Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bugbear worm suspected


  • Please log in to reply
18 replies to this topic

#1 bMoreBusy

bMoreBusy

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 June 2018 - 01:41 PM

Office setting; a formerly network-connected, now usb-connected printer/fax machine began spitting out pages this morning with seemingly random strings of symbols, one line (or part of one) at the top of each page, except for the first page. It reads at the top "MZ" then a bunch of symbols, the "This program cannot be run in DOS mode."

The googles led me to believe this is the old Bugbear Virus. We recently purchased a refurbished PC so I was concerned it may have come in on that. My biggest issue is that since we don't know which one it's on I'll have to post five versions of each set of logs.

 

In an effort to retain some semblance of sanity and organization, I will number each of the PCs and their corresponding logs when discussing them.


PC01

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by mdico (administrator) on QB-PC (15-06-2018 14:14:57)
Running from C:\Users\mdico\Downloads
Loaded Profiles: mdico & QBDataServiceUser28 (Available Profiles: mdico & QBDataServiceUser28)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxCUIService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intuit, Inc.) C:\Program Files (x86)\Intuit QuickBooks 2018\QBDBMgrN.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.10228.20003.0_x64__8wekyb3d8bbwe\onenoteim.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3102280769-3647621816-962142003-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1a8fef74-6d13-4ccc-a0c7-45ed59f8c819}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
 
FireFox:
========
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\GlanceGuest\npglance.dll [2017-12-18] (Glance Networks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default [2018-06-15]
CHR Extension: (Slides) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-29]
CHR Extension: (Docs) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-29]
CHR Extension: (Google Drive) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-29]
CHR Extension: (YouTube) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-29]
CHR Extension: (Sheets) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-29]
CHR Extension: (Google Docs Offline) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-29]
CHR Extension: (Glance Networks) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\gniobnbbehpgbcamkdplghfimhocklgb [2018-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-15]
CHR Extension: (Gmail) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\mdico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 QuickBooksDB28; C:\Program Files (x86)\Intuit QuickBooks 2018\QBDBMgrN.exe [467968 2017-08-11] (Intuit, Inc.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2018-01-31] (ASRock Incorporation)
S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2018-01-31] (ASRock Incorporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-15 14:14 - 2018-06-15 14:15 - 000009250 _____ C:\Users\mdico\Downloads\FRST.txt
2018-06-15 14:14 - 2018-06-15 14:14 - 000000000 ____D C:\FRST
2018-06-15 14:13 - 2018-06-15 14:13 - 002413056 _____ (Farbar) C:\Users\mdico\Downloads\FRST64.exe
2018-06-15 13:57 - 2018-06-15 13:58 - 077714448 _____ (Malwarebytes ) C:\Users\mdico\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5480.exe
2018-06-15 13:55 - 2018-06-15 14:01 - 000001160 _____ C:\Users\mdico\Desktop\BugbearRemovalLog.txt
2018-06-15 13:54 - 2018-06-15 13:55 - 000668792 _____ C:\Users\mdico\Downloads\bremove.exe
2018-06-13 11:27 - 2018-06-08 05:29 - 007520000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 11:27 - 2018-06-08 05:09 - 006569960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 11:26 - 2018-06-08 15:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 11:26 - 2018-06-08 15:05 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-13 11:26 - 2018-06-08 15:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 11:26 - 2018-06-08 15:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 11:26 - 2018-06-08 15:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-06-13 11:26 - 2018-06-08 15:01 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-06-13 11:26 - 2018-06-08 15:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 11:26 - 2018-06-08 14:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-06-13 11:26 - 2018-06-08 14:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-13 11:26 - 2018-06-08 14:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-13 11:26 - 2018-06-08 14:45 - 012712448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 11:26 - 2018-06-08 14:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 11:26 - 2018-06-08 14:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 11:26 - 2018-06-08 14:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 11:26 - 2018-06-08 14:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-13 11:26 - 2018-06-08 14:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 11:26 - 2018-06-08 14:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-13 11:26 - 2018-06-08 14:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-13 11:26 - 2018-06-08 14:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 11:26 - 2018-06-08 14:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 11:26 - 2018-06-08 14:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 11:26 - 2018-06-08 14:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 11:26 - 2018-06-08 14:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-06-13 11:26 - 2018-06-08 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-13 11:26 - 2018-06-08 14:43 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 11:26 - 2018-06-08 14:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-13 11:26 - 2018-06-08 14:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 11:26 - 2018-06-08 14:42 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 11:26 - 2018-06-08 14:42 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-13 11:26 - 2018-06-08 14:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 11:26 - 2018-06-08 14:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 11:26 - 2018-06-08 14:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 11:26 - 2018-06-08 14:41 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-13 11:26 - 2018-06-08 14:41 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 11:26 - 2018-06-08 14:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 11:26 - 2018-06-08 14:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 11:26 - 2018-06-08 14:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-06-13 11:26 - 2018-06-08 13:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 11:26 - 2018-06-08 12:58 - 002206544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-06-13 11:26 - 2018-06-08 12:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 11:26 - 2018-06-08 12:51 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 11:26 - 2018-06-08 12:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 11:26 - 2018-06-08 12:48 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 11:26 - 2018-06-08 12:48 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 11:26 - 2018-06-08 12:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-13 11:26 - 2018-06-08 12:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 11:26 - 2018-06-08 12:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 11:26 - 2018-06-08 12:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 11:26 - 2018-06-08 12:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-13 11:26 - 2018-06-08 12:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-13 11:26 - 2018-06-08 12:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 11:26 - 2018-06-08 12:46 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 11:26 - 2018-06-08 12:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-13 11:26 - 2018-06-08 12:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-13 11:26 - 2018-06-08 12:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 11:26 - 2018-06-08 12:05 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-13 11:26 - 2018-06-08 12:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 11:26 - 2018-06-08 10:00 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-13 11:26 - 2018-06-08 10:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 11:26 - 2018-06-08 06:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 11:26 - 2018-06-08 06:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 11:26 - 2018-06-08 06:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 11:26 - 2018-06-08 06:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 11:26 - 2018-06-08 06:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 11:26 - 2018-06-08 06:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-13 11:26 - 2018-06-08 06:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 11:26 - 2018-06-08 06:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 11:26 - 2018-06-08 06:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 11:26 - 2018-06-08 06:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 11:26 - 2018-06-08 05:34 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-13 11:26 - 2018-06-08 05:34 - 000983016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-13 11:26 - 2018-06-08 05:33 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-06-13 11:26 - 2018-06-08 05:33 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-13 11:26 - 2018-06-08 05:33 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-13 11:26 - 2018-06-08 05:33 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-13 11:26 - 2018-06-08 05:31 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-13 11:26 - 2018-06-08 05:31 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-13 11:26 - 2018-06-08 05:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-13 11:26 - 2018-06-08 05:30 - 009148320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 11:26 - 2018-06-08 05:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 11:26 - 2018-06-08 05:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 11:26 - 2018-06-08 05:30 - 000567184 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-06-13 11:26 - 2018-06-08 05:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-13 11:26 - 2018-06-08 05:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 11:26 - 2018-06-08 05:30 - 000491328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-13 11:26 - 2018-06-08 05:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 11:26 - 2018-06-08 05:30 - 000134584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 006817384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 004403280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 002836384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 002753048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-13 11:26 - 2018-06-08 05:29 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001946328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001921952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001611592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001457136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 11:26 - 2018-06-08 05:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001288816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001258288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-13 11:26 - 2018-06-08 05:29 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001150416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001148808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001112608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 000885880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000792992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-06-13 11:26 - 2018-06-08 05:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000413824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000413088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-13 11:26 - 2018-06-08 05:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-13 11:26 - 2018-06-08 05:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 11:26 - 2018-06-08 05:13 - 025846784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-13 11:26 - 2018-06-08 05:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-13 11:26 - 2018-06-08 05:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 11:26 - 2018-06-08 05:11 - 001461744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-13 11:26 - 2018-06-08 05:11 - 000550616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 002331584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-13 11:26 - 2018-06-08 05:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 001011992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-13 11:26 - 2018-06-08 05:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 006527064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 004788512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 002535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 002242216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001980872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001805776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001709720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001380200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001129648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 001020168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000988136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000770160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-13 11:26 - 2018-06-08 05:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 11:26 - 2018-06-08 05:04 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-13 11:26 - 2018-06-08 05:03 - 022005760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-13 11:26 - 2018-06-08 05:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-13 11:26 - 2018-06-08 05:03 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-13 11:26 - 2018-06-08 05:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-13 11:26 - 2018-06-08 05:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-13 11:26 - 2018-06-08 05:02 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 11:26 - 2018-06-08 05:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-06-13 11:26 - 2018-06-08 05:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-06-13 11:26 - 2018-06-08 05:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-13 11:26 - 2018-06-08 05:01 - 004563456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-13 11:26 - 2018-06-08 05:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 11:26 - 2018-06-08 05:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2018-06-13 11:26 - 2018-06-08 05:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 11:26 - 2018-06-08 05:00 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-06-13 11:26 - 2018-06-08 05:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-13 11:26 - 2018-06-08 05:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 11:26 - 2018-06-08 04:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 11:26 - 2018-06-08 04:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 11:26 - 2018-06-08 04:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-06-13 11:26 - 2018-06-08 04:58 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 11:26 - 2018-06-08 04:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-13 11:26 - 2018-06-08 04:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-13 11:26 - 2018-06-08 04:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 11:26 - 2018-06-08 04:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-13 11:26 - 2018-06-08 04:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-13 11:26 - 2018-06-08 04:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001371648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-13 11:26 - 2018-06-08 04:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-13 11:26 - 2018-06-08 04:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-13 11:26 - 2018-06-08 04:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-13 11:26 - 2018-06-08 04:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-13 11:26 - 2018-06-08 04:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 11:26 - 2018-06-08 04:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 11:26 - 2018-06-08 03:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-13 11:26 - 2018-06-06 14:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 11:26 - 2018-06-06 00:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 11:26 - 2018-06-01 19:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-13 11:26 - 2018-06-01 18:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 11:26 - 2018-05-24 23:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-13 11:26 - 2018-05-20 15:45 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 11:26 - 2018-05-20 15:43 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-13 11:26 - 2018-05-20 15:42 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-13 11:26 - 2018-05-20 15:42 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 11:26 - 2018-05-20 15:26 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-13 11:26 - 2018-05-20 15:23 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 11:26 - 2018-05-20 15:23 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-13 11:26 - 2018-05-20 15:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 11:26 - 2018-05-20 15:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 11:26 - 2018-05-20 15:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 11:26 - 2018-05-20 15:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-13 11:26 - 2018-05-20 15:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-13 11:26 - 2018-05-20 14:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-13 11:26 - 2018-05-20 14:14 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-13 11:26 - 2018-05-20 14:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-13 11:26 - 2018-05-20 14:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-13 11:26 - 2018-05-20 14:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-13 11:26 - 2018-05-20 13:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-13 11:26 - 2018-05-20 13:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-13 11:26 - 2018-05-20 12:59 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 11:26 - 2018-05-20 12:45 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 11:26 - 2018-05-20 12:39 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-13 11:26 - 2018-05-20 12:35 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-13 11:26 - 2018-05-20 12:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-13 11:26 - 2018-05-20 10:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-13 11:26 - 2018-05-20 08:33 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 11:26 - 2018-05-20 07:53 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 11:26 - 2018-05-20 07:53 - 001947808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-13 11:26 - 2018-05-20 07:53 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 11:26 - 2018-05-20 07:53 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-13 11:26 - 2018-05-20 07:53 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-13 11:26 - 2018-05-20 07:53 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-13 11:26 - 2018-05-20 07:52 - 007436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-13 11:26 - 2018-05-20 07:52 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 11:26 - 2018-05-20 07:52 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 11:26 - 2018-05-20 07:52 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-13 11:26 - 2018-05-20 07:52 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-13 11:26 - 2018-05-20 07:34 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 11:26 - 2018-05-20 07:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 11:26 - 2018-05-20 07:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 11:26 - 2018-05-20 07:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-13 11:26 - 2018-05-20 07:32 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-13 11:26 - 2018-05-20 07:32 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-13 11:26 - 2018-05-20 07:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-13 11:26 - 2018-05-20 07:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 11:26 - 2018-05-20 07:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 11:26 - 2018-05-20 07:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-13 11:26 - 2018-05-20 07:31 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-13 11:26 - 2018-05-20 07:30 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-13 11:26 - 2018-05-20 07:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 11:26 - 2018-05-20 07:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-13 11:26 - 2018-05-20 07:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 11:26 - 2018-05-20 07:27 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-13 11:26 - 2018-05-20 07:27 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-13 11:26 - 2018-05-20 07:26 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 11:26 - 2018-05-20 07:26 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-06-13 11:26 - 2018-05-20 07:26 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-13 11:26 - 2018-05-20 07:26 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-13 11:26 - 2018-05-20 07:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-13 11:26 - 2018-05-20 07:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-13 11:26 - 2018-05-20 07:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-13 11:26 - 2018-05-20 07:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-13 11:26 - 2018-05-20 07:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 11:26 - 2018-05-20 07:25 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-13 11:26 - 2018-05-20 07:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 11:26 - 2018-05-20 07:24 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-13 11:26 - 2018-05-20 07:24 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-13 11:26 - 2018-05-20 07:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 11:26 - 2018-05-20 07:23 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 11:26 - 2018-05-20 07:23 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-13 11:26 - 2018-05-20 07:23 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-13 11:26 - 2018-05-20 07:23 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-06-13 11:26 - 2018-05-20 07:21 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 11:26 - 2018-05-20 07:21 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-13 11:26 - 2018-05-20 07:21 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 11:26 - 2018-05-20 07:21 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-13 11:26 - 2018-05-20 07:21 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 11:26 - 2018-05-20 07:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 11:26 - 2018-05-20 07:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-13 11:26 - 2018-05-20 07:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 11:26 - 2018-05-20 07:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-13 11:26 - 2018-05-20 07:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 11:26 - 2018-05-20 07:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-13 11:26 - 2018-05-20 07:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-13 11:26 - 2018-05-20 07:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-13 11:26 - 2018-05-20 07:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 11:26 - 2018-05-20 07:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 11:26 - 2018-05-20 07:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-13 11:26 - 2018-05-20 07:12 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 11:26 - 2018-05-20 07:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-13 11:26 - 2018-05-20 07:11 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 11:26 - 2018-05-20 07:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 11:26 - 2018-05-20 04:26 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-13 11:26 - 2018-05-18 13:08 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-05 13:43 - 2018-06-05 13:43 - 000000000 ____D C:\ProgramData\Brother
2018-05-18 14:47 - 2018-05-18 14:48 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-18 14:47 - 2018-05-18 14:47 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-18 14:47 - 2018-05-18 14:47 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-18 14:46 - 2018-05-18 14:46 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-18 14:46 - 2018-05-18 14:46 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-18 14:46 - 2018-05-18 14:46 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-18 14:46 - 2018-05-18 14:46 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-18 14:46 - 2018-05-18 14:46 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-18 14:46 - 2018-05-18 14:46 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-18 14:46 - 2018-05-18 14:46 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2018-05-18 14:46 - 2018-05-18 14:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-18 14:46 - 2018-05-18 14:46 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-18 14:45 - 2018-05-18 14:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-18 14:45 - 2018-05-18 14:45 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-18 14:45 - 2018-05-18 14:45 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-18 14:45 - 2018-05-18 14:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-18 14:45 - 2018-05-18 14:45 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-18 14:45 - 2018-05-18 14:45 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-18 14:45 - 2018-05-18 14:45 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-05-18 14:45 - 2018-05-18 14:45 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-18 10:54 - 2018-06-13 17:42 - 000793700 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-18 10:53 - 2018-05-18 10:53 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-18 10:52 - 2018-05-18 10:52 - 000001417 _____ C:\Users\mdico\Desktop\Microsoft Edge.lnk
2018-05-18 10:52 - 2018-05-18 10:52 - 000000000 ____D C:\ProgramData\USOShared
2018-05-18 10:51 - 2018-06-13 17:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-18 10:51 - 2018-06-05 09:04 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3102280769-3647621816-962142003-1001
2018-05-18 10:51 - 2018-05-18 10:51 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-05-18 10:51 - 2018-05-18 10:51 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-05-18 10:51 - 2018-05-18 10:51 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 10:51 - 2018-05-18 10:51 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-18 10:51 - 2018-05-18 10:51 - 000000020 ___SH C:\Users\QBDataServiceUser28\ntuser.ini
2018-05-18 10:51 - 2018-05-18 10:51 - 000000020 ___SH C:\Users\mdico\ntuser.ini
2018-05-18 10:51 - 2018-05-18 10:51 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-3102280769-3647621816-962142003-1001
2018-05-18 10:50 - 2018-05-18 10:50 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-18 10:50 - 2018-04-11 19:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-18 10:49 - 2018-06-05 10:37 - 000000000 ____D C:\Users\QBDataServiceUser28
2018-05-18 10:49 - 2018-06-05 09:04 - 000002398 _____ C:\Users\mdico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-18 10:49 - 2018-05-18 10:51 - 000000000 ____D C:\Users\mdico
2018-05-18 10:49 - 2018-05-18 10:49 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-18 10:49 - 2018-04-11 19:34 - 000001105 _____ C:\Users\QBDataServiceUser28\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-18 10:49 - 2018-02-28 14:47 - 000136768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-05-18 10:49 - 2018-02-28 14:47 - 000111688 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-05-18 10:48 - 2018-06-15 13:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-18 10:48 - 2018-06-13 17:38 - 000233856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-15 10:38 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-15 04:20 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-15 04:20 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-14 03:21 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-13 17:38 - 2018-01-29 13:32 - 000000000 __SHD C:\Users\mdico\IntelGraphicsProfiles
2018-06-13 17:38 - 2018-01-29 13:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 17:38 - 2018-01-29 13:32 - 000000000 ___RD C:\Users\mdico\3D Objects
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-13 17:37 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-13 17:37 - 2018-04-11 19:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 17:37 - 2018-04-11 17:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-13 17:37 - 2018-04-11 17:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 11:27 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-13 11:26 - 2018-01-30 08:24 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 11:26 - 2018-01-30 08:24 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-13 11:26 - 2018-01-30 08:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-12 16:02 - 2018-01-29 13:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-12 16:02 - 2018-01-29 13:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-05 19:29 - 2018-04-11 19:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 19:29 - 2018-04-11 19:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-05 09:49 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-06-05 09:04 - 2018-01-29 13:34 - 000000000 ___RD C:\Users\mdico\OneDrive
2018-05-31 13:02 - 2018-02-19 09:23 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-20 13:22 - 2018-01-29 13:32 - 000000000 ____D C:\Users\mdico\AppData\Local\ConnectedDevicesPlatform
2018-05-19 04:21 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-18 14:48 - 2018-04-11 19:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-18 14:48 - 2018-04-11 19:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-18 14:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-18 14:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-18 14:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-18 14:48 - 2018-01-29 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2018-05-18 14:48 - 2018-01-29 13:30 - 000000000 ____D C:\Program Files\Intel
2018-05-18 14:48 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-18 14:47 - 2018-01-31 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-18 14:46 - 2018-04-12 05:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-18 14:46 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-18 14:46 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-18 14:46 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-18 14:46 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-18 14:45 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-18 11:08 - 2018-01-29 13:32 - 000000000 ____D C:\Users\mdico\AppData\Local\Packages
2018-05-18 11:07 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-05-18 10:51 - 2018-05-12 16:23 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-18 10:51 - 2018-04-11 19:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-05-18 10:51 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Registration
2018-05-18 10:51 - 2018-04-11 17:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-18 10:50 - 2018-04-11 19:38 - 000000000 __RHD C:\Users\Public\Libraries
 
==================== Files in the root of some directories =======
 
2018-01-29 14:14 - 2018-06-13 07:33 - 000216312 _____ () C:\Users\mdico\AppData\Roaming\QBFileDrTool.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-18 10:48
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by mdico (15-06-2018 14:15:13)
Running from C:\Users\mdico\Downloads
Windows 10 Home Version 1803 17134.112 (X64) (2018-05-18 14:51:45)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3102280769-3647621816-962142003-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3102280769-3647621816-962142003-503 - Limited - Disabled)
Guest (S-1-5-21-3102280769-3647621816-962142003-501 - Limited - Enabled)
mdico (S-1-5-21-3102280769-3647621816-962142003-1001 - Administrator - Enabled) => C:\Users\mdico
QBDataServiceUser28 (S-1-5-21-3102280769-3647621816-962142003-1002 - Limited - Enabled) => C:\Users\QBDataServiceUser28
WDAGUtilityAccount (S-1-5-21-3102280769-3647621816-962142003-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ASRRGBLED v1.0.33 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.33 - ASRock Inc.)
GlanceGuest version 3.7.2.11 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 3.7.2.11 - Glance Networks, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3102280769-3647621816-962142003-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
QuickBooks (HKLM-x32\...\{48011BF6-E0BC-4B49-9DCA-C7144EF0C01E}) (Version: 28.0.4001.2806 - Intuit Inc.) Hidden
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickBooks Server 2018 (HKLM-x32\...\{E62965C0-1C8D-4670-9BBB-58B28A33F32B}) (Version: 28.0.4001.2806 - Intuit Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Intel Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {088FC38D-6E8C-489F-8340-B20B626F0DD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {34722D70-2E39-418A-A69B-43870E77841D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-29] (Google Inc.)
Task: {40421228-4EA8-42CD-8498-D7C75C8DB653} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {4213152A-8421-460C-949F-7DC16CF60267} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-29] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {AC8D0CAC-7D3C-46EE-8838-DC410E360668} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {B2285B8D-F865-4390-9234-487E2FF2E46E} - System32\Tasks\S-1-5-21-3102280769-3647621816-962142003-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {CFA6A7B9-283A-4760-8A57-BCDCAC27ACB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-13 11:26 - 2018-06-08 04:56 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-22 16:04 - 2018-05-22 16:05 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-22 16:04 - 2018-05-22 16:05 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-22 16:04 - 2018-05-22 16:05 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-22 16:04 - 2018-05-22 16:05 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-22 16:04 - 2018-05-22 16:05 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-06-08 18:36 - 2018-06-08 18:38 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 18:36 - 2018-06-08 18:38 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-01-29 14:06 - 2018-01-29 14:08 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-03 22:43 - 2018-05-03 22:45 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 03:30 - 2018-04-05 03:33 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 18:36 - 2018-06-08 18:38 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 18:36 - 2018-06-08 18:38 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-30 06:54 - 2018-05-30 06:56 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-08 18:36 - 2018-06-08 18:38 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-19 21:15 - 2018-05-19 21:16 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-05-07 20:49 - 2018-05-07 20:49 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-13 17:42 - 2018-04-13 17:44 - 001922232 _____ () C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.10228.20003.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-06-12 16:02 - 2018-06-12 01:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-12 16:02 - 2018-06-12 01:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-06-13 11:26 - 2018-05-20 07:22 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2017-09-29 09:44 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3102280769-3647621816-962142003-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3102280769-3647621816-962142003-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{D6EB1F0C-CA51-4C2B-86F9-E30403B11BFF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
FirewallRules: [{B4FDF523-2CF9-4360-9037-26BBBA97F97A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
FirewallRules: [{0B6A78FA-D691-4F5E-9598-8F9D335761A2}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe
FirewallRules: [{1BB7A786-1D37-46A3-85E7-5A15B9D826C5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\qblaunch.exe
FirewallRules: [{8C052FFC-44A3-4DFD-9C67-94F82A5F5110}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\filemanagement.exe
FirewallRules: [{E93F91E1-08CB-459C-BBA5-620DE4302DFE}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\filemanagement.exe
FirewallRules: [{504CC511-3472-4334-8635-C9A1BA6C285C}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\dbmanagerexe.exe
FirewallRules: [{473FC6D4-D56B-460E-A5C6-6D97AD2F0C61}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\dbmanagerexe.exe
FirewallRules: [{5954F4CC-7CED-4433-A106-348FEC4BAF13}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\qbw32.exe
FirewallRules: [{F24ED081-F103-4471-9B2A-F604728779CD}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\qbw32.exe
FirewallRules: [{4FD0448B-562C-40D0-8EAF-7179E46019EE}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\qbdbmgrn.exe
FirewallRules: [{436FD3B8-51E6-48AF-A9C0-A5BA45FB0F16}] => (Allow) C:\Program Files (x86)\Intuit QuickBooks 2018\qbdbmgrn.exe
FirewallRules: [{CF3A9659-0F63-4C42-86EF-48DB410B2163}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
27-05-2018 14:54:20 Scheduled Checkpoint
05-06-2018 13:43:34 Windows Update
13-06-2018 11:26:06 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/11/2018 04:21:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QBCFMonitorService.exe, version: 28.0.4001.0, time stamp: 0x598caabb
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x149ab0fd
Exception code: 0xe0434352
Fault offset: 0x0010d722
Faulting process id: 0x1b20
Faulting application start time: 0x01d4018f5e033e9e
Faulting application path: C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 03232c2a-e90e-4426-aea7-60005cb4d5b4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/11/2018 04:21:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: QBCFMonitorService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.File.InternalDelete(System.String, Boolean)
   at System.IO.File.Delete(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.DeleteNdFile(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.OnDeleted(System.Object, System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.OnDeleted(System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
   at System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (06/11/2018 10:01:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QBCFMonitorService.exe, version: 28.0.4001.0, time stamp: 0x598caabb
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x149ab0fd
Exception code: 0xe0434352
Fault offset: 0x0010d722
Faulting process id: 0x1c68
Faulting application start time: 0x01d3ff265a9a396b
Faulting application path: C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6db62c6d-3926-43e0-8eb5-972a7c4d8b7b
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/11/2018 10:01:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: QBCFMonitorService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.File.InternalDelete(System.String, Boolean)
   at System.IO.File.Delete(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.DeleteDSNFile(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.OnDeleted(System.Object, System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.OnDeleted(System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
   at System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (06/07/2018 04:54:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QBCFMonitorService.exe, version: 28.0.4001.0, time stamp: 0x598caabb
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x149ab0fd
Exception code: 0xe0434352
Fault offset: 0x0010d722
Faulting process id: 0x1bbc
Faulting application start time: 0x01d3fdb09f6816e8
Faulting application path: C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 824fddd8-3cca-4c35-825c-7ba90ba70807
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/07/2018 04:54:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: QBCFMonitorService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.File.InternalDelete(System.String, Boolean)
   at System.IO.File.Delete(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.DeleteNdFile(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.OnDeleted(System.Object, System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.OnDeleted(System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
   at System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
Error: (06/04/2018 12:01:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QBCFMonitorService.exe, version: 28.0.4001.0, time stamp: 0x598caabb
Faulting module name: KERNELBASE.dll, version: 10.0.17134.1, time stamp: 0x149ab0fd
Exception code: 0xe0434352
Fault offset: 0x0010d722
Faulting process id: 0x428
Faulting application start time: 0x01d3f8dda8e0993d
Faulting application path: C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 1e7f5ecd-ab23-4237-96d1-a084fa0ab757
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/04/2018 12:01:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: QBCFMonitorService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.File.InternalDelete(System.String, Boolean)
   at System.IO.File.Delete(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.DeleteNdFile(System.String)
   at Intuit.SBM.DataHelper.CFScan.CFWatcher.OnDeleted(System.Object, System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.OnDeleted(System.IO.FileSystemEventArgs)
   at System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
   at System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
   at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
 
 
System errors:
=============
Error: (06/15/2018 01:52:36 PM) (Source: DCOM) (EventID: 10016) (User: QB-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user QB-PC\mdico SID (S-1-5-21-3102280769-3647621816-962142003-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:40:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:40:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:37:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Update Orchestrator Service service terminated with the following error: 
This operation returned because the timeout period expired.
 
