] <==== ATTENTION
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Task: {00578DA1-7ABD-4D7E-8964-240C000175E0} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {421EA475-4C62-4545-BAF8-586F3F8781FC} - System32\Tasks\iSunshare SMS Mouse Attendance => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\iSunshare SMS Mouse Attendance\iSunshare SMS Mouse Attendance.dll",kpIlmRraSNaj <==== ATTENTION
AlternateDataStreams: C:\Users\akoso\AppData\Local\Temp:$DATA? [16]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
DNS Servers: 35.177.46.238 - 46.101.28.31
CMD: ipconfig /flushDNS
CMD: ipconfig /release
CMD: ipconfig /renew
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b283b3f0-965d-4149-9f85-0cedbd2306eb}\\NameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{cd731e0d-c83a-471b-b7c6-aec5d613e600}\\NameServer" => removed successfully
"HKU\S-1-5-21-522091178-3401052546-1187609887-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-522091178-3401052546-1187609887-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"Firefox NewTabOverride ("id":"{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7) " => removed successfully
"HKLM\System\CurrentControlSet\Services\GPUZ" => removed successfully
GPUZ => service removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00578DA1-7ABD-4D7E-8964-240C000175E0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00578DA1-7ABD-4D7E-8964-240C000175E0}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{421EA475-4C62-4545-BAF8-586F3F8781FC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{421EA475-4C62-4545-BAF8-586F3F8781FC}" => removed successfully
C:\WINDOWS\System32\Tasks\iSunshare SMS Mouse Attendance => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iSunshare SMS Mouse Attendance" => removed successfully
C:\Users\akoso\AppData\Local\Temp => ":$DATA?" ADS could not remove.
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
DNS Servers: 35.177.46.238 - 46.101.28.31 => Error: No automatic fix found for this entry.

========= ipconfig /flushDNS =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= ipconfig /release =========


Windows IP Configuration

No operation can be performed on Tunngle while it has its media disconnected.

Ethernet adapter Tunngle:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::4824:6d7d:c6f5:f3f0%11
   Default Gateway . . . . . . . . . :

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Tunngle while it has its media disconnected.

Ethernet adapter Tunngle:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::4824:6d7d:c6f5:f3f0%11
   IPv4 Address. . . . . . . . . . . : 192.168.0.106
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2c98:c58:3f57:ff95
   Link-local IPv6 Address . . . . . : fe80::2c98:c58:3f57:ff95%5
   Default Gateway . . . . . . . . . : ::

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 100534331 B
Java, Flash, Steam htmlcache => 218867073 B
Windows/system/drivers => 38632 B
Edge => 1125939 B
Chrome => 170051 B
Firefox => 407385642 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15802 B
NetworkService => 22880 B
akoso => 435618991 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-03-2018 21:45:25)


Result of scheduled keys to remove after reboot:

"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 21:45:25 ====

 

ADWCleaner:

 

# AdwCleaner 7.0.8.0 - Logfile created on Tue Mar 13 19:51:29 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-03-08.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1497 B] - [2018/2/27 20:44:22]
C:/AdwCleaner/AdwCleaner[C1].txt - [1503 B] - [2018/3/9 22:21:56]
C:/AdwCleaner/AdwCleaner[S0].txt - [1377 B] - [2018/2/27 20:44:3]
C:/AdwCleaner/AdwCleaner[S1].txt - [1079 B] - [2018/2/27 20:56:19]
C:/AdwCleaner/AdwCleaner[S2].txt - [1353 B] - [2018/3/9 22:21:47]


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

 

Malwarebytes:

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/13/18
Scan Time: 9:54 PM
Log File: 52f06fd0-26f8-11e8-84cc-3085a98e6b01.json
Administrator: Yes

-Software Information-
Version: 3.4.4.2398
Components Version: 1.0.322
Update Package Version: 1.0.4338
License: Trial

-System Information-
OS: Windows 10 (Build 16299.309)
CPU: x64
File System: NTFS
User: DESKTOP-CO73S96\akoso

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 304282
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 1 min, 25 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 2
Adware.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\BESTZIpperUnique, Quarantined, [355], [484522],1.0.4338
Adware.Tuto4PC, HKLM\SOFTWARE\MICROSOFT\BESTZIpperUnique, Quarantined, [355], [484522],1.0.4338

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Generic.Malware/Suspicious, C:\USERS\AKOSO\APPDATA\ROAMING\SKYPE\MY SKYPE RECEIVED FILES\DLL-FILES FIXER 3.3.90.0 FINAL.7Z, Quarantined, [0], [392686],1.0.4338

Physical Sector: 0
(No malicious items detected)


(end)



#4 Android8888

Android8888

  • Malware Response Team
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:37 AM

Posted 13 March 2018 - 06:27 PM

Hello Ritoaniajin,
 
You're most welcome!
 