Error: (06/13/2018 12:18:08 PM) (Source: DCOM) (EventID: 10016) (User: QB-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user QB-PC\mdico SID (S-1-5-21-3102280769-3647621816-962142003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 08:17:09 AM) (Source: DCOM) (EventID: 10016) (User: QB-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user QB-PC\mdico SID (S-1-5-21-3102280769-3647621816-962142003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/11/2018 04:21:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The QBCFMonitorService service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (06/11/2018 12:18:37 PM) (Source: DCOM) (EventID: 10016) (User: QB-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user QB-PC\mdico SID (S-1-5-21-3102280769-3647621816-962142003-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-06-06 10:46:14.903
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.698.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help. 
 
Date: 2018-06-03 13:12:50.840
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.518.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-7600K CPU @ 3.80GHz
Percentage of memory in use: 23%
Total physical RAM: 16079.22 MB
Available physical RAM: 12223.7 MB
Total Virtual: 18511.22 MB
Available Virtual: 14255.44 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.29 GB) (Free:199.58 GB) NTFS
 
\\?\Volume{f50f018c-efdf-41ae-a744-7c79b3cca5d9}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.11 GB) NTFS
\\?\Volume{3146d524-632a-4f33-980f-099471c967df}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 

It will take a little bit for PC02, as I've disconnected it from the network, so I need to transfer both the scan utility onto it and the reports off of it by thumbdrive.



BC AdBot (Login to Remove)

 


#2 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 15 June 2018 - 01:55 PM

Logs from PC02 (this is the recent refurb one which was USB connected to the printer in question)
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by DiComo (administrator) on DESKTOP-T376LOA (15-06-2018 14:48:33)
Running from C:\Users\DiComo\Desktop
Loaded Profiles: DiComo (Available Profiles: DiComo)
Platform: Windows 10 Pro Version 1709 16299.492 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdatesvr.exe
(Elavon) C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(RDM Corporation) C:\Program Files (x86)\RDM Corporation\Check Imaging\SCI\Service\RdmScannerService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\RDMAppman.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
() C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\RDMAppweb.exe
(Elavon) C:\Program Files (x86)\Elavon\ConvergeConnect\CWSWrapper.exe
(Oracle Corporation) C:\Program Files (x86)\Elavon\ConvergeConnect\jre7\bin\java.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Elavon) C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectAdmin.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\DiComo\Desktop\Virus assessment\bremove.exe
(Networks Associates Technology, Inc) C:\Users\DiComo\AppData\Local\Temp\WZSE0.TMP\VREMTOOL.EXE
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2917632 2015-05-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-06-06]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-06-06]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-06-06]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2018\QBW32.EXE (Intuit Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{64e850ca-2fcd-4ba0-bdb1-d6105c7c686c}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2018-04-27] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
 
Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-06-06]
 
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aijAFC8; C:\Program Files (x86)\Payment Terminal\Updater.exe [723576 2017-02-24] (Verosa, LLC.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., Ltd.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ConvergeConnectService; C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectService.exe [52224 2018-02-23] (Elavon) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329192 2016-06-02] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdatesvr.exe [133376 2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
R3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2017-08-11] (Intuit Inc.) [File not signed]
R2 RDMAppweb; C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\rdmappman.exe [16896 2017-04-24] () [File not signed]
R2 RdmScannerService; C:\Program Files (x86)\RDM Corporation\Check Imaging\SCI\Service\RDMScannerService.exe [20992 2017-04-28] (RDM Corporation) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-06] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-06] (Microsoft Corporation)
S3 wpscloudsvr; C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [22864 2016-10-27] (OSR Open Systems Resources, Inc.)
R3 Ingenico_enum; C:\Windows\System32\drivers\Ingenico_enum.sys [79872 2013-02-14] (Jungo)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
R1 MpKsl8f0cad73; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{57DB54E7-4CD5-44F7-8B57-00718D897943}\MpKsl8f0cad73.sys [58120 2018-06-15] (Microsoft Corporation)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-06-06] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [313384 2018-06-06] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-06] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-15 14:48 - 2018-06-15 14:48 - 000012951 _____ C:\Users\DiComo\Desktop\FRST.txt
2018-06-15 14:48 - 2018-06-15 14:48 - 000000000 ____D C:\FRST
2018-06-15 14:48 - 2018-06-15 14:13 - 002413056 _____ (Farbar) C:\Users\DiComo\Desktop\FRST64.exe
2018-06-15 13:28 - 2018-06-15 13:41 - 000001160 _____ C:\Users\DiComo\Desktop\BugbearRemovalLog.txt
2018-06-15 13:01 - 2018-06-15 13:42 - 000000000 ____D C:\Users\DiComo\Desktop\Virus assessment
2018-06-13 11:10 - 2018-06-08 13:26 - 021754880 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-06-13 11:10 - 2018-06-08 13:26 - 017084928 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-06-13 11:10 - 2018-06-08 13:03 - 003331520 _____ C:\Windows\system32\Windows.Mirage.dll
2018-06-13 11:10 - 2018-06-08 12:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-06-13 11:10 - 2018-06-08 12:58 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2018-06-13 11:10 - 2018-06-08 07:42 - 002491120 _____ C:\Windows\SysWOW64\Windows.Mirage.dll
2018-06-13 11:10 - 2018-06-08 07:41 - 000618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 11:10 - 2018-06-08 03:36 - 001568160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-06-13 11:10 - 2018-06-08 03:36 - 000137120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-06-13 11:10 - 2018-06-08 03:35 - 001093040 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 11:10 - 2018-06-08 03:35 - 000924656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-06-13 11:10 - 2018-06-08 03:35 - 000300448 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-06-13 11:10 - 2018-06-08 03:35 - 000069536 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-06-13 11:10 - 2018-06-08 03:34 - 000748472 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-06-13 11:10 - 2018-06-08 03:34 - 000423352 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 002002336 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-06-13 11:10 - 2018-06-08 03:33 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-06-13 11:10 - 2018-06-08 03:33 - 001056184 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-06-13 11:10 - 2018-06-08 03:33 - 000608160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000461216 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000269720 _____ C:\Windows\system32\FaceProcessorCore.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000035232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-06-13 11:10 - 2018-06-08 03:32 - 001638432 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000664992 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000272288 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-06-13 11:10 - 2018-06-08 03:30 - 008594848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 11:10 - 2018-06-08 03:30 - 002514944 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 11:10 - 2018-06-08 03:30 - 001953544 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 11:10 - 2018-06-08 03:30 - 001416360 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 11:10 - 2018-06-08 03:29 - 002395040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 11:10 - 2018-06-08 03:29 - 001849760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-06-13 11:10 - 2018-06-08 03:29 - 001210272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 11:10 - 2018-06-08 03:29 - 000937376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2018-06-13 11:10 - 2018-06-08 03:29 - 000028576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2018-06-13 11:10 - 2018-06-08 03:27 - 001173584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 11:10 - 2018-06-08 03:27 - 000377760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-06-13 11:10 - 2018-06-08 03:26 - 000712456 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 11:10 - 2018-06-08 03:26 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-06-13 11:10 - 2018-06-08 03:25 - 003903784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-06-13 11:10 - 2018-06-08 03:25 - 000525728 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2018-06-13 11:10 - 2018-06-08 03:24 - 007675792 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 006282280 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 003009736 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 002711248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 001488288 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 001029536 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 000967584 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2018-06-13 11:10 - 2018-06-08 03:24 - 000891808 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2018-06-13 11:10 - 2018-06-08 03:24 - 000247712 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 021357336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 004486400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 002472888 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 002412688 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 000824904 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 000706464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 000677304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 11:10 - 2018-06-08 03:23 - 000137552 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 006791992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 003180176 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 001358496 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 001269640 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 000688072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 000093624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 000054376 _____ (Microsoft Corporation) C:\Windows\system32\kernel.appcore.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 007385096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 004507096 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 001779960 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 001206104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 000594080 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 000260904 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 11:10 - 2018-06-08 03:20 - 001101216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-06-13 11:10 - 2018-06-08 02:26 - 025256960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-06-13 11:10 - 2018-06-08 02:21 - 001931256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 11:10 - 2018-06-08 02:21 - 001614168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 11:10 - 2018-06-08 02:21 - 000777912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 11:10 - 2018-06-08 02:19 - 001433360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2018-06-13 11:10 - 2018-06-08 02:18 - 000212920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-06-13 11:10 - 2018-06-08 02:18 - 000097160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 11:10 - 2018-06-08 02:10 - 003485400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2018-06-13 11:10 - 2018-06-08 02:10 - 002338272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-06-13 11:10 - 2018-06-08 02:10 - 001124768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 017161216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 006092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 002993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 002193688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 000832952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2018-06-13 11:10 - 2018-06-08 02:09 - 000791968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2018-06-13 11:10 - 2018-06-08 02:09 - 000592800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 000098304 _____ C:\Windows\system32\runexehelper.exe
2018-06-13 11:10 - 2018-06-08 02:08 - 020290256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 003979696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 003663360 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-06-13 11:10 - 2018-06-08 02:08 - 001990672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 001075984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 000640024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 000543920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 002386320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000975360 _____ C:\Windows\system32\FaceProcessor.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-06-13 11:10 - 2018-06-08 02:07 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000047608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel.appcore.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 006481096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 006015208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 004668688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 002890240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 001524784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 001131696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 000551696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 000129208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 11:10 - 2018-06-08 02:05 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 11:10 - 2018-06-08 02:05 - 000331264 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2018-06-13 11:10 - 2018-06-08 02:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\hidparse.sys
2018-06-13 11:10 - 2018-06-08 02:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 11:10 - 2018-06-08 02:05 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\GamePanelExternalHook.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 001925120 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-06-13 11:10 - 2018-06-08 02:03 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-06-13 11:10 - 2018-06-08 02:03 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-06-13 11:10 - 2018-06-08 02:03 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 001498112 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 023678464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000623616 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 11:10 - 2018-06-08 02:00 - 012833792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 003180032 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 001495552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 008432640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 003124224 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 002596352 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2018-06-13 11:10 - 2018-06-08 01:59 - 001297920 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2018-06-13 11:10 - 2018-06-08 01:59 - 001116672 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 001043968 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 008068608 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 004723712 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 002211840 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 002083840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 11:10 - 2018-06-08 01:57 - 004772352 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 002628608 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 002086400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-06-13 11:10 - 2018-06-08 01:57 - 001812992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001597952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001345024 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001238016 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001135104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 000808960 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 002528768 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 000969728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-13 11:10 - 2018-06-08 01:55 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-06-13 11:10 - 2018-06-08 01:53 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2018-06-13 11:10 - 2018-06-08 01:52 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-06-13 11:10 - 2018-06-08 01:52 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-06-13 11:10 - 2018-06-08 01:52 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-06-13 11:10 - 2018-06-08 01:46 - 002393600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 000309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-06-13 11:10 - 2018-06-08 01:45 - 018930688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-06-13 11:10 - 2018-06-08 01:45 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2018-06-13 11:10 - 2018-06-08 01:44 - 019358720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 11:10 - 2018-06-08 01:44 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-06-13 11:10 - 2018-06-08 01:43 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 11:10 - 2018-06-08 01:43 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2018-06-13 11:10 - 2018-06-08 01:42 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 013704704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 011924992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 000372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 001277440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 000293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000963584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2018-06-13 11:10 - 2018-06-08 01:39 - 000941568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-06-13 11:10 - 2018-06-08 01:38 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 11:10 - 2018-06-08 01:38 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 11:10 - 2018-06-08 01:38 - 000235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 11:10 - 2018-06-08 01:36 - 006060032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-06-13 11:10 - 2018-06-08 01:36 - 003662848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 007812608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 004384768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 002868736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 002014720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 11:10 - 2018-06-08 01:35 - 001565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 001474560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 000955392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 000935424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 000891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-13 11:10 - 2018-06-08 01:34 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll
2018-06-13 11:10 - 2018-05-12 09:57 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\HolographicRuntimes.dll
2018-06-13 11:10 - 2018-05-12 09:56 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-06-13 11:10 - 2018-05-12 09:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2018-06-13 11:10 - 2018-05-12 09:55 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-06-13 11:10 - 2018-05-12 09:53 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-06-13 11:10 - 2018-05-12 09:52 - 000421376 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2018-06-13 11:10 - 2018-05-12 09:52 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\SpatialStore.dll
2018-06-13 11:10 - 2018-05-11 19:15 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-06-13 11:10 - 2018-05-11 19:15 - 000128408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-06-13 11:10 - 2018-05-11 19:14 - 000373656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-06-13 11:10 - 2018-05-11 19:14 - 000082840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-06-13 11:10 - 2018-05-11 19:10 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-06-13 11:10 - 2018-05-11 19:10 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-06-13 11:10 - 2018-05-11 19:10 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-06-13 11:10 - 2018-05-11 19:09 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-06-13 11:10 - 2018-05-11 19:09 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-06-13 11:10 - 2018-05-11 19:08 - 000757792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-06-13 11:10 - 2018-05-11 19:08 - 000428440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-06-13 11:10 - 2018-05-11 19:08 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-06-13 11:10 - 2018-05-11 19:07 - 002711168 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2018-06-13 11:10 - 2018-05-11 19:07 - 002268024 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 19:07 - 001506200 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-06-13 11:10 - 2018-05-11 19:07 - 001084736 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001778584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001628056 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001420696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001051544 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000963992 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000831384 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000819096 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2018-06-13 11:10 - 2018-05-11 19:05 - 000813976 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000744856 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000670104 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000645528 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000616792 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-06-13 11:10 - 2018-05-11 19:05 - 000495000 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000397720 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000231320 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2018-06-13 11:10 - 2018-05-11 17:54 - 003198464 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2018-06-13 11:10 - 2018-05-11 17:54 - 001300992 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 002462704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 001456104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 001033576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 001017048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:52 - 000909312 _____ (Microsoft Corporation) C:\Windows\system32\PayloadRestrictions.dll
2018-06-13 11:10 - 2018-05-11 17:52 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2018-06-13 11:10 - 2018-05-11 17:52 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-13 11:10 - 2018-05-11 17:51 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\mmgaproxystub.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 002186240 _____ (Microsoft Corporation) C:\Windows\system32\mmgaclient.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\aadauthhelper.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 11:10 - 2018-05-11 17:49 - 001685504 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2018-06-13 11:10 - 2018-05-11 17:48 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-13 11:10 - 2018-05-11 17:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2018-06-13 11:10 - 2018-05-11 17:48 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2018-06-13 11:10 - 2018-05-11 17:48 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-06-13 11:10 - 2018-05-11 17:47 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2018-06-13 11:10 - 2018-05-11 17:46 - 000595456 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 11:10 - 2018-05-11 17:46 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2018-06-13 11:10 - 2018-05-11 17:45 - 000816128 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2018-06-13 11:10 - 2018-05-11 17:44 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-06-13 11:10 - 2018-05-11 17:42 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-06-13 11:10 - 2018-05-11 17:41 - 003630080 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-06-13 11:10 - 2018-05-11 17:40 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:40 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-13 11:10 - 2018-05-11 17:39 - 001717248 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-06-13 11:10 - 2018-05-11 17:38 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-06-13 11:10 - 2018-05-11 17:33 - 002762752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2018-06-13 11:10 - 2018-05-11 17:31 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PayloadRestrictions.dll
2018-06-13 11:10 - 2018-05-11 17:31 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-13 11:10 - 2018-05-11 17:31 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaproxystub.dll
2018-06-13 11:10 - 2018-05-11 17:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 001428480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaclient.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2018-06-13 11:10 - 2018-05-11 17:29 - 000268288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadauthhelper.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 11:10 - 2018-05-11 17:28 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2018-06-13 11:10 - 2018-05-11 17:28 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2018-06-13 11:10 - 2018-05-11 17:27 - 000236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2018-06-13 11:10 - 2018-05-11 17:26 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2018-06-13 11:10 - 2018-05-11 17:26 - 000243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2018-06-13 11:10 - 2018-05-11 17:20 - 003430400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-06-13 11:10 - 2018-05-11 17:20 - 000821248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:19 - 001353216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-06-11 16:21 - 2018-06-11 16:21 - 000000000 ____D C:\Users\DiComo\Documents\Backups
2018-06-11 11:36 - 2018-06-13 14:43 - 000000000 ____D C:\Users\DiComo\AppData\Local\Payment Terminal
2018-06-11 11:35 - 2018-06-13 14:46 - 000000000 ____D C:\ProgramData\Payment Terminal
2018-06-11 11:35 - 2018-06-11 11:35 - 000002075 _____ C:\Users\Public\Desktop\Payment Terminal.lnk
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Payment Terminal 17.2.1
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\Users\DiComo\AppData\Local\AdvinstAnalytics
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Payment Terminal
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\Program Files (x86)\Payment Terminal
2018-06-11 11:34 - 2018-06-11 11:34 - 000000000 ____D C:\Users\DiComo\AppData\Local\Downloaded Installations
2018-06-11 11:33 - 2018-06-11 11:33 - 000000000 ____D C:\Users\DiComo\AppData\Local\GoToAssist Remote Support Customer
2018-06-11 11:33 - 2018-06-11 11:33 - 000000000 ____D C:\Users\DiComo\AppData\Local\GoTo Opener
2018-06-08 15:48 - 2018-06-08 15:48 - 000000000 ____D C:\Users\DiComo\AppData\Local\DBG
2018-06-08 14:14 - 2018-06-08 14:14 - 000000000 ___RD C:\Users\DiComo\AppData\Roaming\Brother
2018-06-08 14:14 - 2018-06-08 14:14 - 000000000 ____D C:\Users\DiComo\AppData\LocalLow\Brother
2018-06-08 13:16 - 2018-06-13 17:38 - 000000742 _____ C:\Windows\Tasks\WpsKtpcntrQingTask_DiComo.job
2018-06-08 13:16 - 2018-06-13 17:38 - 000000448 _____ C:\Windows\Tasks\WpsExternal_20180608131656.job
2018-06-08 13:16 - 2018-06-13 17:38 - 000000426 _____ C:\Windows\Tasks\WpsUpdateTask_DiComo.job
2018-06-08 13:16 - 2018-06-08 13:17 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\kingsoft
2018-06-08 13:16 - 2018-06-08 13:16 - 000003710 _____ C:\Windows\System32\Tasks\WpsKtpcntrQingTask_DiComo
2018-06-08 13:16 - 2018-06-08 13:16 - 000003482 _____ C:\Windows\System32\Tasks\WpsExternal_20180608131656
2018-06-08 13:16 - 2018-06-08 13:16 - 000003448 _____ C:\Windows\System32\Tasks\WpsUpdateTask_DiComo
2018-06-08 13:16 - 2018-06-08 13:16 - 000002448 _____ C:\Users\DiComo\Desktop\WPS Writer.lnk
2018-06-08 13:16 - 2018-06-08 13:16 - 000002446 _____ C:\Users\DiComo\Desktop\WPS Presentation.lnk
2018-06-08 13:16 - 2018-06-08 13:16 - 000002430 _____ C:\Users\DiComo\Desktop\WPS Spreadsheets.lnk
2018-06-08 13:16 - 2018-06-08 13:16 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2018-06-08 13:16 - 2018-06-08 13:16 - 000000000 ____D C:\Users\DiComo\AppData\Local\Kingsoft
2018-06-08 13:16 - 2018-06-08 13:16 - 000000000 ____D C:\ProgramData\kingsoft
2018-06-08 13:05 - 2018-06-08 13:06 - 085382200 _____ (Kingsoft Corp. Ltd.) C:\Users\DiComo\Downloads\setup_wps_office_2016_business.exe
2018-06-08 12:40 - 2018-06-11 10:40 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\ControlCenter4
2018-06-08 12:37 - 2018-06-08 12:37 - 000002139 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2018-06-08 12:37 - 2018-06-08 12:37 - 000000258 _____ C:\Windows\Brpfx04a.ini
2018-06-08 12:37 - 2018-06-08 12:37 - 000000066 _____ C:\Windows\Brfaxrx.ini
2018-06-08 12:37 - 2018-06-08 12:37 - 000000064 _____ C:\Windows\brpcfx.ini
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Users\Public\Documents\BrFaxRx
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\ProgramData\ControlCenter4
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Program Files (x86)\Browny02
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Brother
2018-06-08 12:37 - 2012-09-10 16:31 - 000245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2018-06-08 12:37 - 2012-07-31 03:39 - 001439744 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi209d.dll
2018-06-08 12:37 - 2012-07-09 17:19 - 000005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2018-06-08 12:37 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll
2018-06-08 12:37 - 2010-06-07 07:18 - 000050688 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi09d.dll
2018-06-08 12:37 - 2010-04-01 06:27 - 000278528 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2018-06-08 12:37 - 2010-03-15 19:45 - 000073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2018-06-08 12:37 - 2009-12-08 16:19 - 000290304 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrfxDA5c.dll
2018-06-08 12:37 - 2007-12-13 22:16 - 000005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2018-06-08 12:37 - 2003-11-28 18:57 - 000000000 _____ C:\Windows\brdfxspd.dat
2018-06-08 10:55 - 2018-06-08 10:55 - 000000593 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2018-06-08 10:55 - 2018-06-08 10:55 - 000000593 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2018-06-08 10:55 - 2018-06-08 10:55 - 000000590 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2018-06-08 10:46 - 2018-06-08 12:37 - 000000000 ____D C:\Program Files (x86)\Brother
2018-06-08 09:59 - 2018-06-08 09:59 - 000000000 ____D C:\Users\DiComo\Documents\Accounts Receivable
2018-06-08 09:55 - 2018-06-08 15:04 - 000000000 ____D C:\Users\DiComo\Documents\Reference Materials
2018-06-07 14:16 - 2018-06-05 19:24 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-07 14:16 - 2018-06-05 19:24 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-07 13:15 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\LocalLow\Adobe
2018-06-07 13:15 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\Local\CEF
2018-06-07 13:14 - 2018-06-07 13:15 - 000000000 ____D C:\ProgramData\Adobe
2018-06-07 13:14 - 2018-06-07 13:14 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-06-07 13:14 - 2018-06-07 13:14 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-06-07 13:14 - 2018-06-07 13:14 - 000002139 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-06-07 13:14 - 2018-06-07 13:14 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-06-07 13:12 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\Local\Adobe
2018-06-07 12:00 - 2018-06-07 12:00 - 000003324 _____ C:\Windows\System32\Tasks\ConvergeConnect
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elavon
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ingenico
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\ProgramData\Elavon
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\Program Files\DIFX
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\Program Files (x86)\RDM Corporation
2018-06-07 12:00 - 2017-04-28 15:45 - 000052632 _____ (Cypress Semiconductor) C:\Windows\SysWOW64\Drivers\RDMSIM.sys
2018-06-07 12:00 - 2017-04-28 15:45 - 000027704 _____ (RDM Corp.) C:\Windows\SysWOW64\Drivers\ustp2x64.sys
2018-06-07 11:59 - 2018-06-07 11:59 - 000000000 ____D C:\Program Files (x86)\Elavon
2018-06-07 11:46 - 2018-06-07 11:52 - 252709144 _____ (Elavon) C:\Users\DiComo\Downloads\ConvergeConnectSetup.exe
2018-06-07 11:46 - 2018-06-07 11:47 - 035101921 _____ C:\Users\DiComo\Downloads\PeripheralDriver.zip
2018-06-06 23:07 - 2018-06-06 23:07 - 000000000 ____D C:\Users\DiComo\AppData\Local\PeerDistRepub
2018-06-06 23:04 - 2018-06-07 14:30 - 000000000 ____D C:\ProgramData\Intuit
2018-06-06 23:04 - 2018-06-06 23:04 - 000000000 ____D C:\Users\Public\Documents\Intuit
2018-06-06 23:04 - 2018-06-06 23:04 - 000000000 ____D C:\ProgramData\Nuance
2018-06-06 23:03 - 2018-06-06 14:38 - 000000090 _____ C:\Windows\QBChanUtil_Trigger.ini
2018-06-06 23:02 - 2018-06-07 11:59 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-06 23:02 - 2018-06-06 23:04 - 000000000 ____D C:\Program Files (x86)\Intuit
2018-06-06 22:52 - 2018-06-13 10:26 - 000000000 ____D C:\Users\DiComo\AppData\Local\PlaceholderTileLogoFolder
2018-06-06 22:48 - 2018-06-06 22:48 - 000000000 ___HD C:\Users\DiComo\MicrosoftEdgeBackups
2018-06-06 22:48 - 2018-06-06 22:48 - 000000000 ____D C:\Users\DiComo\AppData\Local\MicrosoftEdge
2018-06-06 22:40 - 2018-06-06 11:47 - 000000000 ____D C:\Users\DiComo\AppData\Local\Comms
2018-06-06 15:40 - 2018-06-11 11:15 - 000000000 ____D C:\Users\DiComo\Documents\Finanace and Taxes
2018-06-06 15:18 - 2018-06-06 15:19 - 000000000 ____D C:\Users\DiComo\Documents\Netpay Confirmations
2018-06-06 14:42 - 2018-06-06 14:42 - 000000000 ____D C:\Users\DiComo\Documents\AP Invoices
2018-06-06 14:42 - 2018-06-06 14:42 - 000000000 ____D C:\Users\DiComo\AppData\LocalLow\Temp
2018-06-06 14:36 - 2018-06-06 14:36 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\QuickBooks
2018-06-06 12:54 - 2018-05-04 05:37 - 000278448 _____ (Microsoft Corporation) C:\Windows\system32\Notifier.exe
2018-06-06 12:50 - 2018-06-06 12:50 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1393131357-1051084767-950562342-1002
2018-06-06 12:50 - 2018-06-06 12:50 - 000002373 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-06 12:24 - 2018-06-06 12:24 - 000000000 ____D C:\ProgramData\SQL Anywhere 17
2018-06-06 12:05 - 2018-06-07 10:36 - 000000000 ____D C:\Users\DiComo\AppData\Local\Intuit
2018-06-06 12:05 - 2018-06-06 12:24 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\SQL Anywhere 17
2018-06-06 12:05 - 2018-06-06 12:05 - 000000000 ____D C:\Windows\Intuit
2018-06-06 11:31 - 2018-05-03 03:57 - 000599448 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2018-06-06 11:31 - 2018-05-03 03:36 - 000437664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-06-06 11:31 - 2018-05-03 03:32 - 001054280 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-06-06 11:31 - 2018-05-03 02:26 - 001057824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-06-06 11:31 - 2018-05-03 02:18 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-06-06 11:31 - 2018-05-03 02:17 - 007545344 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-06-06 11:31 - 2018-05-03 02:16 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-06-06 11:31 - 2018-05-03 02:09 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-06-06 11:31 - 2018-05-03 02:09 - 002784256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-06-06 11:31 - 2018-05-03 02:09 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-06 11:31 - 2018-05-03 02:00 - 000473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-06-06 11:31 - 2018-05-03 01:58 - 006467072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-06-06 11:31 - 2018-05-03 01:57 - 000150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-06-06 11:31 - 2018-05-03 01:56 - 002677248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-06-06 11:31 - 2018-05-03 01:52 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-06 11:31 - 2018-04-15 18:07 - 001463344 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-06-06 11:31 - 2018-04-15 18:04 - 000779952 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-06-06 11:31 - 2018-04-15 17:50 - 001925760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2018-06-06 11:31 - 2018-04-15 17:49 - 000382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-06-06 11:31 - 2018-04-15 17:48 - 005859248 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-06-06 11:31 - 2018-04-15 17:47 - 000398744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-06-06 11:31 - 2018-04-15 17:38 - 000979360 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2018-06-06 11:31 - 2018-04-15 17:36 - 002376088 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2018-06-06 11:31 - 2018-04-15 17:34 - 000230304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-06 11:31 - 2018-04-15 17:32 - 001416392 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2018-06-06 11:31 - 2018-04-15 17:25 - 001430768 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2018-06-06 11:31 - 2018-04-15 16:47 - 001490856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-06 11:31 - 2018-04-15 16:47 - 001323336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-06-06 11:31 - 2018-04-15 16:47 - 000649304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-06-06 11:31 - 2018-04-15 16:47 - 000311192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-06-06 11:31 - 2018-04-15 16:37 - 000747416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2018-06-06 11:31 - 2018-04-15 16:16 - 003995136 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2018-06-06 11:31 - 2018-04-15 16:12 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2018-06-06 11:31 - 2018-04-15 16:12 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2018-06-06 11:31 - 2018-04-15 16:10 - 000363008 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2018-06-06 11:31 - 2018-04-15 16:09 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 006576128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 000246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 012689920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 008031744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 001425408 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 000837632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-06-06 11:31 - 2018-04-15 16:06 - 013660672 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-06-06 11:31 - 2018-04-15 16:06 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2018-06-06 11:31 - 2018-04-15 16:06 - 000721920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2018-06-06 11:31 - 2018-04-15 16:05 - 004113408 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2018-06-06 11:31 - 2018-04-15 16:05 - 000456704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 002464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001342464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001236480 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 000556544 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 004248064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 002976256 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 002857984 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 002741248 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 001353728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 000920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 004814336 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 001669120 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 000842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-06-06 11:31 - 2018-04-15 16:01 - 001509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2018-06-06 11:31 - 2018-04-15 16:00 - 002223616 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-06-06 11:31 - 2018-04-15 16:00 - 001739264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2018-06-06 11:31 - 2018-04-15 16:00 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-06 11:31 - 2018-03-30 01:06 - 000166304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2018-06-06 11:31 - 2018-03-30 01:05 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 001277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-06-06 11:31 - 2018-03-30 01:03 - 000508272 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2018-06-06 11:31 - 2018-03-30 01:03 - 000479920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 000319864 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 000292384 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 000059808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bam.sys
2018-06-06 11:31 - 2018-03-30 01:01 - 000649304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-06 11:31 - 2018-03-30 01:01 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-06-06 11:31 - 2018-03-30 01:01 - 000471968 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-06 11:31 - 2018-03-30 00:58 - 000898216 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-06-06 11:31 - 2018-03-30 00:58 - 000129432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
2018-06-06 11:31 - 2018-03-30 00:57 - 000109976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-06-06 11:31 - 2018-03-30 00:57 - 000081304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2018-06-06 11:31 - 2018-03-30 00:55 - 000367344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2018-06-06 11:31 - 2018-03-30 00:55 - 000062880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2018-06-06 11:31 - 2018-03-30 00:54 - 000461728 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2018-06-06 11:31 - 2018-03-30 00:53 - 002220952 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2018-06-06 11:31 - 2018-03-30 00:53 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-06-06 11:31 - 2018-03-30 00:53 - 000549552 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2018-06-06 11:31 - 2018-03-30 00:53 - 000163744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2018-06-06 11:31 - 2018-03-30 00:52 - 000727456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-06-06 11:31 - 2018-03-30 00:51 - 000902928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-06-06 11:31 - 2018-03-30 00:51 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-06-06 11:31 - 2018-03-30 00:50 - 001336344 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-06-06 11:31 - 2018-03-30 00:50 - 000057760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-06-06 11:31 - 2018-03-30 00:48 - 000614304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-06-06 11:31 - 2018-03-30 00:27 - 000481464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-06 11:31 - 2018-03-30 00:23 - 000566664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-06-06 11:31 - 2018-03-30 00:16 - 000289824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2018-06-06 11:31 - 2018-03-30 00:13 - 000450936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2018-06-06 11:31 - 2018-03-30 00:10 - 000704080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-06-06 11:31 - 2018-03-30 00:07 - 001003160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-06-06 11:31 - 2018-03-30 00:05 - 001491360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2018-06-06 11:31 - 2018-03-29 23:46 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-06 11:31 - 2018-03-29 23:43 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2018-06-06 11:31 - 2018-03-29 23:42 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-06 11:31 - 2018-03-29 23:42 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-06-06 11:31 - 2018-03-29 23:41 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2018-06-06 11:31 - 2018-03-29 23:41 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-06 11:31 - 2018-03-29 23:41 - 000149504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2018-06-06 11:31 - 2018-03-29 23:40 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-06-06 11:31 - 2018-03-29 23:39 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2018-06-06 11:31 - 2018-03-29 23:38 - 000966656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2018-06-06 11:31 - 2018-03-29 23:38 - 000956928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2018-06-06 11:31 - 2018-03-29 23:36 - 000897024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-06 11:31 - 2018-03-29 23:36 - 000825856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-06-06 11:31 - 2018-03-29 23:35 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-06-06 11:31 - 2018-03-29 23:35 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-06 11:31 - 2018-03-29 23:35 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-06-06 11:31 - 2018-03-29 23:35 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\convertvhd.exe
2018-06-06 11:31 - 2018-03-29 23:35 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2018-06-06 11:31 - 2018-03-29 23:33 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-06-06 11:31 - 2018-03-29 23:32 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-06-06 11:31 - 2018-03-29 23:32 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2018-06-06 11:31 - 2018-03-29 23:32 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-06-06 11:31 - 2018-03-29 23:32 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2018-06-06 11:31 - 2018-03-29 23:32 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-06-06 11:31 - 2018-03-29 23:31 - 000795136 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
2018-06-06 11:31 - 2018-03-29 23:31 - 000416768 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-06 11:31 - 2018-03-29 23:31 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-06-06 11:31 - 2018-03-29 23:31 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000791552 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 001245184 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000984064 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-06-06 11:31 - 2018-03-29 23:28 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000624128 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 001002496 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 000985600 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 000813568 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001816576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001573376 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001343488 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 000765952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-06-06 11:31 - 2018-03-29 23:26 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-06-06 11:31 - 2018-03-29 23:25 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-06-06 11:31 - 2018-03-29 23:25 - 001055744 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-06-06 11:31 - 2018-03-29 23:25 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-06-06 11:31 - 2018-03-29 23:24 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-06-06 11:31 - 2018-03-29 23:23 - 000963584 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-06-06 11:31 - 2018-03-29 23:23 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-06-06 11:31 - 2018-03-29 23:21 - 002511360 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2018-06-06 11:31 - 2018-03-29 23:21 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2018-06-06 11:31 - 2018-03-28 15:54 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-06-06 11:31 - 2018-03-13 03:03 - 000739696 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-06-06 11:31 - 2018-03-13 02:54 - 000555936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-06-06 11:31 - 2018-03-13 02:53 - 000113568 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-06-06 11:31 - 2018-03-13 02:51 - 002773408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-06-06 11:31 - 2018-03-13 02:50 - 000617312 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-06-06 11:31 - 2018-03-13 01:36 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2018-06-06 11:31 - 2018-03-13 01:35 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-06-06 11:31 - 2018-03-13 01:34 - 008727552 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-06-06 11:31 - 2018-03-13 01:33 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2018-06-06 11:31 - 2018-03-13 01:33 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-06-06 11:31 - 2018-03-13 01:33 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2018-06-06 11:31 - 2018-03-13 01:30 - 007145472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-06-06 11:31 - 2018-03-13 01:30 - 003400192 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-06-06 11:31 - 2018-03-13 01:30 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-06-06 11:31 - 2018-03-13 01:29 - 003211776 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 003160576 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 001967104 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 001157632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 000939520 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2018-06-06 11:31 - 2018-03-13 01:27 - 003125760 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2018-06-06 11:31 - 2018-03-13 01:27 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-06-06 11:31 - 2018-03-13 01:25 - 001346560 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2018-06-06 11:31 - 2018-03-13 01:23 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2018-06-06 11:31 - 2018-03-13 01:15 - 000597160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-06-06 11:31 - 2018-03-13 01:08 - 001555784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2018-06-06 11:31 - 2018-03-13 00:40 - 006118400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-06-06 11:31 - 2018-03-13 00:39 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2018-06-06 11:31 - 2018-03-13 00:37 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-06-06 11:31 - 2018-03-13 00:32 - 002577408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-06-06 11:31 - 2018-03-13 00:31 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2018-06-06 11:31 - 2018-03-13 00:30 - 002349568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2018-06-06 11:31 - 2018-03-13 00:30 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2018-06-06 11:31 - 2018-03-01 03:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-06-06 11:31 - 2018-03-01 03:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-06-06 11:31 - 2018-03-01 03:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-06-06 11:31 - 2018-03-01 03:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-06-06 11:31 - 2018-03-01 03:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-06-06 11:31 - 2018-03-01 02:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-06-06 11:31 - 2018-03-01 02:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-06-06 11:31 - 2018-03-01 02:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-06-06 11:31 - 2018-03-01 01:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-06-06 11:31 - 2018-03-01 01:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-06-06 11:31 - 2018-03-01 01:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-06-06 11:31 - 2018-03-01 01:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2018-06-06 11:31 - 2018-03-01 01:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-06-06 11:31 - 2018-03-01 01:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-06-06 11:31 - 2018-03-01 01:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-06-06 11:31 - 2018-03-01 01:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-06-06 11:31 - 2018-03-01 01:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-06-06 11:31 - 2018-02-21 22:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-06-06 11:31 - 2018-02-21 22:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-06-06 11:31 - 2018-02-21 21:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-06-06 11:31 - 2018-02-21 20:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-06-06 11:31 - 2018-02-21 20:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-06-06 11:31 - 2018-02-10 02:19 - 001133888 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2018-06-06 11:31 - 2018-02-10 02:16 - 002406456 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-06-06 11:31 - 2018-02-10 02:14 - 004504464 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2018-06-06 11:31 - 2018-02-10 02:14 - 001002592 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-06-06 11:31 - 2018-02-10 02:10 - 000614160 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2018-06-06 11:31 - 2018-02-10 02:09 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-06-06 11:31 - 2018-02-10 02:08 - 000687552 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-06-06 11:31 - 2018-02-10 02:07 - 000436632 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2018-06-06 11:31 - 2018-02-10 02:06 - 000494488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-06 11:31 - 2018-02-10 02:06 - 000087384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2018-06-06 11:31 - 2018-02-10 02:05 - 000413888 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 001426672 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 001254144 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 001170008 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 000603920 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-06-06 11:31 - 2018-02-10 02:04 - 000374032 _____ (Microsoft Corporation) C:\Windows\system32\vac.exe
2018-06-06 11:31 - 2018-02-10 02:03 - 001619808 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2018-06-06 11:31 - 2018-02-10 02:03 - 000722616 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2018-06-06 11:31 - 2018-02-10 02:03 - 000404888 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2018-06-06 11:31 - 2018-02-10 01:18 - 001384288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll
2018-06-06 11:31 - 2018-02-10 01:17 - 002255112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-06-06 11:31 - 2018-02-10 01:15 - 001145624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-06-06 11:31 - 2018-02-10 01:09 - 000354200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2018-06-06 11:31 - 2018-02-10 01:07 - 000527864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2018-06-06 11:31 - 2018-02-10 01:06 - 000982528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 001246432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 001149272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 000662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 000386424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 000074992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2018-06-06 11:31 - 2018-02-10 00:50 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2018-06-06 11:31 - 2018-02-10 00:46 - 001008640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2018-06-06 11:31 - 2018-02-10 00:44 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
2018-06-06 11:31 - 2018-02-10 00:43 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2018-06-06 11:31 - 2018-02-10 00:43 - 000394752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-06-06 11:31 - 2018-02-10 00:42 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2018-06-06 11:31 - 2018-02-10 00:42 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
2018-06-06 11:31 - 2018-02-10 00:42 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2018-06-06 11:31 - 2018-02-10 00:42 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll
2018-06-06 11:31 - 2018-02-10 00:41 - 000451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2018-06-06 11:31 - 2018-02-10 00:41 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-06-06 11:31 - 2018-02-10 00:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-06-06 11:31 - 2018-02-10 00:40 - 004498432 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-06-06 11:31 - 2018-02-10 00:40 - 001234432 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrSvc.dll
2018-06-06 11:31 - 2018-02-10 00:40 - 000601088 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2018-06-06 11:31 - 2018-02-10 00:39 - 004592640 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-06-06 11:31 - 2018-02-10 00:38 - 002184192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-06-06 11:31 - 2018-02-10 00:38 - 001167360 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2018-06-06 11:31 - 2018-02-10 00:37 - 003578368 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2018-06-06 11:31 - 2018-02-10 00:37 - 003419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-06-06 11:31 - 2018-02-10 00:37 - 001488384 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-06-06 11:31 - 2018-02-10 00:36 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2018-06-06 11:31 - 2018-02-10 00:36 - 001759744 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2018-06-06 11:31 - 2018-02-10 00:36 - 000685056 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-06-06 11:31 - 2018-02-10 00:35 - 000943104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-06 11:31 - 2018-02-10 00:35 - 000918528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-06 11:31 - 2018-02-10 00:34 - 002983936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2018-06-06 11:31 - 2018-02-10 00:33 - 001936384 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2018-06-06 11:31 - 2018-02-10 00:33 - 001570816 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2018-06-06 11:31 - 2018-02-09 22:59 - 000804240 _____ C:\Windows\SysWOW64\locale.nls
2018-06-06 11:31 - 2018-02-09 22:59 - 000804240 _____ C:\Windows\system32\locale.nls
2018-06-06 11:31 - 2018-02-08 23:35 - 004959688 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2018-06-06 11:31 - 2018-02-08 23:35 - 001234888 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2018-06-06 11:31 - 2018-02-01 23:36 - 003903944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2018-06-06 11:31 - 2017-11-26 09:32 - 000184984 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-06 11:31 - 2017-11-26 07:12 - 000123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-06 11:30 - 2018-05-03 03:48 - 000793960 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-06-06 11:30 - 2018-05-03 03:43 - 000702568 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-06 11:30 - 2018-05-03 03:35 - 000358496 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-06-06 11:30 - 2018-05-03 03:34 - 000070864 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2018-06-06 11:30 - 2018-05-03 02:44 - 000595448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-06 11:30 - 2018-05-03 02:43 - 000594056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-06-06 11:30 - 2018-05-03 02:29 - 000285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-06-06 11:30 - 2018-05-03 02:28 - 000061024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2018-06-06 11:30 - 2018-05-03 02:19 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-06-06 11:30 - 2018-05-03 02:18 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2018-06-06 11:30 - 2018-05-03 02:16 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-06-06 11:30 - 2018-05-03 02:16 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2018-06-06 11:30 - 2018-05-03 02:16 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-06-06 11:30 - 2018-05-03 02:16 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-06 11:30 - 2018-05-03 02:15 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-06-06 11:30 - 2018-05-03 02:15 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-06 11:30 - 2018-05-03 02:15 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2018-06-06 11:30 - 2018-05-03 02:12 - 000657408 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-06-06 11:30 - 2018-05-03 02:09 - 001856000 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-06-06 11:30 - 2018-05-03 02:05 - 000483840 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-06-06 11:30 - 2018-05-03 02:05 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2018-06-06 11:30 - 2018-05-03 02:04 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-06-06 11:30 - 2018-05-03 02:02 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2018-06-06 11:30 - 2018-05-03 01:57 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-06-06 11:30 - 2018-05-03 01:57 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-06 11:30 - 2018-05-03 01:57 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-06 11:30 - 2018-05-03 01:53 - 000540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-06-06 11:30 - 2018-05-03 01:50 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-06-06 11:30 - 2018-05-03 01:48 - 000408576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-06-06 11:30 - 2018-05-03 01:48 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2018-06-06 11:30 - 2018-05-03 01:47 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-06-06 11:30 - 2018-04-15 17:57 - 000279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-06-06 11:30 - 2018-04-15 17:49 - 000563632 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2018-06-06 11:30 - 2018-04-15 17:29 - 001873944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-06-06 11:30 - 2018-04-15 17:29 - 000198440 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2018-06-06 11:30 - 2018-04-15 17:25 - 000661920 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2018-06-06 11:30 - 2018-04-15 17:25 - 000327008 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2018-06-06 11:30 - 2018-04-15 17:25 - 000092032 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2018-06-06 11:30 - 2018-04-15 17:24 - 000063656 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-06 11:30 - 2018-04-15 16:38 - 001123464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2018-06-06 11:30 - 2018-04-15 16:38 - 000444280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2018-06-06 11:30 - 2018-04-15 16:36 - 001575896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-06-06 11:30 - 2018-04-15 16:36 - 000832648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-06-06 11:30 - 2018-04-15 16:34 - 000572312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2018-06-06 11:30 - 2018-04-15 16:34 - 000279472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2018-06-06 11:30 - 2018-04-15 16:34 - 000166408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2018-06-06 11:30 - 2018-04-15 16:34 - 000077552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2018-06-06 11:30 - 2018-04-15 16:34 - 000052248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-06 11:30 - 2018-04-15 16:33 - 001623960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2018-06-06 11:30 - 2018-04-15 16:15 - 003490816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2018-06-06 11:30 - 2018-04-15 16:15 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\LockController.dll
2018-06-06 11:30 - 2018-04-15 16:14 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2018-06-06 11:30 - 2018-04-15 16:14 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\CredProv2faHelper.dll
2018-06-06 11:30 - 2018-04-15 16:14 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProv2faHelper.dll
2018-06-06 11:30 - 2018-04-15 16:13 - 000084992 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2018-06-06 11:30 - 2018-04-15 16:12 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-06-06 11:30 - 2018-04-15 16:12 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\eShims.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 001576960 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_User.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000859648 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2018-06-06 11:30 - 2018-04-15 16:08 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000627712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000490496 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 003367936 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000792064 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000702464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-06-06 11:30 - 2018-04-15 16:07 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000820224 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000421376 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-06-06 11:30 - 2018-04-15 16:06 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-06-06 11:30 - 2018-04-15 16:04 - 002523136 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 002490880 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000997376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-06-06 11:30 - 2018-04-15 16:04 - 000976896 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-06-06 11:30 - 2018-04-15 16:04 - 000965632 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000648704 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000621056 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 003287040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 002814976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 002462208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 002413568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-06-06 11:30 - 2018-04-15 16:03 - 000826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-06-06 11:30 - 2018-04-15 16:03 - 000825856 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000695296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2018-06-06 11:30 - 2018-04-15 16:02 - 000440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000518144 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000366592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ByteCodeGenerator.exe
2018-06-06 11:30 - 2018-04-15 16:00 - 000682496 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2018-06-06 11:30 - 2018-04-15 16:00 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\ByteCodeGenerator.exe
2018-06-06 11:30 - 2018-04-15 15:59 - 001332736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2018-06-06 11:30 - 2018-04-15 15:59 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2018-06-06 11:30 - 2018-04-15 15:58 - 001472000 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2018-06-06 11:30 - 2018-04-15 15:58 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2018-06-06 11:30 - 2018-03-30 01:12 - 000270208 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2018-06-06 11:30 - 2018-03-30 01:12 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2018-06-06 11:30 - 2018-03-30 01:06 - 000053152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
2018-06-06 11:30 - 2018-03-30 01:05 - 000066720 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000059808 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000035744 _____ (Microsoft Corporation) C:\Windows\system32\SDFHost.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
2018-06-06 11:30 - 2018-03-30 01:03 - 000139680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-06 11:30 - 2018-03-30 01:03 - 000022400 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-06 11:30 - 2018-03-30 01:01 - 000034208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2018-06-06 11:30 - 2018-03-30 01:00 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-06-06 11:30 - 2018-03-30 01:00 - 000094104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-06-06 11:30 - 2018-03-30 00:58 - 000039328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2018-06-06 11:30 - 2018-03-30 00:57 - 000121248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-06-06 11:30 - 2018-03-30 00:57 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2018-06-06 11:30 - 2018-03-30 00:56 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
2018-06-06 11:30 - 2018-03-30 00:53 - 000094080 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
2018-06-06 11:30 - 2018-03-30 00:53 - 000040352 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll
2018-06-06 11:30 - 2018-03-30 00:52 - 000282528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000247480 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2018-06-06 11:30 - 2018-03-30 00:52 - 000192416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000054688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000028520 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2018-06-06 11:30 - 2018-03-30 00:51 - 000125568 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2018-06-06 11:30 - 2018-03-30 00:51 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2018-06-06 11:30 - 2018-03-30 00:51 - 000071208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2018-06-06 11:30 - 2018-03-30 00:49 - 000204184 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-06-06 11:30 - 2018-03-30 00:48 - 000586800 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
2018-06-06 11:30 - 2018-03-30 00:18 - 000016600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
2018-06-06 11:30 - 2018-03-30 00:13 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
2018-06-06 11:30 - 2018-03-30 00:12 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2018-06-06 11:30 - 2018-03-30 00:10 - 000099240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2018-06-06 11:30 - 2018-03-30 00:06 - 000180632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-06-06 11:30 - 2018-03-30 00:05 - 000027040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVClientPS.dll
2018-06-06 11:30 - 2018-03-30 00:04 - 000417368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
2018-06-06 11:30 - 2018-03-29 23:45 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-06-06 11:30 - 2018-03-29 23:44 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2018-06-06 11:30 - 2018-03-29 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-06 11:30 - 2018-03-29 23:43 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2018-06-06 11:30 - 2018-03-29 23:42 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-06 11:30 - 2018-03-29 23:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2018-06-06 11:30 - 2018-03-29 23:41 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-06-06 11:30 - 2018-03-29 23:41 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2018-06-06 11:30 - 2018-03-29 23:39 - 000776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-06 11:30 - 2018-03-29 23:36 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000233984 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2018-06-06 11:30 - 2018-03-29 23:34 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000707584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-06 11:30 - 2018-03-29 23:33 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\IcsEntitlementHost.exe
2018-06-06 11:30 - 2018-03-29 23:33 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
2018-06-06 11:30 - 2018-03-29 23:33 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2018-06-06 11:30 - 2018-03-29 23:31 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2018-06-06 11:30 - 2018-03-29 23:31 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-06 11:30 - 2018-03-29 23:31 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2018-06-06 11:30 - 2018-03-29 23:29 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-06-06 11:30 - 2018-03-29 23:29 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2018-06-06 11:30 - 2018-03-29 23:29 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2018-06-06 11:30 - 2018-03-29 23:29 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2018-06-06 11:30 - 2018-03-29 23:28 - 000820224 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2018-06-06 11:30 - 2018-03-29 23:28 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000947712 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000889856 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2018-06-06 11:30 - 2018-03-29 23:25 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2018-06-06 11:30 - 2018-03-29 23:25 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-06-06 11:30 - 2018-03-29 23:25 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-06-06 11:30 - 2018-03-29 23:23 - 000387584 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2018-06-06 11:30 - 2018-03-29 23:23 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2018-06-06 11:30 - 2018-03-29 23:23 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2018-06-06 11:30 - 2018-03-29 23:22 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-06-06 11:30 - 2018-03-29 23:22 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
2018-06-06 11:30 - 2018-03-29 23:22 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
2018-06-06 11:30 - 2018-03-29 23:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
2018-06-06 11:30 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2018-06-06 11:30 - 2018-03-29 23:20 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
2018-06-06 11:30 - 2018-03-13 02:59 - 000535968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-06-06 11:30 - 2018-03-13 02:58 - 000441248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-06-06 11:30 - 2018-03-13 02:58 - 000170904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-06 11:30 - 2018-03-13 02:55 - 001778360 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2018-06-06 11:30 - 2018-03-13 02:55 - 000417440 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-06-06 11:30 - 2018-03-13 02:55 - 000334240 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2018-06-06 11:30 - 2018-03-13 02:54 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-06-06 11:30 - 2018-03-13 02:53 - 000774560 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2018-06-06 11:30 - 2018-03-13 02:53 - 000143264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2018-06-06 11:30 - 2018-03-13 02:53 - 000091152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2018-06-06 11:30 - 2018-03-13 02:52 - 000172112 _____ (Microsoft Corporation) C:\Windows\system32\RTWorkQ.dll
2018-06-06 11:30 - 2018-03-13 02:52 - 000127136 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2018-06-06 11:30 - 2018-03-13 01:38 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2018-06-06 11:30 - 2018-03-13 01:38 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2018-06-06 11:30 - 2018-03-13 01:37 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\NetDriverInstall.dll
2018-06-06 11:30 - 2018-03-13 01:37 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2018-06-06 11:30 - 2018-03-13 01:37 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2018-06-06 11:30 - 2018-03-13 01:36 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000758272 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\TtlsAuth.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\TtlsCfg.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2018-06-06 11:30 - 2018-03-13 01:34 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2018-06-06 11:30 - 2018-03-13 01:34 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\TtlsExt.dll
2018-06-06 11:30 - 2018-03-13 01:34 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2018-06-06 11:30 - 2018-03-13 01:33 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2018-06-06 11:30 - 2018-03-13 01:33 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-06-06 11:30 - 2018-03-13 01:33 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000286720 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 002849792 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 001263104 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 001173504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2018-06-06 11:30 - 2018-03-13 01:30 - 000893440 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2018-06-06 11:30 - 2018-03-13 01:30 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2018-06-06 11:30 - 2018-03-13 01:30 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-06-06 11:30 - 2018-03-13 01:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-06-06 11:30 - 2018-03-13 01:28 - 000837120 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-06-06 11:30 - 2018-03-13 01:26 - 001737728 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-06-06 11:30 - 2018-03-13 01:26 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2018-06-06 11:30 - 2018-03-13 01:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2018-06-06 11:30 - 2018-03-13 01:24 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2018-06-06 11:30 - 2018-03-13 01:24 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2018-06-06 11:30 - 2018-03-13 01:23 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-06-06 11:30 - 2018-03-13 01:23 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-06-06 11:30 - 2018-03-13 01:22 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2018-06-06 11:30 - 2018-03-13 01:22 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-06-06 11:30 - 2018-03-13 01:07 - 000115104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-06-06 11:30 - 2018-03-13 01:06 - 000564640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2018-06-06 11:30 - 2018-03-13 01:04 - 000140592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2018-06-06 11:30 - 2018-03-13 00:40 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-06-06 11:30 - 2018-03-13 00:40 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2018-06-06 11:30 - 2018-03-13 00:39 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-06-06 11:30 - 2018-03-13 00:39 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-06-06 11:30 - 2018-03-13 00:39 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsCfg.dll
2018-06-06 11:30 - 2018-03-13 00:38 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlgpclnt.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000537088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2018-06-06 11:30 - 2018-03-13 00:37 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2018-06-06 11:30 - 2018-03-13 00:36 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-06-06 11:30 - 2018-03-13 00:36 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-06-06 11:30 - 2018-03-13 00:35 - 006204416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-06-06 11:30 - 2018-03-13 00:34 - 002409984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-06-06 11:30 - 2018-03-13 00:34 - 000706048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2018-06-06 11:30 - 2018-03-13 00:33 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-06-06 11:30 - 2018-03-13 00:32 - 001948672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-06-06 11:30 - 2018-03-13 00:31 - 001348608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-06-06 11:30 - 2018-03-13 00:31 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-06-06 11:30 - 2018-03-13 00:27 - 000190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2018-06-06 11:30 - 2018-03-13 00:27 - 000078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2018-06-06 11:30 - 2018-03-13 00:26 - 000483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2018-06-06 11:30 - 2018-03-01 23:02 - 000037888 _____ C:\Windows\system32\SpectrumSyncClient.dll
2018-06-06 11:30 - 2018-03-01 23:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\svf.dll
2018-06-06 11:30 - 2018-03-01 16:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2018-06-06 11:30 - 2018-03-01 03:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-06-06 11:30 - 2018-03-01 03:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-06-06 11:30 - 2018-03-01 03:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-06-06 11:30 - 2018-03-01 03:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-06-06 11:30 - 2018-03-01 03:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-06-06 11:30 - 2018-03-01 03:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-06-06 11:30 - 2018-03-01 02:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-06-06 11:30 - 2018-03-01 02:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2018-06-06 11:30 - 2018-03-01 02:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2018-06-06 11:30 - 2018-03-01 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2018-06-06 11:30 - 2018-03-01 01:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-06-06 11:30 - 2018-03-01 01:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-06-06 11:30 - 2018-03-01 01:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-06-06 11:30 - 2018-03-01 01:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2018-06-06 11:30 - 2018-03-01 01:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-06-06 11:30 - 2018-03-01 01:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-06 11:30 - 2018-03-01 01:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-06-06 11:30 - 2018-03-01 01:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-06-06 11:30 - 2018-02-21 21:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-06-06 11:30 - 2018-02-21 21:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-06-06 11:30 - 2018-02-21 20:26 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-06-06 11:30 - 2018-02-21 20:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-06-06 11:30 - 2018-02-10 02:18 - 001193192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2018-06-06 11:30 - 2018-02-10 02:18 - 000098272 _____ (Microsoft Corporation) C:\Windows\system32\FsIso.exe
2018-06-06 11:30 - 2018-02-10 02:12 - 004537040 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2018-06-06 11:30 - 2018-02-10 02:12 - 001313016 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2018-06-06 11:30 - 2018-02-10 02:10 - 000154520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2018-06-06 11:30 - 2018-02-10 02:09 - 000491264 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2018-06-06 11:30 - 2018-02-10 02:08 - 000398824 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2018-06-06 11:30 - 2018-02-10 02:08 - 000096200 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2018-06-06 11:30 - 2018-02-10 02:06 - 000100248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2018-06-06 11:30 - 2018-02-10 02:04 - 000339872 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2018-06-06 11:30 - 2018-02-10 02:04 - 000212880 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2018-06-06 11:30 - 2018-02-10 02:03 - 000849304 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2018-06-06 11:30 - 2018-02-10 02:03 - 000706600 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2018-06-06 11:30 - 2018-02-10 02:03 - 000098712 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2018-06-06 11:30 - 2018-02-10 02:02 - 000628632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2018-06-06 11:30 - 2018-02-10 01:18 - 000022424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hvsicontainerservice.dll
2018-06-06 11:30 - 2018-02-10 01:17 - 000542856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-06 11:30 - 2018-02-10 01:12 - 004382032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2018-06-06 11:30 - 2018-02-10 01:11 - 001250528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2018-06-06 11:30 - 2018-02-10 01:10 - 000422592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2018-06-06 11:30 - 2018-02-10 01:09 - 000559976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-06-06 11:30 - 2018-02-10 01:07 - 000123808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2018-06-06 11:30 - 2018-02-10 01:07 - 000089504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2018-06-06 11:30 - 2018-02-10 01:07 - 000083216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000718232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000654456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000193248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000079256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2018-06-06 11:30 - 2018-02-10 01:03 - 000505160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2018-06-06 11:30 - 2018-02-10 00:50 - 000849920 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2018-06-06 11:30 - 2018-02-10 00:49 - 001664512 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-06-06 11:30 - 2018-02-10 00:48 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2018-06-06 11:30 - 2018-02-10 00:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtClient.dll
2018-06-06 11:30 - 2018-02-10 00:47 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-06 11:30 - 2018-02-10 00:46 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\PCShellCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-06 11:30 - 2018-02-10 00:45 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2018-06-06 11:30 - 2018-02-10 00:45 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2018-06-06 11:30 - 2018-02-10 00:45 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EnterpriseAppMgmtClient.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2018-06-06 11:30 - 2018-02-10 00:44 - 000427008 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000388608 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 003756032 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000580608 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCShellCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 001113600 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2018-06-06 11:30 - 2018-02-10 00:42 - 000975872 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2018-06-06 11:30 - 2018-02-10 00:42 - 000634880 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\regsvr32.exe
2018-06-06 11:30 - 2018-02-10 00:41 - 000504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 002873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000939520 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000886784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2018-06-06 11:30 - 2018-02-10 00:40 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000800256 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000691200 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2018-06-06 11:30 - 2018-02-10 00:40 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2018-06-06 11:30 - 2018-02-10 00:40 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000447488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2018-06-06 11:30 - 2018-02-10 00:39 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
2018-06-06 11:30 - 2018-02-10 00:38 - 006722560 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2018-06-06 11:30 - 2018-02-10 00:38 - 000755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2018-06-06 11:30 - 2018-02-10 00:38 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2018-06-06 11:30 - 2018-02-10 00:38 - 000653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2018-06-06 11:30 - 2018-02-10 00:38 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2018-06-06 11:30 - 2018-02-10 00:38 - 000174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-06-06 11:30 - 2018-02-10 00:36 - 000403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2018-06-06 11:30 - 2018-02-10 00:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 005388800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000796160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000667136 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2018-06-06 11:30 - 2018-02-10 00:34 - 006532096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2018-06-06 11:30 - 2018-02-10 00:34 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:34 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:34 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 001661440 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000621568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000604672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000482816 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-06 11:30 - 2018-02-10 00:32 - 002427904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2018-06-06 11:30 - 2018-02-10 00:32 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:32 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:32 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:31 - 001488896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2018-06-06 11:30 - 2018-02-10 00:31 - 001159680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2018-06-06 11:30 - 2018-02-10 00:31 - 000301056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2018-06-06 11:30 - 2018-02-08 23:35 - 001002952 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2018-06-06 11:30 - 2018-02-08 23:35 - 000892872 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2018-06-06 11:30 - 2018-02-08 23:35 - 000065992 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000921032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000854976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000649672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000054720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2018-06-06 11:11 - 2018-06-08 12:36 - 000000000 ____D C:\ProgramData\Brother
2018-06-06 11:09 - 2018-06-06 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2018-06-06 11:09 - 2018-06-06 11:09 - 000003014 _____ C:\Windows\System32\Tasks\QBScheduledReport
2018-06-06 11:09 - 2012-01-05 16:43 - 004218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2018-06-06 04:35 - 2018-06-06 12:50 - 000000000 ___RD C:\Users\DiComo\OneDrive
2018-06-06 04:34 - 2018-06-13 23:50 - 000000000 ___RD C:\Users\DiComo\3D Objects
2018-06-06 04:34 - 2018-06-13 17:39 - 000000000 __SHD C:\Users\DiComo\IntelGraphicsProfiles
2018-06-06 04:34 - 2018-06-13 10:26 - 000000000 ____D C:\Users\DiComo\AppData\Local\Packages
2018-06-06 04:34 - 2018-06-11 20:49 - 000000000 ____D C:\Users\DiComo\AppData\Local\ConnectedDevicesPlatform
2018-06-06 04:34 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Adobe
2018-06-06 04:34 - 2018-06-07 08:50 - 000000000 ____D C:\Users\DiComo\AppData\Local\Publishers
2018-06-06 04:34 - 2018-06-06 04:34 - 000000000 ____D C:\Users\DiComo\AppData\Local\VirtualStore
2018-06-06 04:31 - 2018-06-11 10:40 - 000000000 ____D C:\Users\DiComo
2018-06-06 04:31 - 2018-06-06 04:31 - 000000020 ___SH C:\Users\DiComo\ntuser.ini
2018-06-06 02:59 - 2018-06-06 12:27 - 000000000 ____D C:\Windows\system32\Drivers\wd
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-15 14:48 - 2017-10-24 14:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-06-15 11:41 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\rescache
2018-06-15 11:20 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-15 11:20 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-06-15 11:20 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\AppReadiness
2018-06-15 11:19 - 2017-09-29 09:44 - 000000000 ____D C:\Windows\INF
2018-06-13 23:53 - 2017-10-24 14:34 - 001274800 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-13 23:50 - 2017-10-24 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 17:38 - 2017-10-24 14:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-13 17:38 - 2017-10-24 14:29 - 000244408 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\system32\F12
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\TextInput
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\ShellExperiences
2018-06-13 17:38 - 2017-09-29 04:45 - 000786432 _____ C:\Windows\system32\config\BBI
2018-06-13 17:38 - 2017-09-29 04:45 - 000000000 ____D C:\Windows\system32\Dism
2018-06-13 11:15 - 2017-11-01 13:32 - 000000000 ____D C:\Windows\system32\MRT
2018-06-13 11:14 - 2017-11-01 13:32 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-13 11:14 - 2017-11-01 13:32 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-13 11:13 - 2017-09-29 09:37 - 000000000 ____D C:\Windows\CbsTemp
2018-06-06 22:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\NDF
2018-06-06 22:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\appcompat
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\oobe
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\appraiser
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\bcastdvr
2018-06-06 12:48 - 2017-09-29 04:45 - 000000000 ____D C:\Windows\servicing
2018-06-06 12:27 - 2017-09-29 09:46 - 000000000 ___RD C:\Program Files\Windows Defender
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-06 04:39
 