I'm glad to know that you were able to download files you couldn't before. :thumbup2:
 
Now, please execute a final scan to search for leftovers with ESET Online Scanner. This is a very thorough scan and can take several hours to complete so please be patient. Let it run until it finishes.
 
Please scan your computer with ESET Online Scanner.

  • Click on this link to open ESET Online Scanner in a new window.
    • Click on the Scan Now button to download the esetonlinescanner_enu.exe file and save it to your computer Desktop.
    • Close all your programs and browsers and disconnect any USB flash drives from the computer.
    • Please disable your antivirus program to avoid potential conflicts, improve the performance and speed up the scan.
    • Right-click on esetonlinescanner_enu.exe and select Run as administrator.
    • Click Yes to accept the User Account Control security warning that may appear. It will open a window with the Terms of Use.
  • Click the Accept button.
  • Under Computer scan settings, check mark Enable detection of potentially unwanted applications.
  • Then click Advanced settings and check mark the following options:
    • Enable detection of potentially unsafe applications
    • Clean threats automatically
  • Click the Scan button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats.
  • Click Export, and save the file to your Desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Note: If nothing is found, it will not produce a log.

Re-enable your antivirus program.
 
Please post the contents of the ESET log (if it produced one) and let me know how is the computer behaving at this point. Are there any issues or concerns with the computer?
 
Thank you.
 
Android8888
(Rui)


Proud graduate of SpywareInfo

Member of UNITE - Unified Network of Instructors and Trusted Eliminators

Website: http://android8888.comlu.com

Tavira - Here's where I live!


#5 Ritoaniajin

Ritoaniajin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 14 March 2018 - 01:29 AM

Hello Rui,

 

I will do these following steps a bit later in the day.

However I wanted to ask you something. 

In the end of you last post you said to "Re-enable your antivirus program."

Did you mean ESET or some other? I do not have any installed at the moment. 

Because when this issue first happened and my antivirus at the time (Kaspersky free) could not help. (Neither did some of the malware / adware cleaners) I contacted Microsoft support.

They told me that Windows Defender is enough and that anti-virus programs just hinder it's performance.

 

If you believe that anti-virus is a must which one would you recommend? It can be free and I also could pay for it if it is not very expensive...

Since I mostly use my PC for gaming and movies and there is no sensitive data that I critically need to protect I am not really willing to pay 70$ or more for anti-virus.

Especially if it is true that it hinders the Windows Defender.

 

Either way... I will update you with ESET scan log (if one is produced) after about 12 hours. (or if the scan takes all night then tomorrow).



#6 Android8888

Android8888

  • Malware Response Team
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:37 AM

Posted 14 March 2018 - 12:23 PM

Hello Ritoaniajin.

 

 

Did you mean ESET or some other? I do not have any installed at the moment. 

Because when this issue first happened and my antivirus at the time (Kaspersky free) could not help. (Neither did some of the malware / adware cleaners) I contacted Microsoft support.

They told me that Windows Defender is enough and that anti-virus programs just hinder it's performance.

I meant your installed Antivirus which is Windows Defender. The fact is that ESET will detect your installed Antivirus and can conflict with it if it is enabled. You can read here how to temporarily disable Windows Defender Real-Time Protection while you are running the scan with ESET Online Scanner.

 

 

 

If you believe that anti-virus is a must which one would you recommend? It can be free and I also could pay for it if it is not very expensive...

Since I mostly use my PC for gaming and movies and there is no sensitive data that I critically need to protect I am not really willing to pay 70$ or more for anti-virus.

Especially if it is true that it hinders the Windows Defender.

Windows Defender is the default Antivirus program that comes built-in on Windows Operating System and is a good Antivirus program. In Windows 8 and Windows 10, Windows Defender is 'on' by default. It switches itself 'off' upon installation of a third-party anti-virus package.

 

 

 

Either way... I will update you with ESET scan log (if one is produced) after about 12 hours. (or if the scan takes all night then tomorrow).

Alright. As I mentioned before, the scan can take several hours to complete, so please be patient.