==================== End of FRST.txt ============================

Addition doc from PC02

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by DiComo (15-06-2018 14:49:03)
Running from C:\Users\DiComo\Desktop
Windows 10 Pro Version 1709 16299.492 (X64) (2018-02-24 06:30:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1393131357-1051084767-950562342-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1393131357-1051084767-950562342-503 - Limited - Disabled)
DiComo (S-1-5-21-1393131357-1051084767-950562342-1002 - Administrator - Enabled) => C:\Users\DiComo
Guest (S-1-5-21-1393131357-1051084767-950562342-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1393131357-1051084767-950562342-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Brother MFL-Pro Suite MFC-7860DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
ConvergeConnect (HKLM-x32\...\ConvergeConnect) (Version: 3.2.0.90 - Elavon)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
Ingenico USB Drivers Package (JUNGO v36) 2.60 (remove only) (HKLM\...\IngenicoUSBDrivers_2.60) (Version: 2.60 - )
Microsoft OneDrive (HKU\S-1-5-21-1393131357-1051084767-950562342-1002\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Payment Terminal (HKLM-x32\...\{C1EF6BC6-228F-4D7F-8704-EB62C5E10D84}) (Version: 17.2.1 - Verosa, LLC.)
QBFC 13.0 (HKLM-x32\...\{42A7A870-C6A9-4EEE-8755-2755E3C60EE4}) (Version: 13.0.0.23 - Intuit Developer Network)
QuickBooks (HKLM-x32\...\{48011BF6-E0BC-4B49-9DCA-C7144EF0C01E}) (Version: 28.0.4006.2806 - Intuit Inc.) Hidden
QuickBooks Premier Edition 2018 (HKLM-x32\...\{7A626F39-A185-4566-9982-9995287CED26}) (Version: 28.0.4001.2806 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
RDM ADK (HKLM-x32\...\{8B7F5BE5-BACF-4533-AC1F-696DBB98BFB5}) (Version: 7.0.2.95 - RDM Corporation)
RDM Appweb 4.6.0.8 (HKLM-x32\...\RDM Appweb_is1) (Version: 4.6.0.8 - RDM Corporation)
RDM USB Drivers (HKLM-x32\...\{32770FE5-A5F9-48EC-B156-F3F29B3DBD0B}) (Version: 7.0.2.95 - RDM Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Driver Package - Star Micronics TSP650II Printer Driver (08/01/2012 2.1.0.0) (HKLM\...\48B1ED181B3559BE29518D57640438C268C70E85) (Version: 08/01/2012 2.1.0.0 - Star Micronics)
WPS Office (10.1.0.5656) (HKU\S-1-5-21-1393131357-1051084767-950562342-1002\...\Kingsoft Office) (Version: 10.1.0.5656 - Kingsoft Corp.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05B8DCCF-2366-40C1-BB3A-00BC4DB90A41} - System32\Tasks\ConvergeConnect => C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectAdmin.exe [2018-02-23] (Elavon)
Task: {2B5B2EE8-FD90-4D7D-8B34-DD61BED8928C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
Task: {4A9E023A-6B1A-4A91-A7D1-2FDFF197D33A} - System32\Tasks\WpsUpdateTask_DiComo => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdate.exe [2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6B4545B1-5367-45AE-80D1-A936492D1965} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {730A553F-EFC9-4EEF-8680-286E3456FE20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
Task: {7B99C16B-65D5-4C3F-ABBE-8DDCE282636F} - System32\Tasks\WpsExternal_20180608131656 => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {8147A80A-EB93-4C2A-A2C6-C9CE53BAA05F} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\Windows\system32\Notifier.exe [2018-05-04] (Microsoft Corporation)
Task: {A648F4D2-3E56-4AC7-9AC2-7B660F1705C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
Task: {AB21DCEF-D5E0-4C46-9759-A29FB70D39B5} - System32\Tasks\WpsKtpcntrQingTask_DiComo => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\office6\ktpcntr.exe [2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {C1FE5037-9707-4C4C-9A3B-6A10F6FF89EA} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [2018-04-27] (Intuit Inc.)
Task: {D08E8DDA-908E-481B-A5A6-42CEA6580394} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\WpsExternal_20180608131656.job => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe
Task: C:\Windows\Tasks\WpsKtpcntrQingTask_DiComo.job => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\office6\ktpcntr.exeÃqing 10.1.0.5656 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads
Task: C:\Windows\Tasks\WpsUpdateTask_DiComo.job => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000016896 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\rdmappman.exe
2018-06-07 12:00 - 2017-04-24 14:17 - 000012288 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\RDMAppweb.exe
2018-06-06 23:04 - 2018-06-06 23:04 - 000948736 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\e_sqlite3.dll
2018-06-06 23:04 - 2018-06-06 23:04 - 002426040 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-06-06 23:04 - 2018-06-06 23:04 - 000381440 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\Microsoft.Notes.Upgrade.dll
2018-06-06 23:04 - 2018-06-06 23:04 - 000843672 _____ () C:\Program Files\WindowsApps\Microsoft.Services.Store.Engagement_10.0.17112.0_x64__8wekyb3d8bbwe\Microsoft.Services.Store.Engagement.dll
2018-06-06 23:04 - 2018-06-06 23:04 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_2.1.18.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2017-09-29 09:41 - 2017-09-29 09:41 - 004069888 _____ () C:\Windows\System32\Windows.UI.Input.Inking.Analysis.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-06 11:14 - 2018-06-06 11:16 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-06-06 11:14 - 2018-06-06 11:16 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-06-06 11:14 - 2018-06-06 11:17 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-06-06 11:14 - 2018-06-06 11:16 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-06 11:07 - 2018-06-06 11:09 - 001280176 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-06-06 23:06 - 2018-06-06 23:07 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-06 23:06 - 2018-06-06 23:07 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-06 23:05 - 2018-06-06 23:05 - 004165632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-06-06 23:05 - 2018-06-06 23:05 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-08 12:43 - 2018-06-08 12:44 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 12:43 - 2018-06-08 12:44 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-06-06 11:05 - 2018-06-06 11:15 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-06-06 11:05 - 2018-06-06 11:14 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-06 11:05 - 2018-06-06 11:13 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-06-06 11:05 - 2018-06-06 11:17 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 12:43 - 2018-06-08 12:44 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-06-06 11:05 - 2018-06-06 11:14 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 12:43 - 2018-06-08 12:43 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-06-06 11:05 - 2018-06-06 11:15 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-06 11:05 - 2018-06-06 11:11 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-06 11:05 - 2018-06-06 11:15 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-06-08 12:43 - 2018-06-08 12:44 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-06 11:17 - 2018-06-06 11:18 - 000015872 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\Maps.exe
2018-06-06 11:17 - 2018-06-06 11:18 - 016588800 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\Maps.dll
2017-09-29 10:45 - 2017-09-29 10:45 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-09-29 09:41 - 2017-09-29 09:41 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 004173824 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 003662336 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-06-15 13:16 - 2018-06-15 13:16 - 000668792 _____ () C:\Users\DiComo\Desktop\Virus assessment\bremove.exe
2018-06-07 12:00 - 2017-04-24 14:17 - 000212992 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmpr.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000006144 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libslink.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000062976 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libappweb.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000197632 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libhttp.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000090624 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libpcre.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000009216 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmod_ssl.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000114176 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmod_esp.dll
2017-04-28 15:43 - 2017-04-28 15:43 - 000015360 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmod_sci.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000018944 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmprssl.dll
2017-04-28 15:43 - 2017-04-28 15:43 - 000011264 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\cache\controller_8e2a71804042fa9a9af99cd4b8f9124e.dll
2018-02-23 17:22 - 2018-02-23 17:22 - 000604160 _____ () C:\Program Files (x86)\Elavon\ConvergeConnect\CommerceSEC.dll
2018-02-23 17:22 - 2018-02-23 17:22 - 000191488 _____ () C:\Program Files (x86)\Elavon\ConvergeConnect\TlvJni.dll
2018-06-08 12:37 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [120]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2017-09-29 09:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1393131357-1051084767-950562342-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/15/2018 11:16:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/15/2018 11:16:09 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/13/2018 11:50:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/13/2018 11:50:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80072EE7
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error: (06/13/2018 05:39:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/13/2018 05:22:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/13/2018 02:10:06 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
Got unexpected error 5 in call to NetShareGetInfo for path \\QB-PC\Intuit\QuickBooks\Company Files\Kauffman Electric.qbw
 
Error: (06/13/2018 02:10:05 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
Got unexpected error 5 in call to NetShareGetInfo for path \\QB-PC\Intuit\QuickBooks\Company Files\Kauffman Electric.qbw
 
 
System errors:
=============
Error: (06/15/2018 11:16:35 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-T376LOA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-T376LOA\DiComo SID (S-1-5-21-1393131357-1051084767-950562342-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/15/2018 11:16:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/15/2018 11:16:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:39:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:39:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:39:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:39:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/13/2018 05:39:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-06-11 10:59:04.140
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5F3DC6D5-C2D7-405E-A2DB-84294DECC7A3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-11 10:49:12.465
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0E241BEC-8A63-4C67-B906-EBDB09170BB8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-07 15:01:19.776
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A719C4F3-ED08-49BC-82AD-1EA94585F0BD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-07 14:53:38.849
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B1BFD1C1-C7DF-4AAB-806A-D8EDF375A5BF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-07 12:54:22.906
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {FD5D6935-9C45-4823-AEF7-0C3B14C8C480}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 54%
Total physical RAM: 8110.46 MB
Available physical RAM: 3680.32 MB
Total Virtual: 9390.46 MB
Available Virtual: 3447.14 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:110.76 GB) (Free:84.61 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:931.27 GB) NTFS
Drive f: (IMPRINT) (Removable) (Total:0.94 GB) (Free:0.94 GB) FAT32
 
\\?\Volume{f4aaa1e7-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{f4aaa1e7-0000-0000-0000-30d31b000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.14 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: F4AAA1E7)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9E20ECE3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 964 MB) (Disk ID: C1ADC450)
Partition 1: (Not Active) - (Size=964 MB) - (Type=06)
 
==================== End of Addition.txt ============================


#3 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 18 June 2018 - 08:48 AM

Friday wound up getting busier so I was delayed in posting the other 3 log sets.   

 

*Note* The problem persists. Some time over the weekend the same issue with the same printer occurred. I had taken out all the paper so the job was sitting there waiting for me this morning, and when I put paper in it printed the same stuff. This leads to new questions, however, as its USB cable has been disconnected since Friday morning. It was still connected by a phone line running through VOIP. Not sure if this is indicative of a different sort of issue than what I thought I might have.

 

 

Anywhoodle, here is the log from PC #03. This one took substantially longer as it predates the other 2 PCs by several years and was heretofore used by someone with hoarding tendencies who is very unfamiliar and uncomfortable with technology, so it's got tons of stuff on it,

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Jennifer (administrator) on JENNIFER-PC (15-06-2018 16:16:58)
Running from C:\Users\Jennifer\Downloads
Loaded Profiles: Jennifer (Available Profiles: Jennifer & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe
(Starfield Technologies) C:\Users\Jennifer\AppData\Local\Workspace\workspaceupdate.exe
(Starfield Technologies, LLC) C:\Users\Jennifer\AppData\Local\Workspace\wben.exe
(Starfield Technologies) C:\Users\Jennifer\AppData\Local\Workspace\workspacestatus.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-523771415-2389090635-2927461101-1000\...\Run: [HP Photosmart 6520 series (NET)] => C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-523771415-2389090635-2927461101-1000\...\Run: [Starfield Updater] => C:\Users\Jennifer\AppData\Local\Workspace\WorkspaceUpdate.exe [35008 2018-03-27] (Starfield Technologies)
HKU\S-1-5-21-523771415-2389090635-2927461101-1000\...\Run: [wben] => C:\Users\Jennifer\AppData\Local\Workspace\wben.exe [1078896 2014-10-20] (Starfield Technologies, LLC)
HKU\S-1-5-21-523771415-2389090635-2927461101-1000\...\Run: [Workspace Status] => C:\Users\Jennifer\AppData\Local\Workspace\workspacestatus.exe [694760 2018-03-27] (Starfield Technologies)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-04-20]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-04-20]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-04-20]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2018\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk [2013-11-08]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1D9CB055-7497-4F16-92EF-E1723D652571}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{60453BED-9A25-494E-87FD-45817E3517D0}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-523771415-2389090635-2927461101-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-523771415-2389090635-2927461101-1000 -> DefaultScope {5C76CD67-727B-4890-B00E-E6D9A37BB8B6} URL = 
SearchScopes: HKU\S-1-5-21-523771415-2389090635-2927461101-1000 -> {4966A924-0D45-4A64-8F62-A166D90E4FBC} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-523771415-2389090635-2927461101-1000 -> {5C76CD67-727B-4890-B00E-E6D9A37BB8B6} URL = 
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T28L10NSP12_CP1-16851/event/ieatgpc1.cab
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2018-04-27] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2010-11-20] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\GlanceGuest\npglance.dll [2017-12-18] (Glance Networks, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-523771415-2389090635-2927461101-1000: @starfield.com/off -> C:\Users\Jennifer\AppData\Roaming\Mozilla\Plugins\npoff.dll [2018-03-27] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-523771415-2389090635-2927461101-1000: @starfield.com/off64 -> C:\Users\Jennifer\AppData\Roaming\Mozilla\Plugins\npoff64.dll [2018-03-27] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-523771415-2389090635-2927461101-1000: @starfield.com/wbe -> C:\Users\Jennifer\AppData\Roaming\Mozilla\Plugins\npwbe.dll [2018-03-27] (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-523771415-2389090635-2927461101-1000: @starfield.com/wbe64 -> C:\Users\Jennifer\AppData\Roaming\Mozilla\Plugins\npwbe64.dll [2018-03-27] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Jennifer\AppData\Roaming\mozilla\plugins\npoff.dll [2018-03-27] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jennifer\AppData\Roaming\mozilla\plugins\npoff64.dll [2018-03-27] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Jennifer\AppData\Roaming\mozilla\plugins\npwbe.dll [2018-03-27] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Jennifer\AppData\Roaming\mozilla\plugins\npwbe64.dll [2018-03-27] (Starfield Technology, LLC)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://login.secureserver.net/?app=wbe"
CHR Profile: C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default [2018-06-15]
CHR Extension: (Adblock Plus) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-23]
CHR Extension: (Glance Networks) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gniobnbbehpgbcamkdplghfimhocklgb [2018-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Jennifer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKU\S-1-5-21-523771415-2389090635-2927461101-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [166912 2012-04-10] (Dell Products, LP.) [File not signed]
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2018-02-15] (Intuit Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl73ce2ad3; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C0F19405-713C-4D07-AB6C-DA624E846100}\MpKsl73ce2ad3.sys [58120 2018-06-15] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-15 16:16 - 2018-06-15 16:17 - 000018116 _____ C:\Users\Jennifer\Downloads\FRST.txt
2018-06-15 16:16 - 2018-06-15 16:16 - 002413056 _____ (Farbar) C:\Users\Jennifer\Downloads\FRST64.exe
2018-06-15 16:16 - 2018-06-15 16:16 - 000000000 ____D C:\FRST
2018-06-15 14:00 - 2018-06-15 14:00 - 077714448 _____ (Malwarebytes ) C:\Users\Jennifer\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5480.exe
2018-06-15 13:45 - 2018-06-15 14:33 - 000001160 _____ C:\Users\Jennifer\Desktop\BugbearRemovalLog.txt
2018-06-15 13:44 - 2018-06-15 13:44 - 000668792 _____ C:\Users\Jennifer\Downloads\bremove.exe
2018-06-13 11:40 - 2018-05-28 22:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 11:40 - 2018-05-25 01:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 11:40 - 2018-05-25 00:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 11:40 - 2018-05-25 00:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 11:40 - 2018-05-24 23:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 11:40 - 2018-05-24 23:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 11:40 - 2018-05-14 23:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 11:40 - 2018-05-14 23:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 11:40 - 2018-05-14 23:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 11:40 - 2018-05-14 23:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 11:39 - 2018-05-29 16:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 11:39 - 2018-05-29 15:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 11:39 - 2018-05-28 22:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 11:39 - 2018-05-28 22:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 11:39 - 2018-05-28 22:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-13 11:39 - 2018-05-28 22:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-13 11:39 - 2018-05-28 22:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-13 11:39 - 2018-05-28 22:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-13 11:39 - 2018-05-28 22:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-13 11:39 - 2018-05-28 22:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 22:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-13 11:39 - 2018-05-28 22:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-13 11:39 - 2018-05-28 22:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-13 11:39 - 2018-05-28 22:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-13 11:39 - 2018-05-28 22:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-13 11:39 - 2018-05-28 21:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-13 11:39 - 2018-05-28 21:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-13 11:39 - 2018-05-28 21:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-13 11:39 - 2018-05-28 21:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-13 11:39 - 2018-05-28 21:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-13 11:39 - 2018-05-28 21:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-13 11:39 - 2018-05-28 21:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-13 11:39 - 2018-05-28 21:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-13 11:39 - 2018-05-28 21:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 21:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 21:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 21:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-13 11:39 - 2018-05-28 21:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-13 11:39 - 2018-05-28 21:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-13 11:39 - 2018-05-28 21:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-13 11:39 - 2018-05-28 21:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-13 11:39 - 2018-05-28 21:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-13 11:39 - 2018-05-28 20:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 11:39 - 2018-05-25 00:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-13 11:39 - 2018-05-25 00:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-13 11:39 - 2018-05-25 00:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 11:39 - 2018-05-25 00:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-13 11:39 - 2018-05-25 00:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 11:39 - 2018-05-25 00:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-13 11:39 - 2018-05-25 00:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-13 11:39 - 2018-05-25 00:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-13 11:39 - 2018-05-25 00:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-13 11:39 - 2018-05-25 00:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-13 11:39 - 2018-05-25 00:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-13 11:39 - 2018-05-25 00:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 11:39 - 2018-05-25 00:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 11:39 - 2018-05-25 00:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-13 11:39 - 2018-05-25 00:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-13 11:39 - 2018-05-25 00:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-13 11:39 - 2018-05-25 00:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-13 11:39 - 2018-05-25 00:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-13 11:39 - 2018-05-25 00:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 11:39 - 2018-05-25 00:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-13 11:39 - 2018-05-25 00:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-13 11:39 - 2018-05-25 00:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-13 11:39 - 2018-05-25 00:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-13 11:39 - 2018-05-25 00:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-13 11:39 - 2018-05-25 00:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-13 11:39 - 2018-05-25 00:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-13 11:39 - 2018-05-25 00:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 11:39 - 2018-05-25 00:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-13 11:39 - 2018-05-25 00:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 11:39 - 2018-05-25 00:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-13 11:39 - 2018-05-25 00:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 11:39 - 2018-05-25 00:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-13 11:39 - 2018-05-25 00:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-13 11:39 - 2018-05-25 00:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 11:39 - 2018-05-25 00:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-13 11:39 - 2018-05-25 00:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 11:39 - 2018-05-25 00:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-13 11:39 - 2018-05-24 23:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-13 11:39 - 2018-05-24 23:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 11:39 - 2018-05-24 23:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 11:39 - 2018-05-24 23:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 11:39 - 2018-05-24 23:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 11:39 - 2018-05-24 23:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-13 11:39 - 2018-05-24 23:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-13 11:39 - 2018-05-24 23:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-13 11:39 - 2018-05-24 23:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-13 11:39 - 2018-05-24 23:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-13 11:39 - 2018-05-24 23:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 11:39 - 2018-05-24 23:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 11:39 - 2018-05-24 23:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-13 11:39 - 2018-05-24 23:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 11:39 - 2018-05-24 23:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 11:39 - 2018-05-24 23:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 11:39 - 2018-05-24 23:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 11:39 - 2018-05-24 23:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 11:39 - 2018-05-24 23:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-13 11:39 - 2018-05-24 23:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 11:39 - 2018-05-24 23:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 11:39 - 2018-05-24 23:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 11:39 - 2018-05-24 23:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 11:39 - 2018-05-24 23:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 11:39 - 2018-05-15 00:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 11:39 - 2018-05-14 23:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 11:39 - 2018-05-14 23:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-13 11:39 - 2018-05-14 23:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-13 11:39 - 2018-05-14 23:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-13 11:39 - 2018-05-14 23:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 11:39 - 2018-05-14 23:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-13 11:39 - 2018-05-14 23:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-13 11:39 - 2018-05-14 23:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-13 11:39 - 2018-05-14 21:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 11:39 - 2018-05-14 21:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 11:39 - 2018-05-11 22:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-13 11:39 - 2018-05-11 22:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 11:39 - 2018-05-11 22:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-13 11:39 - 2018-05-11 17:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 11:39 - 2018-05-11 17:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-13 11:39 - 2018-05-11 17:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-13 11:39 - 2018-05-10 20:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 11:39 - 2018-05-10 20:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 11:39 - 2018-05-10 20:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-13 11:39 - 2018-04-06 12:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 11:39 - 2018-04-06 12:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-08 09:09 - 2018-06-08 09:09 - 000005779 _____ C:\Users\Jennifer\Desktop\Chrome Passwords.csv
2018-06-04 13:20 - 2018-06-04 13:20 - 003333588 _____ C:\Users\Jennifer\Downloads\mobileGuide2.0(1).pdf
2018-06-04 13:20 - 2018-06-04 13:20 - 000490863 _____ C:\Users\Jennifer\Downloads\Credit Card Transactions.pdf
2018-06-04 13:19 - 2018-06-04 13:19 - 000135184 _____ C:\Users\Jennifer\Downloads\DataInsure TOS 3.2018.pdf
2018-06-04 13:19 - 2018-06-04 13:19 - 000005077 _____ C:\Users\Jennifer\Downloads\Notice to Cease Bankcard Processing.pdf
2018-06-04 12:01 - 2018-06-04 12:01 - 000042476 _____ C:\Users\Jennifer\Downloads\ComprehensiveStatement.pdf
2018-06-04 11:19 - 2018-06-04 11:19 - 000710770 _____ C:\Users\Jennifer\Downloads\2018-05-09.pdf
2018-05-31 12:00 - 2018-05-31 12:00 - 000027387 _____ C:\Users\Jennifer\Desktop\Transactions_transaction_report_789383.pdf
2018-05-31 11:58 - 2018-05-31 11:58 - 000027387 _____ C:\Users\Jennifer\Downloads\Transactions_transaction_report_789383.pdf
2018-05-31 08:50 - 2018-05-31 08:50 - 000007627 _____ C:\Users\Jennifer\Downloads\trk709111879.pdf
2018-05-29 15:54 - 2018-05-29 15:54 - 000013628 _____ C:\Users\Jennifer\Desktop\cartController3.pdf
2018-05-29 15:52 - 2018-05-29 15:52 - 000013620 _____ C:\Users\Jennifer\Desktop\cartController2.pdf
2018-05-29 15:49 - 2018-05-29 15:49 - 000013628 _____ C:\Users\Jennifer\Desktop\cartController.pdf
2018-05-29 12:19 - 2018-05-29 12:19 - 001068876 _____ C:\Users\Jennifer\Downloads\Kauffman App (2).pdf
2018-05-29 12:13 - 2018-05-29 12:54 - 000000000 ____D C:\Users\Jennifer\Documents\DataInsure
2018-05-29 10:26 - 2018-05-29 10:26 - 028898814 _____ C:\Users\Jennifer\Downloads\Warf Pleric.pdf
2018-05-29 10:05 - 2018-05-29 10:05 - 000019690 _____ C:\Users\Jennifer\Downloads\Pentair Invoice 908247937.PDF
2018-05-29 10:05 - 2018-05-29 10:05 - 000016637 _____ C:\Users\Jennifer\Downloads\2018.pdf
2018-05-29 09:31 - 2018-05-29 09:31 - 001133945 _____ C:\Users\Jennifer\Downloads\BENEFIT MALL ADDRESS CHANGE RACHEL DICOMO KAUFFMAN ELECTRIC.pdf
2018-05-25 14:42 - 2018-05-25 14:42 - 000237325 _____ C:\Users\Jennifer\Downloads\Ridgely Survey Results Letter - FRD.pdf
2018-05-25 14:37 - 2018-05-25 14:37 - 000239199 _____ C:\Users\Jennifer\Downloads\Letter to Ridgely Board - 5-24-18.PDF
2018-05-23 08:04 - 2018-05-23 08:04 - 000417407 _____ C:\Users\Jennifer\Documents\Ridgely Amendment.pdf
2018-05-17 15:02 - 2018-05-17 15:02 - 001061568 _____ C:\Users\Jennifer\Downloads\Kauffman App (1).pdf
2018-05-17 11:53 - 2018-05-17 11:53 - 000102224 _____ C:\Users\Jennifer\Downloads\IC Plus KAUFFMAN ELECTRIC CO INC 178241291990 05-02-2018 11_40  AM (1).pdf
2018-05-16 12:42 - 2018-05-16 15:03 - 000000000 ____D C:\RetroArch
2018-05-16 12:34 - 2018-05-16 12:41 - 000000000 ____D C:\Program Files (x86)\RetroArch
2018-05-16 12:24 - 2018-05-16 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-05-16 12:24 - 2018-05-16 12:24 - 000000000 ____D C:\Program Files\7-Zip
2018-05-16 12:23 - 2018-05-16 12:28 - 000000000 ____D C:\Users\Jennifer\Desktop\SORT N FILE
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-15 13:03 - 2013-03-31 11:32 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2018-06-15 13:03 - 2013-03-31 11:32 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2018-06-15 13:03 - 2013-03-31 11:17 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2018-06-15 04:31 - 2009-07-14 00:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-15 04:31 - 2009-07-14 00:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-14 04:03 - 2009-07-14 01:13 - 000798066 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-14 04:03 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-06-14 04:00 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache
2018-06-14 03:23 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-14 03:20 - 2018-02-09 13:26 - 000000000 ____D C:\Users\Jennifer\AppData\Roaming\MusicBee
2018-06-14 03:05 - 2013-08-14 16:25 - 000000000 ____D C:\Windows\system32\MRT
2018-06-14 03:03 - 2017-10-11 10:32 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-14 03:03 - 2013-06-04 09:57 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-13 23:11 - 2017-12-22 14:24 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 07:38 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-08 08:24 - 2017-12-26 12:16 - 000000000 ____D C:\Users\Jennifer\AppData\Roaming\vlc
2018-06-07 18:23 - 2013-03-31 10:59 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-07 18:23 - 2013-03-31 10:59 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-07 18:23 - 2013-03-31 10:59 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-07 18:23 - 2013-03-31 10:59 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-07 18:23 - 2013-03-31 10:59 - 000000000 ____D C:\Windows\system32\Macromed
2018-06-06 10:40 - 2018-03-26 10:00 - 000000000 ____D C:\Users\Jennifer\Desktop\backups
2018-05-23 12:15 - 2018-03-01 16:30 - 000000000 ____D C:\Users\Jennifer\Desktop\HARBORTECH
2018-05-20 13:09 - 2018-01-29 14:24 - 000000090 _____ C:\Windows\QBChanUtil_Trigger.ini
2018-05-18 14:28 - 2013-06-06 09:50 - 000000000 ____D C:\Users\Jennifer\AppData\Local\ElevatedDiagnostics
2018-05-18 03:04 - 2014-08-18 10:29 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 03:04 - 2014-08-18 10:29 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 16:22 - 2018-03-23 12:27 - 000000000 ____D C:\Users\Jennifer\Documents\INVOICES AP
2018-05-16 10:08 - 2017-12-21 15:37 - 000000000 ____D C:\Users\Jennifer\Documents\INVOICES AR
2018-05-16 09:54 - 2013-06-04 15:07 - 000000000 ____D C:\Users\Jennifer\Documents\Finance
 
Some files in TEMP:
====================
2018-04-20 13:24 - 2018-04-20 13:31 - 001322456 _____ (Glance Networks, Inc.                                       ) C:\Users\Administrator\AppData\Local\Temp\GlanceGuestSetup_3.8.10.56.exe
2018-01-29 14:29 - 2010-09-24 13:32 - 000226672 _____ () C:\Users\Jennifer\AppData\Local\Temp\Abspdf.exe
2018-01-29 14:29 - 2012-01-05 14:43 - 000749715 _____ (AMYUNI Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\acfpdfu.dll
2018-01-29 14:29 - 2012-01-05 14:43 - 000947200 _____ (AMYUNI Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\acfpdfuamd64.dll
2018-01-29 14:29 - 2012-01-05 14:43 - 000407269 _____ (AMYUNI Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\acfpdfui.dll
2018-01-29 14:29 - 2006-07-12 17:11 - 001093632 _____ (AMYUNI Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\acfpdfuia64.dll
2018-01-29 14:29 - 2012-01-05 14:43 - 000430592 _____ (AMYUNI Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\acfpdfuiamd64.dll
2018-01-29 14:29 - 2006-07-12 17:11 - 000346112 _____ (AMYUNI Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\acfpdfuiia64.dll
2018-01-29 14:29 - 2012-01-05 14:43 - 004218880 _____ (Amyuni Technologies
http://www.amyuni.com) C:\Users\Jennifer\AppData\Local\Temp\cdintf.dll
2018-02-01 14:45 - 2018-02-01 14:45 - 001207896 _____ (Glance Networks, Inc.                                       ) C:\Users\Jennifer\AppData\Local\Temp\GlanceGuestSetup_3.7.2.11.exe
2018-04-20 10:05 - 2018-04-20 11:07 - 001322456 _____ (Glance Networks, Inc.                                       ) C:\Users\Jennifer\AppData\Local\Temp\GlanceGuestSetup_3.8.10.56.exe
2011-03-14 08:31 - 2011-03-14 08:31 - 000149352 _____ (Microsoft Corporation) C:\Users\Jennifer\AppData\Local\Temp\ose00000.exe
2018-01-29 14:29 - 2011-07-20 11:18 - 000042264 _____ (Tri-Sector, Inc.) C:\Users\Jennifer\AppData\Local\Temp\PDFPRT400.exe
2018-04-20 14:38 - 2018-04-20 14:38 - 014769392 _____ (Reimage) C:\Users\Jennifer\AppData\Local\Temp\ReimagePackage.exe
2018-01-29 14:29 - 2012-01-05 14:43 - 000121856 _____ (Microsoft Corporation) C:\Users\Jennifer\AppData\Local\Temp\xmllite.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-07 00:41
 
==================== End of FRST.txt ============================

And the addition for PC 03

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by Jennifer (15-06-2018 16:17:46)
Running from C:\Users\Jennifer\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-06-04 13:23:00)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-523771415-2389090635-2927461101-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-523771415-2389090635-2927461101-501 - Limited - Disabled)
Jennifer (S-1-5-21-523771415-2389090635-2927461101-1000 - Administrator - Enabled) => C:\Users\Jennifer
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Brother MFL-Pro Suite MFC-7860DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.8.0 - Conexant)
Convert XLS (HKLM-x32\...\Convert XLS_is1) (Version:  - Softinterface, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{9DDFE322-6BA0-4F90-8689-D98382492371}) (Version: 2.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\{0090A87C-3E0E-43D4-AA71-A71B06563A4A}) (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
GlanceGuest version 3.8.10.56 (HKLM-x32\...\{F5AC5408-CC29-47C0-AD53-1BBBF268B364}_is1) (Version: 3.8.10.56 - Glance Networks, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{F144E07C-4019-4092-BE25-B57819C97D2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
QuickBooks (HKLM-x32\...\{48011BF6-E0BC-4B49-9DCA-C7144EF0C01E}) (Version: 28.0.4006.2806 - Intuit Inc.) Hidden
QuickBooks Premier Edition 2018 (HKLM-x32\...\{7A626F39-A185-4566-9982-9995287CED26}) (Version: 28.0.4005.2806 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickBooks_VC10_Debug (HKLM-x32\...\{2421E8FE-AE35-493A-94F5-66307E006ECF}) (Version: 1.00.0000 - Intuit Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Workspace Desktop (HKU\S-1-5-21-523771415-2389090635-2927461101-1000\...\workspacedesktop) (Version:  - Starfield Technologies)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-523771415-2389090635-2927461101-1000_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\Jennifer\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-523771415-2389090635-2927461101-1000_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Jennifer\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technology, LLC)
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2018-03-27] (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2018-03-27] (Starfield Technologies, LLC)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-03-19] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {031A46ED-66B7-4D5C-8911-31CEC0AEFC7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {139B5600-1103-4331-AB5E-DF483ECE68FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2CAAB421-A1CD-4878-899A-4FA787F170CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {7B1977DF-41E5-4E92-8E9F-B08C7DD0369F} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [2018-04-27] (Intuit Inc.)
Task: {915BA79D-EECE-430A-8F03-6798B79DA79E} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {98F43FFD-C530-43E7-BEC6-03FD3B43FD3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {CE9C4E4B-0901-46DB-AE22-22DC4A4AFDA2} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-06-06 09:46 - 2012-12-04 20:33 - 000065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP2030PP.DLL
2013-03-31 12:42 - 2012-03-19 19:09 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-03-31 11:17 - 2012-01-26 22:49 - 002751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2018-06-13 23:10 - 2018-06-12 01:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-13 23:10 - 2018-06-12 01:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-05-11 03:41 - 2018-05-11 03:41 - 000172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2975ab1f8fc71190f0a11fd7b5ac10dd\IsdiInterop.ni.dll
2013-03-31 11:12 - 2012-02-01 17:25 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-03-31 11:10 - 2011-12-16 14:39 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2018-02-05 13:04 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2009-06-10 17:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-523771415-2389090635-2927461101-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jennifer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{AABB63D6-527F-41BC-8B9E-07A03E801626}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{13FF837C-3966-484D-985F-3CD2563E92F9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7C18C225-3F7E-464B-A7B4-1AE5708BBEFF}] => (Allow) LPort=2869
FirewallRules: [{0A163404-4E59-4D7A-A3B3-69D58A930DA6}] => (Allow) LPort=1900
FirewallRules: [{BA8B32E4-1C31-4870-9B82-4EFBF30D243E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5F87C6B7-B4B1-4006-A6F6-BC2FC4918C29}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{7785A5C0-5B95-46B1-8D99-F5C4B866B6B0}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{4AA633A1-EF1E-464B-B2DA-7E3FFF99929F}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E1330AC6-D85B-48B3-824F-3725015F1701}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{076ABD81-A3DD-4353-B2F4-6428B6A67F90}] => (Allow) LPort=3389
FirewallRules: [{13F44A05-FE2D-4435-BCCE-4BA7ECDAB2DA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
06-06-2018 03:00:11 Windows Update
07-06-2018 03:00:11 Windows Update
08-06-2018 03:00:11 Windows Update
08-06-2018 16:13:40 Windows Update
12-06-2018 09:31:15 Windows Update
13-06-2018 03:00:22 Windows Update
14-06-2018 03:00:12 Windows Update
15-06-2018 03:00:11 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/14/2018 03:24:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (06/11/2018 12:34:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (06/08/2018 09:41:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmprph.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd018
Faulting module name: wmp.dll, version: 12.0.7601.23930, time stamp: 0x59debe22
Exception code: 0xc0000005
Fault offset: 0x00000000004af2e4
Faulting process id: 0xb0cc
Faulting application start time: 0x01d3ff23bc2b91f0
Faulting application path: C:\Program Files\Windows Media Player\wmprph.exe
Faulting module path: C:\Windows\system32\wmp.dll
Report Id: 98586ed0-6b21-11e8-a9ea-a41f726f2535
 
Error: (06/06/2018 12:09:26 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
Got unexpected error 5 in call to NetShareGetInfo for path \\QB-PC\Intuit\QuickBooks\Company Files\Kauffman Electric.qbw
 
Error: (06/06/2018 12:09:24 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
Got unexpected error 5 in call to NetShareGetInfo for path \\QB-PC\Intuit\QuickBooks\Company Files\Kauffman Electric.qbw
 
Error: (06/06/2018 12:09:13 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
QB_ReadOnly_engine_28 failed to stop with DMError message: Unable to shutdown server, DMError code:-6012, DB Error code:-100
 
Error: (06/06/2018 12:09:13 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
DB error -100 ErrorMessage:'Database server not found'
 
Error: (06/06/2018 10:38:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wben.exe, version: 2.0.26.79, time stamp: 0x544564e6
Faulting module name: ntdll.dll, version: 6.1.7601.24117, time stamp: 0x5add1d8d
Exception code: 0xc00000fd
Fault offset: 0x000222f8
Faulting process id: 0xddc
Faulting application start time: 0x01d3f9e9656ff755
Faulting application path: C:\Users\Jennifer\AppData\Local\Workspace\wben.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 53a2ab8c-6997-11e8-a9ea-a41f726f2535
 
 
System errors:
=============
Error: (06/15/2018 03:00:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition.
 
Error: (06/14/2018 03:41:31 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{60453BED-9A25-494E-87FD-45817E3517D0}.
The backup browser is stopping.
 
Error: (06/14/2018 03:26:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/14/2018 03:03:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition.
 
Error: (06/13/2018 08:11:38 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{60453BED-9A25-494E-87FD-45817E3517D0}.
The backup browser is stopping.
 
Error: (06/13/2018 03:10:18 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 119.0.0.0
 
Update Source: Microsoft Malware Protection Center
 
Update Stage: Search
 
 
Signature Type: Network Inspection System
 
Update Type: Full
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: 
 
Previous Engine Version: 2.1.14600.4
 
Error code: 0x80072ee7
 
Error description: The server name or address could not be resolved
 
Error: (06/13/2018 03:10:18 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.269.1071.0
 
Update Source: Microsoft Malware Protection Center
 
Update Stage: Search
 
 
Signature Type: AntiSpyware
 
Update Type: Full
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: 
 
Previous Engine Version: 1.1.14901.4
 
Error code: 0x80072ee7
 
Error description: The server name or address could not be resolved
 
Error: (06/13/2018 03:10:18 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Microsoft Antimalware has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.269.1071.0
 
Update Source: Microsoft Malware Protection Center
 
Update Stage: Search
 
 
Signature Type: AntiVirus
 
Update Type: Full
 
User: NT AUTHORITY\NETWORK SERVICE
 
Current Engine Version: 
 
Previous Engine Version: 1.1.14901.4
 
Error code: 0x80072ee7
 
Error description: The server name or address could not be resolved
 
 
CodeIntegrity:
===================================
 
Date: 2018-03-22 09:12:55.027
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 75%
Total physical RAM: 3967.54 MB
Available physical RAM: 963.11 MB
Total Virtual: 7933.25 MB
Available Virtual: 5038.63 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:912.9 GB) (Free:811.6 GB) NTFS
 
\\?\Volume{81b21244-9a23-11e2-b453-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:18.57 GB) (Free:11.09 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 9569E5E9)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=18.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912.9 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:54 PM

Posted 20 June 2018 - 01:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/679138 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 21 June 2018 - 08:19 AM

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.

I suspected that there may be a virus called Bugbear on a refurbished computer I recently purchased because it displayed one of the primary symptoms; namely, the connected printer printing as many pages of gibberish (anywhere from one single character to one line, no more) as it had paper. Prior to coming to bleeping computer I ran my native security scan (windows defender), as well as downloaded and ran a Mcafee tool specifically designed to find and eliminate bugbear. Both indicated that I do not have the virus, but the following day the issue with the printer persisted. I downloaded and ran Malwarebytes, also indicated no issues. There are 2 other PCs on the USB hub to which the printer connects, both have followed the same protocols. The FRST logs for those 3 PCs are posted above. The other 2 pcs on the network at large have also done the same initial scanning steps with the same results.

 

  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    I'll post that below shortly.
     
  • Please tell us if you have your original Windows CD/DVD available.
    I do for every PC except the refurbished one.