Proud graduate of SpywareInfo

Member of UNITE - Unified Network of Instructors and Trusted Eliminators

Website: http://android8888.comlu.com

Tavira - Here's where I live!


#7 Ritoaniajin

Ritoaniajin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 14 March 2018 - 12:51 PM

OK,

 

Scan complete:

 

C:\Users\akoso\Favorites\Links\????????.url    LNK/TrojanClicker.Agent.A trojan    cleaned by deleting
C:\Windows\System32\SppExtComObjHook.dll    a variant of Win64/HackKMS.I potentially unsafe application    cleaned by deleting

 

the \????????. was the word INTERNET only in russian.



#8 Android8888

Android8888

  • Malware Response Team
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:37 AM

Posted 14 March 2018 - 03:05 PM

Good! ESET found two threats and remove them. At this point I can say that your computer appears to be clean.

It's time to check for updates. Outdated programs contains security vulnerabilities that are exploited by malware in order to infect the computer without the user's knowledge. Usually this is one of the ways that more contributes to the infection of your computer.

I recommend you to run a program like Personal Software Inspector (PSI) or FileHippo Update Checker or UCheck to see what programs need to be updated.

After that you can delete the tools we used in the removal process by using DelFix.

Follow the instructions below to download and execute DelFix. This application will be removed by itself after running.

  • Download DelFix and move the executable to your Desktop;
  • Right-click on DelFix.exe and select Run as Administrator;
  • Check the following options :
    • Remove disinfection tools (this option will remove the tools used in the cleaning process).
    • Create registry backup (this option will create a backup from the Windows Registry).
    • Purge system restore (this option will remove all previous and possibly infected restore points, and will create a new and clean restore point of your system).
  • Once the options mentioned above are checked, click on Run;
  • After DelFix is done running, a log will open. I don't need to see that log. Just close and delete it.

 

Coming to this point please let me know how is the computer running. Are there any issues or concerns with the computer?


Proud graduate of SpywareInfo

Member of UNITE - Unified Network of Instructors and Trusted Eliminators

Website: http://android8888.comlu.com

Tavira - Here's where I live!


#9 Ritoaniajin

Ritoaniajin
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 14 March 2018 - 04:14 PM

Hi,

 

Thank You again. Now the PC works very well.



#10 Android8888

Android8888

  • Malware Response Team
  • 84 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:07:37 AM

Posted 15 March 2018 - 04:35 PM

Hi,
 

Thank You again. Now the PC works very well.

You're welcome! I'm glad to know that. :) 
 
If all is well with your computer below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please consider using these ideas to help secure your computer.

Keep your Windows Operating System up-to-date.

Keep your Antivirus program up-to-date.

Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Keep Malwarebytes Anti-Malware (MBAM) update and perform a regular scan to your system as it will make it harder for malware to reside on your computer.
A tutorial on using MBAM can be found here and a complete guide here

Please Note: Only the paid for version has real time capabilities. Please go here and scroll down to find a comparison list of the two versions.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure.

A similar category of programs is now called "scareware". Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Another most feared threat at the moment is an infection by a Ransomware. A Ransomware infection is a program that ransoms the data or functionality of your computer until you perform an action. This action is typically to pay a ransom in the form of Bitcoins or another payment method. I advise you to read more info on this terrible threat here and here.

Please keep your programs up to date. This also applies to all your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC.

Run a program like Personal Software Inspector (PSI) or FileHippo Update Checker or UCheck to see what programs need to be updated.

Be careful with flash drives, as they can spread infections. See this post on USB/flash drive safety.

Stay away from P2P software; even with a clean P2P program, their networks are often riddled with malware.

Don't click on attachments or links in e-mail, and read your e-mail in text-only mode for the highest safety.

Don't click on links received in instant message programs.

A HOSTS file will prevent Internet Explorer from communicating with sites known to be associated with adware or spyware. A good regularly updated HOST file is MVPS HOSTS File, available here

For much more useful and complete information, please read the following links to fully understand PC Security and Best Practices:
How did I get infected in the first place
Answers to common security questions - Best Practices

Hopefully these steps will help to keep you error and malware free. If you run into more difficulty, we will certainly do what we can to help.

Happy surfing and stay safe out there. :thumbup2:

Android8888

(Rui)


Proud graduate of SpywareInfo

Member of UNITE - Unified Network of Instructors and Trusted Eliminators

Website: http://android8888.comlu.com

Tavira - Here's where I live!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users