#6 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 21 June 2018 - 08:24 AM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by DiComo (administrator) on DESKTOP-T376LOA (21-06-2018 09:20:24)
Running from C:\Users\DiComo\Desktop\Assessment
Loaded Profiles: DiComo (Available Profiles: DiComo)
Platform: Windows 10 Pro Version 1709 16299.492 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Elavon) C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectService.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdatesvr.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
() C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\RDMAppman.exe
(RDM Corporation) C:\Program Files (x86)\RDM Corporation\Check Imaging\SCI\Service\RdmScannerService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\RDMAppweb.exe
(Elavon) C:\Program Files (x86)\Elavon\ConvergeConnect\CWSWrapper.exe
(Oracle Corporation) C:\Program Files (x86)\Elavon\ConvergeConnect\jre7\bin\java.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Elavon) C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectAdmin.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\Maps.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2917632 2015-05-27] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-06-06]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-06-06]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-06-06]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2018\QBW32.EXE (Intuit Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{64e850ca-2fcd-4ba0-bdb1-d6105c7c686c}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
Handler-x32: intu-help-qb11 - {5AFDE6E8-AD0F-450B-818F-21D1CDC2E3EE} - C:\Program Files (x86)\Intuit\QuickBooks 2018\HelpAsyncPluggableProtocol.dll [2018-04-27] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
 
Edge: 
======
Edge Extension: (No Name) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-06-06]
 
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aijAFC8; C:\Program Files (x86)\Payment Terminal\Updater.exe [723576 2017-02-24] (Verosa, LLC.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., Ltd.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ConvergeConnectService; C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectService.exe [52224 2018-02-23] (Elavon) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329192 2016-06-02] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdatesvr.exe [133376 2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2017-08-11] (Intuit Inc.) [File not signed]
R2 RDMAppweb; C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\rdmappman.exe [16896 2017-04-24] () [File not signed]
R2 RdmScannerService; C:\Program Files (x86)\RDM Corporation\Check Imaging\SCI\Service\RDMScannerService.exe [20992 2017-04-28] (RDM Corporation) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-06] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-06] (Microsoft Corporation)
S3 wpscloudsvr; C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [22864 2016-10-27] (OSR Open Systems Resources, Inc.)
R3 Ingenico_enum; C:\Windows\System32\drivers\Ingenico_enum.sys [79872 2013-02-14] (Jungo)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-18] (Malwarebytes)
S3 smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46072 2018-06-06] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [313384 2018-06-06] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-06] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-18 10:19 - 2018-06-18 10:19 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-18 10:14 - 2018-06-18 10:18 - 000000000 ____D C:\AdwCleaner
2018-06-18 10:04 - 2018-06-18 10:04 - 000001927 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-18 10:04 - 2018-06-18 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-18 10:04 - 2018-06-18 10:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-18 10:04 - 2018-06-18 10:04 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-18 10:04 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-15 14:48 - 2018-06-21 09:20 - 000000000 ____D C:\FRST
2018-06-15 13:01 - 2018-06-21 09:20 - 000000000 ____D C:\Users\DiComo\Desktop\Assessment
2018-06-13 11:10 - 2018-06-08 13:26 - 021754880 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-06-13 11:10 - 2018-06-08 13:26 - 017084928 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-06-13 11:10 - 2018-06-08 13:03 - 003331520 _____ C:\Windows\system32\Windows.Mirage.dll
2018-06-13 11:10 - 2018-06-08 12:59 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-06-13 11:10 - 2018-06-08 12:58 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2018-06-13 11:10 - 2018-06-08 07:42 - 002491120 _____ C:\Windows\SysWOW64\Windows.Mirage.dll
2018-06-13 11:10 - 2018-06-08 07:41 - 000618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 11:10 - 2018-06-08 03:36 - 001568160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-06-13 11:10 - 2018-06-08 03:36 - 000137120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-06-13 11:10 - 2018-06-08 03:35 - 001093040 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 11:10 - 2018-06-08 03:35 - 000924656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-06-13 11:10 - 2018-06-08 03:35 - 000300448 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-06-13 11:10 - 2018-06-08 03:35 - 000069536 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-06-13 11:10 - 2018-06-08 03:34 - 000748472 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-06-13 11:10 - 2018-06-08 03:34 - 000423352 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 002002336 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-06-13 11:10 - 2018-06-08 03:33 - 001206688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-06-13 11:10 - 2018-06-08 03:33 - 001056184 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-06-13 11:10 - 2018-06-08 03:33 - 000608160 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000461216 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000269720 _____ C:\Windows\system32\FaceProcessorCore.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2018-06-13 11:10 - 2018-06-08 03:33 - 000035232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-06-13 11:10 - 2018-06-08 03:32 - 001638432 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000664992 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000272288 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2018-06-13 11:10 - 2018-06-08 03:32 - 000077216 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-06-13 11:10 - 2018-06-08 03:30 - 008594848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 11:10 - 2018-06-08 03:30 - 002514944 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 11:10 - 2018-06-08 03:30 - 001953544 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 11:10 - 2018-06-08 03:30 - 001416360 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 11:10 - 2018-06-08 03:29 - 002395040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 11:10 - 2018-06-08 03:29 - 001849760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-06-13 11:10 - 2018-06-08 03:29 - 001210272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 11:10 - 2018-06-08 03:29 - 000937376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2018-06-13 11:10 - 2018-06-08 03:29 - 000028576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2018-06-13 11:10 - 2018-06-08 03:27 - 001173584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 11:10 - 2018-06-08 03:27 - 000377760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-06-13 11:10 - 2018-06-08 03:26 - 000712456 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 11:10 - 2018-06-08 03:26 - 000540064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-06-13 11:10 - 2018-06-08 03:25 - 003903784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-06-13 11:10 - 2018-06-08 03:25 - 000525728 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2018-06-13 11:10 - 2018-06-08 03:24 - 007675792 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 006282280 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 003009736 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 002711248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 001488288 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 001029536 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2018-06-13 11:10 - 2018-06-08 03:24 - 000967584 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2018-06-13 11:10 - 2018-06-08 03:24 - 000891808 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2018-06-13 11:10 - 2018-06-08 03:24 - 000247712 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 021357336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 004486400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 002472888 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 002412688 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 000824904 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 000706464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2018-06-13 11:10 - 2018-06-08 03:23 - 000677304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 11:10 - 2018-06-08 03:23 - 000137552 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 006791992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 003180176 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 001358496 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 001269640 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 000688072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 000093624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-06-13 11:10 - 2018-06-08 03:22 - 000054376 _____ (Microsoft Corporation) C:\Windows\system32\kernel.appcore.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 007385096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 004507096 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 001779960 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 001206104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 000594080 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 11:10 - 2018-06-08 03:21 - 000260904 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 11:10 - 2018-06-08 03:20 - 001101216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-06-13 11:10 - 2018-06-08 02:26 - 025256960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-06-13 11:10 - 2018-06-08 02:21 - 001931256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 11:10 - 2018-06-08 02:21 - 001614168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 11:10 - 2018-06-08 02:21 - 000777912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 11:10 - 2018-06-08 02:19 - 001433360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2018-06-13 11:10 - 2018-06-08 02:18 - 000212920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-06-13 11:10 - 2018-06-08 02:18 - 000097160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 11:10 - 2018-06-08 02:10 - 003485400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2018-06-13 11:10 - 2018-06-08 02:10 - 002338272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2018-06-13 11:10 - 2018-06-08 02:10 - 001124768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 017161216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 006092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 002993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 002193688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 000832952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2018-06-13 11:10 - 2018-06-08 02:09 - 000791968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2018-06-13 11:10 - 2018-06-08 02:09 - 000592800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2018-06-13 11:10 - 2018-06-08 02:09 - 000098304 _____ C:\Windows\system32\runexehelper.exe
2018-06-13 11:10 - 2018-06-08 02:08 - 020290256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 003979696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 003663360 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-06-13 11:10 - 2018-06-08 02:08 - 001990672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 001075984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 000640024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2018-06-13 11:10 - 2018-06-08 02:08 - 000543920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 002386320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000975360 _____ C:\Windows\system32\FaceProcessor.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-06-13 11:10 - 2018-06-08 02:07 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2018-06-13 11:10 - 2018-06-08 02:07 - 000047608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel.appcore.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 006481096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 006015208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 004668688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 002890240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 001524784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 001131696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 000551696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2018-06-13 11:10 - 2018-06-08 02:06 - 000129208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 11:10 - 2018-06-08 02:05 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 11:10 - 2018-06-08 02:05 - 000331264 _____ (Microsoft Corporation) C:\Windows\system32\browserexport.exe
2018-06-13 11:10 - 2018-06-08 02:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\hidparse.sys
2018-06-13 11:10 - 2018-06-08 02:05 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 11:10 - 2018-06-08 02:05 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\GamePanelExternalHook.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 005195776 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 001925120 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-06-13 11:10 - 2018-06-08 02:04 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-06-13 11:10 - 2018-06-08 02:03 - 000675328 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-06-13 11:10 - 2018-06-08 02:03 - 000532480 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-06-13 11:10 - 2018-06-08 02:03 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 001498112 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 11:10 - 2018-06-08 02:02 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 023678464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000652288 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000623616 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2018-06-13 11:10 - 2018-06-08 02:01 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 11:10 - 2018-06-08 02:00 - 012833792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 003180032 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 001495552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 000354304 _____ (Microsoft Corporation) C:\Windows\system32\WwaApi.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 000258560 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 008432640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 003124224 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 002596352 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2018-06-13 11:10 - 2018-06-08 01:59 - 001297920 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2018-06-13 11:10 - 2018-06-08 01:59 - 001116672 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 001043968 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2018-06-13 11:10 - 2018-06-08 01:59 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 008068608 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 005833216 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 004723712 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 002211840 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 11:10 - 2018-06-08 01:58 - 002083840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 11:10 - 2018-06-08 01:57 - 004772352 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 002628608 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 002086400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-06-13 11:10 - 2018-06-08 01:57 - 001812992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001597952 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001345024 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001238016 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 001135104 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2018-06-13 11:10 - 2018-06-08 01:57 - 000808960 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 002528768 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 002035712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 000969728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-13 11:10 - 2018-06-08 01:55 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\DbgModel.dll
2018-06-13 11:10 - 2018-06-08 01:53 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2018-06-13 11:10 - 2018-06-08 01:52 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-06-13 11:10 - 2018-06-08 01:52 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-06-13 11:10 - 2018-06-08 01:52 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 002902528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-06-13 11:10 - 2018-06-08 01:46 - 002393600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 000309248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-06-13 11:10 - 2018-06-08 01:46 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2018-06-13 11:10 - 2018-06-08 01:45 - 018930688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-06-13 11:10 - 2018-06-08 01:45 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2018-06-13 11:10 - 2018-06-08 01:44 - 019358720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 11:10 - 2018-06-08 01:44 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-06-13 11:10 - 2018-06-08 01:43 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 11:10 - 2018-06-08 01:43 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2018-06-13 11:10 - 2018-06-08 01:42 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 013704704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 011924992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 000459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 000372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-06-13 11:10 - 2018-06-08 01:41 - 000369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 001277440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 000534016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 11:10 - 2018-06-08 01:40 - 000293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WwaApi.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000963584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2018-06-13 11:10 - 2018-06-08 01:39 - 000941568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 11:10 - 2018-06-08 01:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2018-06-13 11:10 - 2018-06-08 01:38 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 11:10 - 2018-06-08 01:38 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 11:10 - 2018-06-08 01:38 - 000235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 11:10 - 2018-06-08 01:36 - 006060032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-06-13 11:10 - 2018-06-08 01:36 - 003662848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 007812608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 004839424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 004384768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 002868736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 002014720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 11:10 - 2018-06-08 01:35 - 001565184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 001474560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 000955392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 000935424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2018-06-13 11:10 - 2018-06-08 01:35 - 000891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-13 11:10 - 2018-06-08 01:34 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DbgModel.dll
2018-06-13 11:10 - 2018-05-12 09:57 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\HolographicRuntimes.dll
2018-06-13 11:10 - 2018-05-12 09:56 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Feedback.Analog.dll
2018-06-13 11:10 - 2018-05-12 09:55 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2018-06-13 11:10 - 2018-05-12 09:55 - 000640000 _____ (Microsoft Corporation) C:\Windows\system32\HeadTrackerStorage.dll
2018-06-13 11:10 - 2018-05-12 09:53 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\HoloShellRuntime.dll
2018-06-13 11:10 - 2018-05-12 09:52 - 000421376 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2018-06-13 11:10 - 2018-05-12 09:52 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\SpatialStore.dll
2018-06-13 11:10 - 2018-05-11 19:15 - 000194456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-06-13 11:10 - 2018-05-11 19:15 - 000128408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-06-13 11:10 - 2018-05-11 19:14 - 000373656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-06-13 11:10 - 2018-05-11 19:14 - 000082840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-06-13 11:10 - 2018-05-11 19:10 - 002574232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-06-13 11:10 - 2018-05-11 19:10 - 000749976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-06-13 11:10 - 2018-05-11 19:10 - 000408984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-06-13 11:10 - 2018-05-11 19:09 - 000149400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2018-06-13 11:10 - 2018-05-11 19:09 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2018-06-13 11:10 - 2018-05-11 19:08 - 000757792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-06-13 11:10 - 2018-05-11 19:08 - 000428440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-06-13 11:10 - 2018-05-11 19:08 - 000362904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-06-13 11:10 - 2018-05-11 19:07 - 002711168 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2018-06-13 11:10 - 2018-05-11 19:07 - 002268024 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 19:07 - 001506200 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-06-13 11:10 - 2018-05-11 19:07 - 001084736 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001778584 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001628056 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001420696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 001051544 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000963992 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000831384 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000819096 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2018-06-13 11:10 - 2018-05-11 19:05 - 000813976 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000744856 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000670104 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000645528 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000616792 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-06-13 11:10 - 2018-05-11 19:05 - 000495000 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000397720 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2018-06-13 11:10 - 2018-05-11 19:05 - 000231320 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2018-06-13 11:10 - 2018-05-11 17:54 - 003198464 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2018-06-13 11:10 - 2018-05-11 17:54 - 001300992 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 002462704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 001456104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 001033576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2018-06-13 11:10 - 2018-05-11 17:53 - 001017048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:52 - 000909312 _____ (Microsoft Corporation) C:\Windows\system32\PayloadRestrictions.dll
2018-06-13 11:10 - 2018-05-11 17:52 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2018-06-13 11:10 - 2018-05-11 17:52 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-13 11:10 - 2018-05-11 17:51 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\mmgaproxystub.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 002186240 _____ (Microsoft Corporation) C:\Windows\system32\mmgaclient.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\aadauthhelper.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 11:10 - 2018-05-11 17:50 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 11:10 - 2018-05-11 17:49 - 001685504 _____ (Microsoft Corporation) C:\Windows\system32\mmgaserver.exe
2018-06-13 11:10 - 2018-05-11 17:48 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-13 11:10 - 2018-05-11 17:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2018-06-13 11:10 - 2018-05-11 17:48 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2018-06-13 11:10 - 2018-05-11 17:48 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-06-13 11:10 - 2018-05-11 17:47 - 000332800 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2018-06-13 11:10 - 2018-05-11 17:47 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2018-06-13 11:10 - 2018-05-11 17:46 - 000595456 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 11:10 - 2018-05-11 17:46 - 000403968 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2018-06-13 11:10 - 2018-05-11 17:45 - 000816128 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2018-06-13 11:10 - 2018-05-11 17:44 - 000930816 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-06-13 11:10 - 2018-05-11 17:42 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-06-13 11:10 - 2018-05-11 17:41 - 003630080 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-06-13 11:10 - 2018-05-11 17:40 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:40 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-13 11:10 - 2018-05-11 17:39 - 001717248 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-06-13 11:10 - 2018-05-11 17:38 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-06-13 11:10 - 2018-05-11 17:33 - 002762752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2018-06-13 11:10 - 2018-05-11 17:31 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PayloadRestrictions.dll
2018-06-13 11:10 - 2018-05-11 17:31 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-13 11:10 - 2018-05-11 17:31 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaproxystub.dll
2018-06-13 11:10 - 2018-05-11 17:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 001428480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaclient.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmgaserver.exe
2018-06-13 11:10 - 2018-05-11 17:29 - 000268288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadauthhelper.dll
2018-06-13 11:10 - 2018-05-11 17:29 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 11:10 - 2018-05-11 17:28 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2018-06-13 11:10 - 2018-05-11 17:28 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2018-06-13 11:10 - 2018-05-11 17:27 - 000236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudBackupSettings.dll
2018-06-13 11:10 - 2018-05-11 17:26 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2018-06-13 11:10 - 2018-05-11 17:26 - 000243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2018-06-13 11:10 - 2018-05-11 17:20 - 003430400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-06-13 11:10 - 2018-05-11 17:20 - 000821248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 11:10 - 2018-05-11 17:19 - 001353216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-06-11 16:21 - 2018-06-11 16:21 - 000000000 ____D C:\Users\DiComo\Documents\Backups
2018-06-11 11:36 - 2018-06-19 10:44 - 000000000 ____D C:\Users\DiComo\AppData\Local\Payment Terminal
2018-06-11 11:35 - 2018-06-19 10:46 - 000000000 ____D C:\ProgramData\Payment Terminal
2018-06-11 11:35 - 2018-06-11 11:35 - 000002075 _____ C:\Users\Public\Desktop\Payment Terminal.lnk
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Payment Terminal 17.2.1
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Payment Terminal
2018-06-11 11:35 - 2018-06-11 11:35 - 000000000 ____D C:\Program Files (x86)\Payment Terminal
2018-06-11 11:34 - 2018-06-11 11:34 - 000000000 ____D C:\Users\DiComo\AppData\Local\Downloaded Installations
2018-06-11 11:33 - 2018-06-11 11:33 - 000000000 ____D C:\Users\DiComo\AppData\Local\GoToAssist Remote Support Customer
2018-06-11 11:33 - 2018-06-11 11:33 - 000000000 ____D C:\Users\DiComo\AppData\Local\GoTo Opener
2018-06-08 15:48 - 2018-06-08 15:48 - 000000000 ____D C:\Users\DiComo\AppData\Local\DBG
2018-06-08 14:14 - 2018-06-08 14:14 - 000000000 ___RD C:\Users\DiComo\AppData\Roaming\Brother
2018-06-08 14:14 - 2018-06-08 14:14 - 000000000 ____D C:\Users\DiComo\AppData\LocalLow\Brother
2018-06-08 13:16 - 2018-06-13 17:38 - 000000742 _____ C:\Windows\Tasks\WpsKtpcntrQingTask_DiComo.job
2018-06-08 13:16 - 2018-06-13 17:38 - 000000448 _____ C:\Windows\Tasks\WpsExternal_20180608131656.job
2018-06-08 13:16 - 2018-06-13 17:38 - 000000426 _____ C:\Windows\Tasks\WpsUpdateTask_DiComo.job
2018-06-08 13:16 - 2018-06-08 13:17 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\kingsoft
2018-06-08 13:16 - 2018-06-08 13:16 - 000003710 _____ C:\Windows\System32\Tasks\WpsKtpcntrQingTask_DiComo
2018-06-08 13:16 - 2018-06-08 13:16 - 000003482 _____ C:\Windows\System32\Tasks\WpsExternal_20180608131656
2018-06-08 13:16 - 2018-06-08 13:16 - 000003448 _____ C:\Windows\System32\Tasks\WpsUpdateTask_DiComo
2018-06-08 13:16 - 2018-06-08 13:16 - 000002448 _____ C:\Users\DiComo\Desktop\WPS Writer.lnk
2018-06-08 13:16 - 2018-06-08 13:16 - 000002446 _____ C:\Users\DiComo\Desktop\WPS Presentation.lnk
2018-06-08 13:16 - 2018-06-08 13:16 - 000002430 _____ C:\Users\DiComo\Desktop\WPS Spreadsheets.lnk
2018-06-08 13:16 - 2018-06-08 13:16 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2018-06-08 13:16 - 2018-06-08 13:16 - 000000000 ____D C:\Users\DiComo\AppData\Local\Kingsoft
2018-06-08 13:16 - 2018-06-08 13:16 - 000000000 ____D C:\ProgramData\kingsoft
2018-06-08 13:05 - 2018-06-08 13:06 - 085382200 _____ (Kingsoft Corp. Ltd.) C:\Users\DiComo\Downloads\setup_wps_office_2016_business.exe
2018-06-08 12:40 - 2018-06-11 10:40 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\ControlCenter4
2018-06-08 12:37 - 2018-06-08 12:37 - 000002139 _____ C:\Users\Public\Desktop\Brother Utilities.lnk
2018-06-08 12:37 - 2018-06-08 12:37 - 000000258 _____ C:\Windows\Brpfx04a.ini
2018-06-08 12:37 - 2018-06-08 12:37 - 000000066 _____ C:\Windows\Brfaxrx.ini
2018-06-08 12:37 - 2018-06-08 12:37 - 000000064 _____ C:\Windows\brpcfx.ini
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Users\Public\Documents\BrFaxRx
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\ProgramData\ControlCenter4
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Program Files (x86)\ControlCenter4
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Program Files (x86)\Browny02
2018-06-08 12:37 - 2018-06-08 12:37 - 000000000 ____D C:\Brother
2018-06-08 12:37 - 2012-09-10 16:31 - 000245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2018-06-08 12:37 - 2012-07-31 03:39 - 001439744 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi209d.dll
2018-06-08 12:37 - 2012-07-09 17:19 - 000005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2018-06-08 12:37 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll
2018-06-08 12:37 - 2010-06-07 07:18 - 000050688 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrUsi09d.dll
2018-06-08 12:37 - 2010-04-01 06:27 - 000278528 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrJDec.dll
2018-06-08 12:37 - 2010-03-15 19:45 - 000073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2018-06-08 12:37 - 2009-12-08 16:19 - 000290304 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrfxDA5c.dll
2018-06-08 12:37 - 2007-12-13 22:16 - 000005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2018-06-08 12:37 - 2003-11-28 18:57 - 000000000 _____ C:\Windows\brdfxspd.dat
2018-06-08 10:55 - 2018-06-08 10:55 - 000000593 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloads.lnk
2018-06-08 10:55 - 2018-06-08 10:55 - 000000593 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2018-06-08 10:55 - 2018-06-08 10:55 - 000000590 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2018-06-08 10:46 - 2018-06-08 12:37 - 000000000 ____D C:\Program Files (x86)\Brother
2018-06-08 09:59 - 2018-06-08 09:59 - 000000000 ____D C:\Users\DiComo\Documents\Accounts Receivable
2018-06-08 09:55 - 2018-06-08 15:04 - 000000000 ____D C:\Users\DiComo\Documents\Reference Materials
2018-06-07 14:16 - 2018-06-05 19:24 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-07 14:16 - 2018-06-05 19:24 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-07 13:15 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\LocalLow\Adobe
2018-06-07 13:15 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\Local\CEF
2018-06-07 13:14 - 2018-06-07 13:15 - 000000000 ____D C:\ProgramData\Adobe
2018-06-07 13:14 - 2018-06-07 13:14 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-06-07 13:14 - 2018-06-07 13:14 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-06-07 13:14 - 2018-06-07 13:14 - 000002139 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-06-07 13:14 - 2018-06-07 13:14 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-06-07 13:12 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\Local\Adobe
2018-06-07 12:00 - 2018-06-07 12:00 - 000003324 _____ C:\Windows\System32\Tasks\ConvergeConnect
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Elavon
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ingenico
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\ProgramData\Elavon
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\Program Files\DIFX
2018-06-07 12:00 - 2018-06-07 12:00 - 000000000 ____D C:\Program Files (x86)\RDM Corporation
2018-06-07 12:00 - 2017-04-28 15:45 - 000052632 _____ (Cypress Semiconductor) C:\Windows\SysWOW64\Drivers\RDMSIM.sys
2018-06-07 12:00 - 2017-04-28 15:45 - 000027704 _____ (RDM Corp.) C:\Windows\SysWOW64\Drivers\ustp2x64.sys
2018-06-07 11:59 - 2018-06-07 11:59 - 000000000 ____D C:\Program Files (x86)\Elavon
2018-06-07 11:46 - 2018-06-07 11:52 - 252709144 _____ (Elavon) C:\Users\DiComo\Downloads\ConvergeConnectSetup.exe
2018-06-07 11:46 - 2018-06-07 11:47 - 035101921 _____ C:\Users\DiComo\Downloads\PeripheralDriver.zip
2018-06-06 23:07 - 2018-06-06 23:07 - 000000000 ____D C:\Users\DiComo\AppData\Local\PeerDistRepub
2018-06-06 23:04 - 2018-06-07 14:30 - 000000000 ____D C:\ProgramData\Intuit
2018-06-06 23:04 - 2018-06-06 23:04 - 000000000 ____D C:\Users\Public\Documents\Intuit
2018-06-06 23:04 - 2018-06-06 23:04 - 000000000 ____D C:\ProgramData\Nuance
2018-06-06 23:03 - 2018-06-06 14:38 - 000000090 _____ C:\Windows\QBChanUtil_Trigger.ini
2018-06-06 23:02 - 2018-06-07 11:59 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-06 23:02 - 2018-06-06 23:04 - 000000000 ____D C:\Program Files (x86)\Intuit
2018-06-06 22:52 - 2018-06-13 10:26 - 000000000 ____D C:\Users\DiComo\AppData\Local\PlaceholderTileLogoFolder
2018-06-06 22:48 - 2018-06-06 22:48 - 000000000 ___HD C:\Users\DiComo\MicrosoftEdgeBackups
2018-06-06 22:48 - 2018-06-06 22:48 - 000000000 ____D C:\Users\DiComo\AppData\Local\MicrosoftEdge
2018-06-06 22:40 - 2018-06-06 11:47 - 000000000 ____D C:\Users\DiComo\AppData\Local\Comms
2018-06-06 15:40 - 2018-06-11 11:15 - 000000000 ____D C:\Users\DiComo\Documents\Finanace and Taxes
2018-06-06 15:18 - 2018-06-06 15:19 - 000000000 ____D C:\Users\DiComo\Documents\Netpay Confirmations
2018-06-06 14:42 - 2018-06-06 14:42 - 000000000 ____D C:\Users\DiComo\Documents\AP Invoices
2018-06-06 14:42 - 2018-06-06 14:42 - 000000000 ____D C:\Users\DiComo\AppData\LocalLow\Temp
2018-06-06 14:36 - 2018-06-06 14:36 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\QuickBooks
2018-06-06 12:54 - 2018-05-04 05:37 - 000278448 _____ (Microsoft Corporation) C:\Windows\system32\Notifier.exe
2018-06-06 12:50 - 2018-06-06 12:50 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1393131357-1051084767-950562342-1002
2018-06-06 12:50 - 2018-06-06 12:50 - 000002373 _____ C:\Users\DiComo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-06 12:24 - 2018-06-06 12:24 - 000000000 ____D C:\ProgramData\SQL Anywhere 17
2018-06-06 12:05 - 2018-06-07 10:36 - 000000000 ____D C:\Users\DiComo\AppData\Local\Intuit
2018-06-06 12:05 - 2018-06-06 12:24 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\SQL Anywhere 17
2018-06-06 12:05 - 2018-06-06 12:05 - 000000000 ____D C:\Windows\Intuit
2018-06-06 11:31 - 2018-05-03 03:57 - 000599448 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2018-06-06 11:31 - 2018-05-03 03:36 - 000437664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-06-06 11:31 - 2018-05-03 03:32 - 001054280 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-06-06 11:31 - 2018-05-03 02:26 - 001057824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-06-06 11:31 - 2018-05-03 02:18 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\AcSpecfc.dll
2018-06-06 11:31 - 2018-05-03 02:17 - 007545344 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-06-06 11:31 - 2018-05-03 02:16 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-06-06 11:31 - 2018-05-03 02:09 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-06-06 11:31 - 2018-05-03 02:09 - 002784256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-06-06 11:31 - 2018-05-03 02:09 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-06 11:31 - 2018-05-03 02:00 - 000473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll
2018-06-06 11:31 - 2018-05-03 01:58 - 006467072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-06-06 11:31 - 2018-05-03 01:57 - 000150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-06-06 11:31 - 2018-05-03 01:56 - 002677248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-06-06 11:31 - 2018-05-03 01:52 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-06 11:31 - 2018-04-15 18:07 - 001463344 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-06-06 11:31 - 2018-04-15 18:04 - 000779952 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-06-06 11:31 - 2018-04-15 17:50 - 001925760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2018-06-06 11:31 - 2018-04-15 17:49 - 000382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-06-06 11:31 - 2018-04-15 17:48 - 005859248 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-06-06 11:31 - 2018-04-15 17:47 - 000398744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-06-06 11:31 - 2018-04-15 17:38 - 000979360 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2018-06-06 11:31 - 2018-04-15 17:36 - 002376088 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2018-06-06 11:31 - 2018-04-15 17:34 - 000230304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-06 11:31 - 2018-04-15 17:32 - 001416392 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2018-06-06 11:31 - 2018-04-15 17:25 - 001430768 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2018-06-06 11:31 - 2018-04-15 16:47 - 001490856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-06 11:31 - 2018-04-15 16:47 - 001323336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-06-06 11:31 - 2018-04-15 16:47 - 000649304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-06-06 11:31 - 2018-04-15 16:47 - 000311192 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-06-06 11:31 - 2018-04-15 16:37 - 000747416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2018-06-06 11:31 - 2018-04-15 16:16 - 003995136 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-06-06 11:31 - 2018-04-15 16:14 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2018-06-06 11:31 - 2018-04-15 16:12 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2018-06-06 11:31 - 2018-04-15 16:12 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2018-06-06 11:31 - 2018-04-15 16:10 - 000363008 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2018-06-06 11:31 - 2018-04-15 16:09 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 006576128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll
2018-06-06 11:31 - 2018-04-15 16:08 - 000246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 012689920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 008031744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 001425408 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 000837632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-06 11:31 - 2018-04-15 16:07 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-06-06 11:31 - 2018-04-15 16:06 - 013660672 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-06-06 11:31 - 2018-04-15 16:06 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2018-06-06 11:31 - 2018-04-15 16:06 - 000721920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2018-06-06 11:31 - 2018-04-15 16:05 - 004113408 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2018-06-06 11:31 - 2018-04-15 16:05 - 000456704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 002464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001342464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001236480 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2018-06-06 11:31 - 2018-04-15 16:04 - 000556544 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 004248064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 002976256 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 002857984 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 002741248 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 001353728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2018-06-06 11:31 - 2018-04-15 16:03 - 000920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 004814336 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 001669120 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 000842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2018-06-06 11:31 - 2018-04-15 16:02 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-06-06 11:31 - 2018-04-15 16:01 - 001509888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2018-06-06 11:31 - 2018-04-15 16:00 - 002223616 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2018-06-06 11:31 - 2018-04-15 16:00 - 001739264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2018-06-06 11:31 - 2018-04-15 16:00 - 000726016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-06 11:31 - 2018-03-30 01:06 - 000166304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2018-06-06 11:31 - 2018-03-30 01:05 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 001277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-06-06 11:31 - 2018-03-30 01:03 - 000508272 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2018-06-06 11:31 - 2018-03-30 01:03 - 000479920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 000319864 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 000292384 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2018-06-06 11:31 - 2018-03-30 01:03 - 000059808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bam.sys
2018-06-06 11:31 - 2018-03-30 01:01 - 000649304 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-06 11:31 - 2018-03-30 01:01 - 000571288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-06-06 11:31 - 2018-03-30 01:01 - 000471968 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-06 11:31 - 2018-03-30 00:58 - 000898216 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-06-06 11:31 - 2018-03-30 00:58 - 000129432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
2018-06-06 11:31 - 2018-03-30 00:57 - 000109976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-06-06 11:31 - 2018-03-30 00:57 - 000081304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2018-06-06 11:31 - 2018-03-30 00:55 - 000367344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2018-06-06 11:31 - 2018-03-30 00:55 - 000062880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2018-06-06 11:31 - 2018-03-30 00:54 - 000461728 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2018-06-06 11:31 - 2018-03-30 00:53 - 002220952 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2018-06-06 11:31 - 2018-03-30 00:53 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-06-06 11:31 - 2018-03-30 00:53 - 000549552 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2018-06-06 11:31 - 2018-03-30 00:53 - 000163744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2018-06-06 11:31 - 2018-03-30 00:52 - 000727456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-06-06 11:31 - 2018-03-30 00:51 - 000902928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-06-06 11:31 - 2018-03-30 00:51 - 000147872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-06-06 11:31 - 2018-03-30 00:50 - 001336344 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-06-06 11:31 - 2018-03-30 00:50 - 000057760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-06-06 11:31 - 2018-03-30 00:48 - 000614304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-06-06 11:31 - 2018-03-30 00:27 - 000481464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-06 11:31 - 2018-03-30 00:23 - 000566664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-06-06 11:31 - 2018-03-30 00:16 - 000289824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2018-06-06 11:31 - 2018-03-30 00:13 - 000450936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2018-06-06 11:31 - 2018-03-30 00:10 - 000704080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-06-06 11:31 - 2018-03-30 00:07 - 001003160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-06-06 11:31 - 2018-03-30 00:05 - 001491360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2018-06-06 11:31 - 2018-03-29 23:46 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-06 11:31 - 2018-03-29 23:43 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2018-06-06 11:31 - 2018-03-29 23:42 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-06 11:31 - 2018-03-29 23:42 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-06-06 11:31 - 2018-03-29 23:41 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2018-06-06 11:31 - 2018-03-29 23:41 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-06 11:31 - 2018-03-29 23:41 - 000149504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2018-06-06 11:31 - 2018-03-29 23:40 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-06-06 11:31 - 2018-03-29 23:39 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2018-06-06 11:31 - 2018-03-29 23:38 - 000966656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2018-06-06 11:31 - 2018-03-29 23:38 - 000956928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2018-06-06 11:31 - 2018-03-29 23:36 - 000897024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-06 11:31 - 2018-03-29 23:36 - 000825856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-06-06 11:31 - 2018-03-29 23:35 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-06-06 11:31 - 2018-03-29 23:35 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-06 11:31 - 2018-03-29 23:35 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-06-06 11:31 - 2018-03-29 23:35 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\convertvhd.exe
2018-06-06 11:31 - 2018-03-29 23:35 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2018-06-06 11:31 - 2018-03-29 23:33 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-06-06 11:31 - 2018-03-29 23:32 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-06-06 11:31 - 2018-03-29 23:32 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2018-06-06 11:31 - 2018-03-29 23:32 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-06-06 11:31 - 2018-03-29 23:32 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2018-06-06 11:31 - 2018-03-29 23:32 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-06-06 11:31 - 2018-03-29 23:31 - 000795136 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
2018-06-06 11:31 - 2018-03-29 23:31 - 000416768 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-06 11:31 - 2018-03-29 23:31 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-06-06 11:31 - 2018-03-29 23:31 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000748032 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2018-06-06 11:31 - 2018-03-29 23:30 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000791552 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000436224 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-06-06 11:31 - 2018-03-29 23:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 001245184 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000984064 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-06-06 11:31 - 2018-03-29 23:28 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000624128 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2018-06-06 11:31 - 2018-03-29 23:28 - 000366080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 001002496 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 000985600 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 000813568 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-06-06 11:31 - 2018-03-29 23:27 - 000588800 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001816576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001573376 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 001343488 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2018-06-06 11:31 - 2018-03-29 23:26 - 000765952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-06-06 11:31 - 2018-03-29 23:26 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-06-06 11:31 - 2018-03-29 23:25 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-06-06 11:31 - 2018-03-29 23:25 - 001055744 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-06-06 11:31 - 2018-03-29 23:25 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-06-06 11:31 - 2018-03-29 23:24 - 000925184 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-06-06 11:31 - 2018-03-29 23:23 - 000963584 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-06-06 11:31 - 2018-03-29 23:23 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-06-06 11:31 - 2018-03-29 23:21 - 002511360 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2018-06-06 11:31 - 2018-03-29 23:21 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2018-06-06 11:31 - 2018-03-28 15:54 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-06-06 11:31 - 2018-03-13 03:03 - 000739696 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-06-06 11:31 - 2018-03-13 02:54 - 000555936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2018-06-06 11:31 - 2018-03-13 02:53 - 000113568 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-06-06 11:31 - 2018-03-13 02:51 - 002773408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-06-06 11:31 - 2018-03-13 02:50 - 000617312 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-06-06 11:31 - 2018-03-13 01:36 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2018-06-06 11:31 - 2018-03-13 01:35 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-06-06 11:31 - 2018-03-13 01:34 - 008727552 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-06-06 11:31 - 2018-03-13 01:33 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2018-06-06 11:31 - 2018-03-13 01:33 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-06-06 11:31 - 2018-03-13 01:33 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2018-06-06 11:31 - 2018-03-13 01:30 - 007145472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-06-06 11:31 - 2018-03-13 01:30 - 003400192 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-06-06 11:31 - 2018-03-13 01:30 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-06-06 11:31 - 2018-03-13 01:29 - 003211776 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 003160576 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 001967104 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 001157632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-06-06 11:31 - 2018-03-13 01:28 - 000939520 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2018-06-06 11:31 - 2018-03-13 01:27 - 003125760 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2018-06-06 11:31 - 2018-03-13 01:27 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-06-06 11:31 - 2018-03-13 01:25 - 001346560 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2018-06-06 11:31 - 2018-03-13 01:23 - 001556992 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2018-06-06 11:31 - 2018-03-13 01:15 - 000597160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-06-06 11:31 - 2018-03-13 01:08 - 001555784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2018-06-06 11:31 - 2018-03-13 00:40 - 006118400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-06-06 11:31 - 2018-03-13 00:39 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2018-06-06 11:31 - 2018-03-13 00:37 - 000374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-06-06 11:31 - 2018-03-13 00:32 - 002577408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-06-06 11:31 - 2018-03-13 00:31 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2018-06-06 11:31 - 2018-03-13 00:30 - 002349568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2018-06-06 11:31 - 2018-03-13 00:30 - 000464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2018-06-06 11:31 - 2018-03-01 03:37 - 007831760 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-06-06 11:31 - 2018-03-01 03:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-06-06 11:31 - 2018-03-01 03:29 - 000733592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-06-06 11:31 - 2018-03-01 03:17 - 000519152 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-06-06 11:31 - 2018-03-01 03:14 - 001694224 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-06-06 11:31 - 2018-03-01 02:30 - 005615968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-06-06 11:31 - 2018-03-01 02:21 - 001558856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2018-06-06 11:31 - 2018-03-01 02:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-06-06 11:31 - 2018-03-01 01:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-06-06 11:31 - 2018-03-01 01:51 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2018-06-06 11:31 - 2018-03-01 01:49 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-06-06 11:31 - 2018-03-01 01:48 - 000543232 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2018-06-06 11:31 - 2018-03-01 01:47 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll
2018-06-06 11:31 - 2018-03-01 01:46 - 000770048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-06-06 11:31 - 2018-03-01 01:42 - 003505664 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-06-06 11:31 - 2018-03-01 01:39 - 000899584 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-06-06 11:31 - 2018-03-01 01:36 - 004050432 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-06-06 11:31 - 2018-02-21 22:10 - 000285080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2018-06-06 11:31 - 2018-02-21 22:00 - 000187296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2018-06-06 11:31 - 2018-02-21 21:51 - 000045472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-06-06 11:31 - 2018-02-21 20:31 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-06-06 11:31 - 2018-02-21 20:27 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-06-06 11:31 - 2018-02-10 02:19 - 001133888 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2018-06-06 11:31 - 2018-02-10 02:16 - 002406456 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-06-06 11:31 - 2018-02-10 02:14 - 004504464 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2018-06-06 11:31 - 2018-02-10 02:14 - 001002592 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-06-06 11:31 - 2018-02-10 02:10 - 000614160 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2018-06-06 11:31 - 2018-02-10 02:09 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-06-06 11:31 - 2018-02-10 02:08 - 000687552 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-06-06 11:31 - 2018-02-10 02:07 - 000436632 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2018-06-06 11:31 - 2018-02-10 02:06 - 000494488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-06 11:31 - 2018-02-10 02:06 - 000087384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2018-06-06 11:31 - 2018-02-10 02:05 - 000413888 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 001426672 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 001254144 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 001170008 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-06-06 11:31 - 2018-02-10 02:04 - 000603920 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-06-06 11:31 - 2018-02-10 02:04 - 000374032 _____ (Microsoft Corporation) C:\Windows\system32\vac.exe
2018-06-06 11:31 - 2018-02-10 02:03 - 001619808 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2018-06-06 11:31 - 2018-02-10 02:03 - 000722616 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2018-06-06 11:31 - 2018-02-10 02:03 - 000404888 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2018-06-06 11:31 - 2018-02-10 01:18 - 001384288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll
2018-06-06 11:31 - 2018-02-10 01:17 - 002255112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-06-06 11:31 - 2018-02-10 01:15 - 001145624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-06-06 11:31 - 2018-02-10 01:09 - 000354200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2018-06-06 11:31 - 2018-02-10 01:07 - 000527864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2018-06-06 11:31 - 2018-02-10 01:06 - 000982528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 001246432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 001149272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 000662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 000386424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2018-06-06 11:31 - 2018-02-10 01:05 - 000074992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2018-06-06 11:31 - 2018-02-10 00:50 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2018-06-06 11:31 - 2018-02-10 00:46 - 001008640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-06-06 11:31 - 2018-02-10 00:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2018-06-06 11:31 - 2018-02-10 00:44 - 000336896 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
2018-06-06 11:31 - 2018-02-10 00:43 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2018-06-06 11:31 - 2018-02-10 00:43 - 000394752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-06-06 11:31 - 2018-02-10 00:42 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2018-06-06 11:31 - 2018-02-10 00:42 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
2018-06-06 11:31 - 2018-02-10 00:42 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2018-06-06 11:31 - 2018-02-10 00:42 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshhttp.dll
2018-06-06 11:31 - 2018-02-10 00:41 - 000451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2018-06-06 11:31 - 2018-02-10 00:41 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-06-06 11:31 - 2018-02-10 00:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-06-06 11:31 - 2018-02-10 00:40 - 004498432 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2018-06-06 11:31 - 2018-02-10 00:40 - 001234432 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrSvc.dll
2018-06-06 11:31 - 2018-02-10 00:40 - 000601088 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2018-06-06 11:31 - 2018-02-10 00:39 - 004592640 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-06-06 11:31 - 2018-02-10 00:38 - 002184192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-06-06 11:31 - 2018-02-10 00:38 - 001167360 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2018-06-06 11:31 - 2018-02-10 00:37 - 003578368 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2018-06-06 11:31 - 2018-02-10 00:37 - 003419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2018-06-06 11:31 - 2018-02-10 00:37 - 001488384 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-06-06 11:31 - 2018-02-10 00:36 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2018-06-06 11:31 - 2018-02-10 00:36 - 001759744 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2018-06-06 11:31 - 2018-02-10 00:36 - 000685056 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-06-06 11:31 - 2018-02-10 00:35 - 000943104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-06 11:31 - 2018-02-10 00:35 - 000918528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-06 11:31 - 2018-02-10 00:34 - 002983936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2018-06-06 11:31 - 2018-02-10 00:33 - 001936384 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2018-06-06 11:31 - 2018-02-10 00:33 - 001570816 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2018-06-06 11:31 - 2018-02-09 22:59 - 000804240 _____ C:\Windows\SysWOW64\locale.nls
2018-06-06 11:31 - 2018-02-09 22:59 - 000804240 _____ C:\Windows\system32\locale.nls
2018-06-06 11:31 - 2018-02-08 23:35 - 004959688 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2018-06-06 11:31 - 2018-02-08 23:35 - 001234888 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2018-06-06 11:31 - 2018-02-01 23:36 - 003903944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2018-06-06 11:31 - 2017-11-26 09:32 - 000184984 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-06 11:31 - 2017-11-26 07:12 - 000123520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-06 11:30 - 2018-05-03 03:48 - 000793960 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-06-06 11:30 - 2018-05-03 03:43 - 000702568 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-06 11:30 - 2018-05-03 03:35 - 000358496 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-06-06 11:30 - 2018-05-03 03:34 - 000070864 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2018-06-06 11:30 - 2018-05-03 02:44 - 000595448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-06 11:30 - 2018-05-03 02:43 - 000594056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-06-06 11:30 - 2018-05-03 02:29 - 000285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2018-06-06 11:30 - 2018-05-03 02:28 - 000061024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2018-06-06 11:30 - 2018-05-03 02:19 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-06-06 11:30 - 2018-05-03 02:18 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2018-06-06 11:30 - 2018-05-03 02:16 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-06-06 11:30 - 2018-05-03 02:16 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2018-06-06 11:30 - 2018-05-03 02:16 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-06-06 11:30 - 2018-05-03 02:16 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-06 11:30 - 2018-05-03 02:15 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-06-06 11:30 - 2018-05-03 02:15 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-06 11:30 - 2018-05-03 02:15 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2018-06-06 11:30 - 2018-05-03 02:12 - 000657408 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-06-06 11:30 - 2018-05-03 02:09 - 001856000 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-06-06 11:30 - 2018-05-03 02:05 - 000483840 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-06-06 11:30 - 2018-05-03 02:05 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2018-06-06 11:30 - 2018-05-03 02:04 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-06-06 11:30 - 2018-05-03 02:02 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2018-06-06 11:30 - 2018-05-03 01:57 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-06-06 11:30 - 2018-05-03 01:57 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-06 11:30 - 2018-05-03 01:57 - 000019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-06 11:30 - 2018-05-03 01:53 - 000540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-06-06 11:30 - 2018-05-03 01:50 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-06-06 11:30 - 2018-05-03 01:48 - 000408576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-06-06 11:30 - 2018-05-03 01:48 - 000328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2018-06-06 11:30 - 2018-05-03 01:47 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-06-06 11:30 - 2018-04-15 17:57 - 000279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-06-06 11:30 - 2018-04-15 17:49 - 000563632 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2018-06-06 11:30 - 2018-04-15 17:29 - 001873944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-06-06 11:30 - 2018-04-15 17:29 - 000198440 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2018-06-06 11:30 - 2018-04-15 17:25 - 000661920 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2018-06-06 11:30 - 2018-04-15 17:25 - 000327008 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2018-06-06 11:30 - 2018-04-15 17:25 - 000092032 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2018-06-06 11:30 - 2018-04-15 17:24 - 000063656 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-06 11:30 - 2018-04-15 16:38 - 001123464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2018-06-06 11:30 - 2018-04-15 16:38 - 000444280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2018-06-06 11:30 - 2018-04-15 16:36 - 001575896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2018-06-06 11:30 - 2018-04-15 16:36 - 000832648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2018-06-06 11:30 - 2018-04-15 16:34 - 000572312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2018-06-06 11:30 - 2018-04-15 16:34 - 000279472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2018-06-06 11:30 - 2018-04-15 16:34 - 000166408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2018-06-06 11:30 - 2018-04-15 16:34 - 000077552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2018-06-06 11:30 - 2018-04-15 16:34 - 000052248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-06 11:30 - 2018-04-15 16:33 - 001623960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2018-06-06 11:30 - 2018-04-15 16:15 - 003490816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2018-06-06 11:30 - 2018-04-15 16:15 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\LockController.dll
2018-06-06 11:30 - 2018-04-15 16:14 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2018-06-06 11:30 - 2018-04-15 16:14 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\CredProv2faHelper.dll
2018-06-06 11:30 - 2018-04-15 16:14 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProv2faHelper.dll
2018-06-06 11:30 - 2018-04-15 16:13 - 000084992 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2018-06-06 11:30 - 2018-04-15 16:12 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-06-06 11:30 - 2018-04-15 16:12 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll
2018-06-06 11:30 - 2018-04-15 16:11 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\eShims.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 001576960 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-06 11:30 - 2018-04-15 16:10 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000503296 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_User.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2018-06-06 11:30 - 2018-04-15 16:09 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000859648 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2018-06-06 11:30 - 2018-04-15 16:08 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000627712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000490496 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\LockHostingFramework.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2018-06-06 11:30 - 2018-04-15 16:08 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 003367936 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000792064 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000702464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000225280 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-06-06 11:30 - 2018-04-15 16:07 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2018-06-06 11:30 - 2018-04-15 16:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000820224 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000421376 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2018-06-06 11:30 - 2018-04-15 16:06 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-06-06 11:30 - 2018-04-15 16:06 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000863744 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000526336 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000516608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2018-06-06 11:30 - 2018-04-15 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-06-06 11:30 - 2018-04-15 16:04 - 002523136 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 002490880 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000997376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-06-06 11:30 - 2018-04-15 16:04 - 000976896 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-06-06 11:30 - 2018-04-15 16:04 - 000965632 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000648704 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000621056 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000576512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2018-06-06 11:30 - 2018-04-15 16:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 003287040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 002814976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 002462208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 002413568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-06-06 11:30 - 2018-04-15 16:03 - 000826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-06-06 11:30 - 2018-04-15 16:03 - 000825856 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000695296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2018-06-06 11:30 - 2018-04-15 16:03 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2018-06-06 11:30 - 2018-04-15 16:02 - 000440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000518144 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000366592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2018-06-06 11:30 - 2018-04-15 16:01 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ByteCodeGenerator.exe
2018-06-06 11:30 - 2018-04-15 16:00 - 000682496 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000356352 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2018-06-06 11:30 - 2018-04-15 16:00 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2018-06-06 11:30 - 2018-04-15 16:00 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\ByteCodeGenerator.exe
2018-06-06 11:30 - 2018-04-15 15:59 - 001332736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2018-06-06 11:30 - 2018-04-15 15:59 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2018-06-06 11:30 - 2018-04-15 15:58 - 001472000 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2018-06-06 11:30 - 2018-04-15 15:58 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2018-06-06 11:30 - 2018-03-30 01:12 - 000270208 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2018-06-06 11:30 - 2018-03-30 01:12 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2018-06-06 11:30 - 2018-03-30 01:06 - 000053152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
2018-06-06 11:30 - 2018-03-30 01:05 - 000066720 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000059808 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000035744 _____ (Microsoft Corporation) C:\Windows\system32\SDFHost.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
2018-06-06 11:30 - 2018-03-30 01:05 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
2018-06-06 11:30 - 2018-03-30 01:03 - 000139680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-06 11:30 - 2018-03-30 01:03 - 000022400 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-06 11:30 - 2018-03-30 01:01 - 000034208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2018-06-06 11:30 - 2018-03-30 01:00 - 000103320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-06-06 11:30 - 2018-03-30 01:00 - 000094104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-06-06 11:30 - 2018-03-30 00:58 - 000039328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2018-06-06 11:30 - 2018-03-30 00:57 - 000121248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-06-06 11:30 - 2018-03-30 00:57 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2018-06-06 11:30 - 2018-03-30 00:56 - 000018680 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
2018-06-06 11:30 - 2018-03-30 00:53 - 000094080 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
2018-06-06 11:30 - 2018-03-30 00:53 - 000040352 _____ (Microsoft Corporation) C:\Windows\system32\AppVClientPS.dll
2018-06-06 11:30 - 2018-03-30 00:52 - 000282528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000247480 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2018-06-06 11:30 - 2018-03-30 00:52 - 000192416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000054688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2018-06-06 11:30 - 2018-03-30 00:52 - 000028520 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2018-06-06 11:30 - 2018-03-30 00:51 - 000125568 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2018-06-06 11:30 - 2018-03-30 00:51 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2018-06-06 11:30 - 2018-03-30 00:51 - 000071208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2018-06-06 11:30 - 2018-03-30 00:49 - 000204184 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-06-06 11:30 - 2018-03-30 00:48 - 000586800 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
2018-06-06 11:30 - 2018-03-30 00:18 - 000016600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
2018-06-06 11:30 - 2018-03-30 00:13 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
2018-06-06 11:30 - 2018-03-30 00:12 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2018-06-06 11:30 - 2018-03-30 00:10 - 000099240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2018-06-06 11:30 - 2018-03-30 00:06 - 000180632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-06-06 11:30 - 2018-03-30 00:05 - 000027040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVClientPS.dll
2018-06-06 11:30 - 2018-03-30 00:04 - 000417368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
2018-06-06 11:30 - 2018-03-29 23:45 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-06-06 11:30 - 2018-03-29 23:44 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2018-06-06 11:30 - 2018-03-29 23:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-06 11:30 - 2018-03-29 23:43 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-06 11:30 - 2018-03-29 23:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2018-06-06 11:30 - 2018-03-29 23:43 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2018-06-06 11:30 - 2018-03-29 23:42 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-06 11:30 - 2018-03-29 23:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2018-06-06 11:30 - 2018-03-29 23:42 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2018-06-06 11:30 - 2018-03-29 23:41 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-06-06 11:30 - 2018-03-29 23:41 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000524800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2018-06-06 11:30 - 2018-03-29 23:40 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2018-06-06 11:30 - 2018-03-29 23:39 - 000776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-06 11:30 - 2018-03-29 23:36 - 000276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000371200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000233984 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2018-06-06 11:30 - 2018-03-29 23:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2018-06-06 11:30 - 2018-03-29 23:34 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000707584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-06 11:30 - 2018-03-29 23:33 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\IcsEntitlementHost.exe
2018-06-06 11:30 - 2018-03-29 23:33 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapPeerProxy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\WcnEapAuthProxy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HyperVideo.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
2018-06-06 11:30 - 2018-03-29 23:33 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-06 11:30 - 2018-03-29 23:33 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-06-06 11:30 - 2018-03-29 23:33 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-06-06 11:30 - 2018-03-29 23:32 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
2018-06-06 11:30 - 2018-03-29 23:32 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-06-06 11:30 - 2018-03-29 23:32 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2018-06-06 11:30 - 2018-03-29 23:31 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2018-06-06 11:30 - 2018-03-29 23:31 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-06 11:30 - 2018-03-29 23:31 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-06-06 11:30 - 2018-03-29 23:31 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-06-06 11:30 - 2018-03-29 23:30 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2018-06-06 11:30 - 2018-03-29 23:29 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-06-06 11:30 - 2018-03-29 23:29 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2018-06-06 11:30 - 2018-03-29 23:29 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2018-06-06 11:30 - 2018-03-29 23:29 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2018-06-06 11:30 - 2018-03-29 23:28 - 000820224 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2018-06-06 11:30 - 2018-03-29 23:28 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000947712 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000889856 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2018-06-06 11:30 - 2018-03-29 23:27 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2018-06-06 11:30 - 2018-03-29 23:25 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2018-06-06 11:30 - 2018-03-29 23:25 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-06-06 11:30 - 2018-03-29 23:25 - 000270848 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-06-06 11:30 - 2018-03-29 23:23 - 000387584 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2018-06-06 11:30 - 2018-03-29 23:23 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2018-06-06 11:30 - 2018-03-29 23:23 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2018-06-06 11:30 - 2018-03-29 23:22 - 000826880 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-06-06 11:30 - 2018-03-29 23:22 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
2018-06-06 11:30 - 2018-03-29 23:22 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
2018-06-06 11:30 - 2018-03-29 23:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2018-06-06 11:30 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
2018-06-06 11:30 - 2018-03-29 23:20 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2018-06-06 11:30 - 2018-03-29 23:20 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
2018-06-06 11:30 - 2018-03-13 02:59 - 000535968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-06-06 11:30 - 2018-03-13 02:58 - 000441248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-06-06 11:30 - 2018-03-13 02:58 - 000170904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-06 11:30 - 2018-03-13 02:55 - 001778360 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2018-06-06 11:30 - 2018-03-13 02:55 - 000417440 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-06-06 11:30 - 2018-03-13 02:55 - 000334240 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2018-06-06 11:30 - 2018-03-13 02:54 - 000128928 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-06-06 11:30 - 2018-03-13 02:53 - 000774560 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2018-06-06 11:30 - 2018-03-13 02:53 - 000143264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2018-06-06 11:30 - 2018-03-13 02:53 - 000091152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2018-06-06 11:30 - 2018-03-13 02:52 - 000172112 _____ (Microsoft Corporation) C:\Windows\system32\RTWorkQ.dll
2018-06-06 11:30 - 2018-03-13 02:52 - 000127136 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2018-06-06 11:30 - 2018-03-13 01:38 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2018-06-06 11:30 - 2018-03-13 01:38 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2018-06-06 11:30 - 2018-03-13 01:37 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\NetDriverInstall.dll
2018-06-06 11:30 - 2018-03-13 01:37 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2018-06-06 11:30 - 2018-03-13 01:37 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2018-06-06 11:30 - 2018-03-13 01:36 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000758272 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\TtlsAuth.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\TtlsCfg.dll
2018-06-06 11:30 - 2018-03-13 01:35 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2018-06-06 11:30 - 2018-03-13 01:34 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2018-06-06 11:30 - 2018-03-13 01:34 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\TtlsExt.dll
2018-06-06 11:30 - 2018-03-13 01:34 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2018-06-06 11:30 - 2018-03-13 01:33 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2018-06-06 11:30 - 2018-03-13 01:33 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-06-06 11:30 - 2018-03-13 01:33 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000286720 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-06-06 11:30 - 2018-03-13 01:32 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 002849792 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 001263104 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 001173504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-06-06 11:30 - 2018-03-13 01:31 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2018-06-06 11:30 - 2018-03-13 01:30 - 000893440 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2018-06-06 11:30 - 2018-03-13 01:30 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2018-06-06 11:30 - 2018-03-13 01:30 - 000459776 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-06-06 11:30 - 2018-03-13 01:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-06-06 11:30 - 2018-03-13 01:28 - 000837120 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-06-06 11:30 - 2018-03-13 01:26 - 001737728 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-06-06 11:30 - 2018-03-13 01:26 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2018-06-06 11:30 - 2018-03-13 01:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2018-06-06 11:30 - 2018-03-13 01:24 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2018-06-06 11:30 - 2018-03-13 01:24 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\sensrsvc.dll
2018-06-06 11:30 - 2018-03-13 01:23 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-06-06 11:30 - 2018-03-13 01:23 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-06-06 11:30 - 2018-03-13 01:22 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2018-06-06 11:30 - 2018-03-13 01:22 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-06-06 11:30 - 2018-03-13 01:07 - 000115104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-06-06 11:30 - 2018-03-13 01:06 - 000564640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2018-06-06 11:30 - 2018-03-13 01:04 - 000140592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2018-06-06 11:30 - 2018-03-13 00:40 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-06-06 11:30 - 2018-03-13 00:40 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2018-06-06 11:30 - 2018-03-13 00:39 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2018-06-06 11:30 - 2018-03-13 00:39 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-06-06 11:30 - 2018-03-13 00:39 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TtlsCfg.dll
2018-06-06 11:30 - 2018-03-13 00:38 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlgpclnt.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000537088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2018-06-06 11:30 - 2018-03-13 00:37 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2018-06-06 11:30 - 2018-03-13 00:37 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2018-06-06 11:30 - 2018-03-13 00:36 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-06-06 11:30 - 2018-03-13 00:36 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-06-06 11:30 - 2018-03-13 00:35 - 006204416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-06-06 11:30 - 2018-03-13 00:34 - 002409984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-06-06 11:30 - 2018-03-13 00:34 - 000706048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2018-06-06 11:30 - 2018-03-13 00:33 - 000981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-06-06 11:30 - 2018-03-13 00:32 - 001948672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-06-06 11:30 - 2018-03-13 00:31 - 001348608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-06-06 11:30 - 2018-03-13 00:31 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-06-06 11:30 - 2018-03-13 00:27 - 000190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2018-06-06 11:30 - 2018-03-13 00:27 - 000078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2018-06-06 11:30 - 2018-03-13 00:26 - 000483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2018-06-06 11:30 - 2018-03-01 23:02 - 000037888 _____ C:\Windows\system32\SpectrumSyncClient.dll
2018-06-06 11:30 - 2018-03-01 23:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\svf.dll
2018-06-06 11:30 - 2018-03-01 16:28 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HoloShellRuntime.dll
2018-06-06 11:30 - 2018-03-01 03:19 - 000710768 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-06-06 11:30 - 2018-03-01 03:14 - 005105664 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2018-06-06 11:30 - 2018-03-01 03:12 - 000250264 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2018-06-06 11:30 - 2018-03-01 03:12 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-06-06 11:30 - 2018-03-01 03:10 - 000075168 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-06-06 11:30 - 2018-03-01 03:10 - 000022936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-06-06 11:30 - 2018-03-01 02:29 - 000574960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-06-06 11:30 - 2018-03-01 02:27 - 000221592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2018-06-06 11:30 - 2018-03-01 02:23 - 005105664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2018-06-06 11:30 - 2018-03-01 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll
2018-06-06 11:30 - 2018-03-01 01:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-06-06 11:30 - 2018-03-01 01:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-06-06 11:30 - 2018-03-01 01:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-06-06 11:30 - 2018-03-01 01:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2018-06-06 11:30 - 2018-03-01 01:51 - 002329088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-06-06 11:30 - 2018-03-01 01:49 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-06 11:30 - 2018-03-01 01:47 - 000484352 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-06-06 11:30 - 2018-03-01 01:46 - 004051968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-06-06 11:30 - 2018-02-21 21:51 - 000097176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2018-06-06 11:30 - 2018-02-21 21:50 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-06-06 11:30 - 2018-02-21 20:26 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2018-06-06 11:30 - 2018-02-21 20:16 - 001286144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-06-06 11:30 - 2018-02-10 02:18 - 001193192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2018-06-06 11:30 - 2018-02-10 02:18 - 000098272 _____ (Microsoft Corporation) C:\Windows\system32\FsIso.exe
2018-06-06 11:30 - 2018-02-10 02:12 - 004537040 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2018-06-06 11:30 - 2018-02-10 02:12 - 001313016 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2018-06-06 11:30 - 2018-02-10 02:10 - 000154520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2018-06-06 11:30 - 2018-02-10 02:09 - 000491264 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2018-06-06 11:30 - 2018-02-10 02:08 - 000398824 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2018-06-06 11:30 - 2018-02-10 02:08 - 000096200 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2018-06-06 11:30 - 2018-02-10 02:06 - 000100248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2018-06-06 11:30 - 2018-02-10 02:04 - 000339872 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2018-06-06 11:30 - 2018-02-10 02:04 - 000212880 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2018-06-06 11:30 - 2018-02-10 02:03 - 000849304 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2018-06-06 11:30 - 2018-02-10 02:03 - 000706600 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2018-06-06 11:30 - 2018-02-10 02:03 - 000098712 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2018-06-06 11:30 - 2018-02-10 02:02 - 000628632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2018-06-06 11:30 - 2018-02-10 01:18 - 000022424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hvsicontainerservice.dll
2018-06-06 11:30 - 2018-02-10 01:17 - 000542856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-06 11:30 - 2018-02-10 01:12 - 004382032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2018-06-06 11:30 - 2018-02-10 01:11 - 001250528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2018-06-06 11:30 - 2018-02-10 01:10 - 000422592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2018-06-06 11:30 - 2018-02-10 01:09 - 000559976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-06-06 11:30 - 2018-02-10 01:07 - 000123808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2018-06-06 11:30 - 2018-02-10 01:07 - 000089504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2018-06-06 11:30 - 2018-02-10 01:07 - 000083216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000718232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000654456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000193248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2018-06-06 11:30 - 2018-02-10 01:05 - 000079256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2018-06-06 11:30 - 2018-02-10 01:03 - 000505160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2018-06-06 11:30 - 2018-02-10 00:50 - 000849920 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2018-06-06 11:30 - 2018-02-10 00:49 - 001664512 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2018-06-06 11:30 - 2018-02-10 00:48 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mskssrv.sys
2018-06-06 11:30 - 2018-02-10 00:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtClient.dll
2018-06-06 11:30 - 2018-02-10 00:47 - 000201216 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 001470976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-06 11:30 - 2018-02-10 00:46 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\PCShellCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:46 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-06 11:30 - 2018-02-10 00:45 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2018-06-06 11:30 - 2018-02-10 00:45 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2018-06-06 11:30 - 2018-02-10 00:45 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EnterpriseAppMgmtClient.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2018-06-06 11:30 - 2018-02-10 00:44 - 000427008 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000388608 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000302592 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000276992 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2018-06-06 11:30 - 2018-02-10 00:44 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 003756032 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000580608 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000110080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2018-06-06 11:30 - 2018-02-10 00:43 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCShellCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 001113600 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2018-06-06 11:30 - 2018-02-10 00:42 - 000975872 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2018-06-06 11:30 - 2018-02-10 00:42 - 000634880 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\rshx32.dll
2018-06-06 11:30 - 2018-02-10 00:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\regsvr32.exe
2018-06-06 11:30 - 2018-02-10 00:41 - 000504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\edputil.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2018-06-06 11:30 - 2018-02-10 00:41 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 002873344 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000939520 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000886784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2018-06-06 11:30 - 2018-02-10 00:40 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000800256 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000691200 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2018-06-06 11:30 - 2018-02-10 00:40 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2018-06-06 11:30 - 2018-02-10 00:40 - 000298496 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edputil.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:40 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000447488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2018-06-06 11:30 - 2018-02-10 00:39 - 000315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2018-06-06 11:30 - 2018-02-10 00:39 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
2018-06-06 11:30 - 2018-02-10 00:38 - 006722560 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2018-06-06 11:30 - 2018-02-10 00:38 - 000755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2018-06-06 11:30 - 2018-02-10 00:38 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2018-06-06 11:30 - 2018-02-10 00:38 - 000653312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2018-06-06 11:30 - 2018-02-10 00:38 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2018-06-06 11:30 - 2018-02-10 00:38 - 000174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2018-06-06 11:30 - 2018-02-10 00:37 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-06-06 11:30 - 2018-02-10 00:36 - 000403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2018-06-06 11:30 - 2018-02-10 00:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 005388800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000796160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000667136 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000455680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2018-06-06 11:30 - 2018-02-10 00:35 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2018-06-06 11:30 - 2018-02-10 00:34 - 006532096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2018-06-06 11:30 - 2018-02-10 00:34 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:34 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:34 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 001661440 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000621568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000620544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000604672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000482816 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2018-06-06 11:30 - 2018-02-10 00:33 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-06 11:30 - 2018-02-10 00:32 - 002427904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2018-06-06 11:30 - 2018-02-10 00:32 - 000681472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:32 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2018-06-06 11:30 - 2018-02-10 00:32 - 000056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-06-06 11:30 - 2018-02-10 00:31 - 001488896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2018-06-06 11:30 - 2018-02-10 00:31 - 001159680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2018-06-06 11:30 - 2018-02-10 00:31 - 000301056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2018-06-06 11:30 - 2018-02-08 23:35 - 001002952 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2018-06-06 11:30 - 2018-02-08 23:35 - 000892872 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2018-06-06 11:30 - 2018-02-08 23:35 - 000065992 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000921032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000854976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000649672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2018-06-06 11:30 - 2018-02-01 23:36 - 000054720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2018-06-06 11:11 - 2018-06-08 12:36 - 000000000 ____D C:\ProgramData\Brother
2018-06-06 11:09 - 2018-06-06 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2018-06-06 11:09 - 2018-06-06 11:09 - 000003014 _____ C:\Windows\System32\Tasks\QBScheduledReport
2018-06-06 11:09 - 2012-01-05 16:43 - 004218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2018-06-06 04:35 - 2018-06-06 12:50 - 000000000 ___RD C:\Users\DiComo\OneDrive
2018-06-06 04:34 - 2018-06-21 08:23 - 000000000 __SHD C:\Users\DiComo\IntelGraphicsProfiles
2018-06-06 04:34 - 2018-06-13 23:50 - 000000000 ___RD C:\Users\DiComo\3D Objects
2018-06-06 04:34 - 2018-06-13 10:26 - 000000000 ____D C:\Users\DiComo\AppData\Local\Packages
2018-06-06 04:34 - 2018-06-11 20:49 - 000000000 ____D C:\Users\DiComo\AppData\Local\ConnectedDevicesPlatform
2018-06-06 04:34 - 2018-06-07 13:15 - 000000000 ____D C:\Users\DiComo\AppData\Roaming\Adobe
2018-06-06 04:34 - 2018-06-07 08:57 - 000000000 ____D C:\Users\DiComo\AppData\Local\Publishers
2018-06-06 04:34 - 2018-06-06 04:34 - 000000000 ____D C:\Users\DiComo\AppData\Local\VirtualStore
2018-06-06 04:31 - 2018-06-11 10:40 - 000000000 ____D C:\Users\DiComo
2018-06-06 04:31 - 2018-06-06 04:31 - 000000020 ___SH C:\Users\DiComo\ntuser.ini
2018-06-06 02:59 - 2018-06-06 12:27 - 000000000 ____D C:\Windows\system32\Drivers\wd
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-21 09:19 - 2017-10-24 14:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-06-19 11:29 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2018-06-19 09:00 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-19 09:00 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\AppReadiness
2018-06-18 10:23 - 2017-10-24 14:34 - 001292850 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-18 10:19 - 2017-10-24 14:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-18 10:19 - 2017-09-29 04:45 - 000786432 _____ C:\Windows\system32\config\BBI
2018-06-15 11:41 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\rescache
2018-06-15 11:19 - 2017-09-29 09:44 - 000000000 ____D C:\Windows\INF
2018-06-13 23:50 - 2017-10-24 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 17:38 - 2017-10-24 14:29 - 000244408 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\system32\F12
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\TextInput
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-06-13 17:38 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\ShellExperiences
2018-06-13 17:38 - 2017-09-29 04:45 - 000000000 ____D C:\Windows\system32\Dism
2018-06-13 11:15 - 2017-11-01 13:32 - 000000000 ____D C:\Windows\system32\MRT
2018-06-13 11:14 - 2017-11-01 13:32 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-13 11:14 - 2017-11-01 13:32 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-13 11:13 - 2017-09-29 09:37 - 000000000 ____D C:\Windows\CbsTemp
2018-06-06 22:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\NDF
2018-06-06 22:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\appcompat
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\oobe
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\system32\appraiser
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-06-06 12:48 - 2017-09-29 09:46 - 000000000 ____D C:\Windows\bcastdvr
2018-06-06 12:48 - 2017-09-29 04:45 - 000000000 ____D C:\Windows\servicing
2018-06-06 12:27 - 2017-09-29 09:46 - 000000000 ___RD C:\Program Files\Windows Defender
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-18 09:38
 
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by DiComo (21-06-2018 09:20:52)
Running from C:\Users\DiComo\Desktop\Assessment
Windows 10 Pro Version 1709 16299.492 (X64) (2018-02-24 06:30:30)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1393131357-1051084767-950562342-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1393131357-1051084767-950562342-503 - Limited - Disabled)
DiComo (S-1-5-21-1393131357-1051084767-950562342-1002 - Administrator - Enabled) => C:\Users\DiComo
Guest (S-1-5-21-1393131357-1051084767-950562342-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1393131357-1051084767-950562342-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Brother MFL-Pro Suite MFC-7860DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
ConvergeConnect (HKLM-x32\...\ConvergeConnect) (Version: 3.2.0.90 - Elavon)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
Ingenico USB Drivers Package (JUNGO v36) 2.60 (remove only) (HKLM\...\IngenicoUSBDrivers_2.60) (Version: 2.60 - )
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1393131357-1051084767-950562342-1002\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Payment Terminal (HKLM-x32\...\{C1EF6BC6-228F-4D7F-8704-EB62C5E10D84}) (Version: 17.2.1 - Verosa, LLC.)
QBFC 13.0 (HKLM-x32\...\{42A7A870-C6A9-4EEE-8755-2755E3C60EE4}) (Version: 13.0.0.23 - Intuit Developer Network)
QuickBooks (HKLM-x32\...\{48011BF6-E0BC-4B49-9DCA-C7144EF0C01E}) (Version: 28.0.4006.2806 - Intuit Inc.) Hidden
QuickBooks Premier Edition 2018 (HKLM-x32\...\{7A626F39-A185-4566-9982-9995287CED26}) (Version: 28.0.4001.2806 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
RDM ADK (HKLM-x32\...\{8B7F5BE5-BACF-4533-AC1F-696DBB98BFB5}) (Version: 7.0.2.95 - RDM Corporation)
RDM Appweb 4.6.0.8 (HKLM-x32\...\RDM Appweb_is1) (Version: 4.6.0.8 - RDM Corporation)
RDM USB Drivers (HKLM-x32\...\{32770FE5-A5F9-48EC-B156-F3F29B3DBD0B}) (Version: 7.0.2.95 - RDM Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Driver Package - Star Micronics TSP650II Printer Driver (08/01/2012 2.1.0.0) (HKLM\...\48B1ED181B3559BE29518D57640438C268C70E85) (Version: 08/01/2012 2.1.0.0 - Star Micronics)
WPS Office (10.1.0.5656) (HKU\S-1-5-21-1393131357-1051084767-950562342-1002\...\Kingsoft Office) (Version: 10.1.0.5656 - Kingsoft Corp.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-06-02] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {05B8DCCF-2366-40C1-BB3A-00BC4DB90A41} - System32\Tasks\ConvergeConnect => C:\Program Files (x86)\Elavon\ConvergeConnect\ConvergeConnectAdmin.exe [2018-02-23] (Elavon)
Task: {2B5B2EE8-FD90-4D7D-8B34-DD61BED8928C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
Task: {4A9E023A-6B1A-4A91-A7D1-2FDFF197D33A} - System32\Tasks\WpsUpdateTask_DiComo => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdate.exe [2018-06-19] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {6B4545B1-5367-45AE-80D1-A936492D1965} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {730A553F-EFC9-4EEF-8680-286E3456FE20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
Task: {7B99C16B-65D5-4C3F-ABBE-8DDCE282636F} - System32\Tasks\WpsExternal_20180608131656 => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A648F4D2-3E56-4AC7-9AC2-7B660F1705C9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
Task: {AB21DCEF-D5E0-4C46-9759-A29FB70D39B5} - System32\Tasks\WpsKtpcntrQingTask_DiComo => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\office6\ktpcntr.exe [2018-06-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {C1FE5037-9707-4C4C-9A3B-6A10F6FF89EA} - System32\Tasks\QBScheduledReport => C:\Program Files (x86)\Common Files\Intuit\QuickBooks\ScheduledReports\ScheduledReports.Scheduler.exe [2018-04-27] (Intuit Inc.)
Task: {D08E8DDA-908E-481B-A5A6-42CEA6580394} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-06] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\WpsExternal_20180608131656.job => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe
Task: C:\Windows\Tasks\WpsKtpcntrQingTask_DiComo.job => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\office6\ktpcntr.exeÃqing 10.1.0.5656 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads
Task: C:\Windows\Tasks\WpsUpdateTask_DiComo.job => C:\Users\DiComo\AppData\Local\Kingsoft\WPS Office\10.1.0.5656\wtoolex\wpsupdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-06-07 12:00 - 2017-04-24 14:17 - 000016896 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\rdmappman.exe
2018-06-18 10:04 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000012288 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\RDMAppweb.exe
2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-06-13 11:10 - 2018-06-08 02:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-13 11:10 - 2018-06-08 01:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-06 11:14 - 2018-06-06 11:16 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-06-06 11:14 - 2018-06-06 11:16 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-06-06 11:14 - 2018-06-06 11:17 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-06-06 11:14 - 2018-06-06 11:16 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-06 11:07 - 2018-06-06 11:09 - 001280176 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-06-06 23:05 - 2018-06-06 23:05 - 004165632 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-06-06 23:05 - 2018-06-06 23:05 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1804.911.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-06 23:06 - 2018-06-06 23:07 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-06 23:06 - 2018-06-06 23:07 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-08 12:43 - 2018-06-08 12:44 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 12:43 - 2018-06-08 12:44 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-06-06 11:05 - 2018-06-06 11:15 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-06-06 11:05 - 2018-06-06 11:14 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-06-06 11:05 - 2018-06-06 11:13 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-06-06 11:05 - 2018-06-06 11:17 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 12:43 - 2018-06-08 12:44 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-06-06 11:05 - 2018-06-06 11:14 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 12:43 - 2018-06-08 12:43 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-06-06 11:05 - 2018-06-06 11:15 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-06 11:05 - 2018-06-06 11:11 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-06-06 11:05 - 2018-06-06 11:16 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-06 11:05 - 2018-06-06 11:15 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-06-08 12:43 - 2018-06-08 12:44 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-06 11:17 - 2018-06-06 11:18 - 000015872 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\Maps.exe
2018-06-06 11:17 - 2018-06-06 11:18 - 016588800 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\Maps.dll
2017-09-29 10:45 - 2017-09-29 10:45 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1711.10477.1000_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2018-06-06 23:06 - 2018-06-06 23:07 - 000062464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000212992 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmpr.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000006144 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libslink.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000062976 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libappweb.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000197632 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libhttp.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000090624 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libpcre.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000009216 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmod_ssl.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000114176 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmod_esp.dll
2017-04-28 15:43 - 2017-04-28 15:43 - 000015360 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmod_sci.dll
2018-06-07 12:00 - 2017-04-24 14:17 - 000018944 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\bin\libmprssl.dll
2017-04-28 15:43 - 2017-04-28 15:43 - 000011264 _____ () C:\Program Files (x86)\RDM Corporation\RDM Appweb\cache\controller_8e2a71804042fa9a9af99cd4b8f9124e.dll
2018-02-23 17:22 - 2018-02-23 17:22 - 000604160 _____ () C:\Program Files (x86)\Elavon\ConvergeConnect\CommerceSEC.dll
2018-02-23 17:22 - 2018-02-23 17:22 - 000191488 _____ () C:\Program Files (x86)\Elavon\ConvergeConnect\TlvJni.dll
2018-06-08 12:37 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:BC359956 [120]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-09-29 09:46 - 2017-09-29 09:44 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1393131357-1051084767-950562342-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/21/2018 09:07:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x803F7001
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/21/2018 09:00:55 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/21/2018 08:59:49 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error: (06/21/2018 08:23:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent
 
Error: (06/21/2018 08:23:07 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x800704CF
Command-line arguments:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
 
Error: (06/19/2018 02:55:52 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
Host Start  failed
 
Error: (06/19/2018 02:55:52 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
Runtime not yet initialized
 
Error: (06/19/2018 02:54:38 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Premier Edition 2018":
V28.0D R6 (M=1066, L=335, C=249, V=0 (0))
 
 
System errors:
=============
Error: (06/21/2018 09:07:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/21/2018 09:07:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{0358B920-0AC7-461F-98F4-58E32CD89148}
 and APPID 
{3EB3C877-1F16-487C-9050-104DBCD66683}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/21/2018 08:23:07 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-T376LOA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-T376LOA\DiComo SID (S-1-5-21-1393131357-1051084767-950562342-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/21/2018 08:23:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/21/2018 08:23:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/21/2018 08:23:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/21/2018 08:23:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/19/2018 08:57:22 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-T376LOA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-T376LOA\DiComo SID (S-1-5-21-1393131357-1051084767-950562342-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-06-19 11:09:05.763
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2229293F-C758-4ED4-AA89-5DE2982AC970}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-19 10:36:27.932
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9DB3BBB0-160F-49BA-8406-2FE20E262A09}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-19 10:31:43.791
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {238E9857-A808-4AE4-AF17-F26675819E67}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-11 10:59:04.140
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5F3DC6D5-C2D7-405E-A2DB-84294DECC7A3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-11 10:49:12.465
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0E241BEC-8A63-4C67-B906-EBDB09170BB8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-21 08:33:01.893
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1570.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-06-21 08:33:01.893
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1570.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-06-21 08:33:01.892
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1570.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-06-21 08:33:01.887
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1570.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-06-21 08:33:01.887
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1570.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8110.46 MB
Available physical RAM: 5778.86 MB
Total Virtual: 9390.46 MB
Available Virtual: 6958.09 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:110.76 GB) (Free:85 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:931.25 GB) NTFS
 
\\?\Volume{f4aaa1e7-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{f4aaa1e7-0000-0000-0000-30d31b000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.14 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: F4AAA1E7)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9E20ECE3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================


#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 29 June 2018 - 04:21 AM

Hi, my apologies for the delay. I'll assist you with this issue. :)

Before anything, can you explain how the printer is used? Wireless, in a network, connected to only one computer and so on? It sounds like the printer is printing program code as you would see it if you opened an executable file in a text editor and printed it.

Also, whats the make/model of this printer (bugbear is really old and not likely to affect modern hardware)?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#8 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 02 July 2018 - 08:03 AM

No worries on the delay. I thought it had sorted itself until this morning when it printed another oddball sheet.

The printer is a Brother MFC-7860DW, connected by USB to one PC, and not on the network.

 

Today's nonsense reads 

©*%aCookie: mstshash=Test (except the characters before Cookie are in the Symbol font so the Copyright symbol is a heart)

and then a bunch of characters I can't reproduce on the forums. In fact, one of them is 2 different characters printed on top of one another.



#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 02 July 2018 - 08:30 AM

Can you check on that computer if any printer jobs were initiated there (if the option to keep history is enabled, you should be able to see that in the printer settings on the computer, otherwise you could check the event viewer if the printer was started and if so, by what user account).


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#10 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 02 July 2018 - 08:42 AM

Here is what I could get from the printer. I've got the Event Viewer open, but I'm not sure what I'm looking for.

 

Date Messages Status 7/2/2018 8:38 Offline 0 7/2/2018 8:39 Toner Low 10006 7/2/2018 8:39 Offline 0 7/2/2018 8:47 Toner Low 10006 7/2/2018 8:49 Offline 0 7/2/2018 9:13 Toner Low 10006 7/2/2018 9:17 Offline 0 7/2/2018 9:18 Toner Low 10006 7/2/2018 9:21 Offline 0 7/2/2018 9:23 Toner Low 10006 7/2/2018 9:23 Offline 0 7/2/2018 9:24 Toner Low 10006 7/2/2018 9:25 Offline 0 7/2/2018 9:27 Toner Low 10006 7/2/2018 9:28 Offline 0 7/2/2018 9:30 Toner Low 10006 7/2/2018 9:34 Offline 0 7/2/2018 9:34 Toner Low 10006

#11 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 02 July 2018 - 10:31 AM

Can you leave the printer on but disconnect the usb cable from your computer and keep it a few days like that to see if it happens again? That way we can see if the printer itself is somehow doing this or if it is initiated from the computer it is connected to.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#12 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 02 July 2018 - 10:40 AM

We did that weeks ago when the issue first presented itself, which reminds me that I've left out a potentially crucial bit of information: It is also connected to a VOIP-run fax line!

When we unplug it from the usb only, it still printed the issues. When we unplug both, nothing happens. I believe that I have yet to try disconnecting the fax line but leaving the usb connected. I will give that a shot starting tonight and hope that we don't miss any important faxes :hysterical: 



#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 02 July 2018 - 12:33 PM

Yes, if you can try that, still, I'd probably suspect the problem lies with the fax line then.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#14 bMoreBusy

bMoreBusy
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 02 July 2018 - 12:52 PM

I've set our VOIP portal to use a virtual fax to email me instead of using the machine and unplugged the phone line. I will let you know what happens in a day or so. Thanks!



#15 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,247 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:06:54 AM

Posted 02 July 2018 - 01:18 PM

Okay, please keep me posted (also, it will be interesting to see if the VOIP portal is somehow involved, in which case you should see mails with weird faxes).


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users