Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is this laptop sending out unauthorized emails?


  • This topic is locked This topic is locked
18 replies to this topic

#1 phaonica

phaonica

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 19 June 2018 - 03:09 PM

We are using a webmail based email service and we've noticed that we're getting bounceback emails for messages that we didn't send. By any chance could someone help us determine if there is malware on this computer sending out emails we didn't intend to send? Thank you for your help.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2018
Ran by Ross (administrator) on ASUS-LT (19-06-2018 14:54:27)
Running from C:\Users\Ross\Desktop
Loaded Profiles: Ross (Available Profiles: Ross & admin)
Platform: Windows 10 Home Version 1703 15063.1155 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Starfield Technologies) C:\Users\Ross\AppData\Local\Workspace\workspaceupdate.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [107192 2012-08-24] ()
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5966864 2018-05-02] (Box, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-04-15] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [Starfield Updater] => C:\Users\Ross\AppData\Local\Workspace\WorkspaceUpdate.exe [35008 2013-05-10] (Starfield Technologies)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-03-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2018-03-11]
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)
Startup: C:\Users\Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 10.208.1.203 10.201.1.203
Tcpip\..\Interfaces\{21409fbf-3318-4f65-b7ae-fd4fd6ba17b5}: [DhcpNameServer] 10.208.1.203 10.201.1.203
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131447150157257679&GUID=17C61995-AC3E-4F03-BAE8-F5260D5CA2F0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=webpickaol-ie&s_qt=sb&tb_uuid=741C119616144BB188F32756277F8A00&tb_oid=09-07-2013&tb_mrud=09-07-2013
SearchScopes: HKU\S-1-5-21-64034393-3022908189-2605214032-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-64034393-3022908189-2605214032-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-28] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-28] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-07] ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/off -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npoff.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/off64 -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npoff64.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/wbe -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npwbe.dll [2013-05-10] (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/wbe64 -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npwbe64.dll [2013-05-10] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-03-30] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npoff.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npoff64.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npwbe.dll [2013-05-10] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npwbe64.dll [2013-05-10] (Starfield Technology, LLC)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default [2018-06-19]
CHR Extension: (Skype) - C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36680 2018-05-02] (Box, Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-04-15] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [405392 2018-03-27] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-28] (ASUS Corporation) [File not signed]
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-19 14:54 - 2018-06-19 14:55 - 000019868 _____ C:\Users\Ross\Desktop\FRST.txt
2018-06-19 14:54 - 2018-06-19 14:54 - 000000000 ____D C:\FRST
2018-06-19 14:53 - 2018-06-19 14:53 - 002413056 _____ (Farbar) C:\Users\Ross\Desktop\FRST64.exe
2018-06-18 17:57 - 2018-06-18 17:57 - 000085046 _____ C:\Users\Ross\Downloads\6-15-2018.zip
2018-06-18 17:29 - 2018-06-18 17:29 - 003153355 _____ C:\Users\Ross\Downloads\message_zdm (15).html
2018-06-18 16:46 - 2018-06-18 16:46 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3) (3).pdf
2018-06-18 13:53 - 2018-06-18 13:53 - 000586745 _____ C:\Users\Ross\Downloads\rma sweeney.pdf
2018-06-18 11:23 - 2018-06-18 11:23 - 000729471 _____ C:\Users\Ross\Downloads\ORD180526-01_final.pdf
2018-06-15 09:03 - 2018-06-18 17:57 - 000086175 _____ C:\Users\Ross\Downloads\MedHab Cap tables 2018 Proforma v3.xlsx
2018-06-15 07:50 - 2018-06-15 07:50 - 000156450 _____ C:\Users\Ross\Downloads\Parkinson's Foundation MyNotifi Announcement.pdf
2018-06-15 07:50 - 2018-06-15 07:50 - 000088077 _____ C:\Users\Ross\Downloads\Parkinson's Foundation Member Introductory Email.pdf
2018-06-14 15:46 - 2018-06-14 15:46 - 000001601 _____ C:\Users\Ross\Desktop\Box Sync.lnk
2018-06-14 15:46 - 2018-06-14 15:46 - 000000000 ___RD C:\Users\Ross\Box Sync
2018-06-14 15:44 - 2018-06-14 15:46 - 000000000 ____D C:\Users\Ross\AppData\Local\Box Sync
2018-06-14 15:44 - 2018-06-14 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2018-06-14 15:44 - 2018-06-14 15:44 - 000000000 ____D C:\Program Files\Box
2018-06-14 15:41 - 2018-06-14 15:43 - 036278560 _____ (Box Inc.) C:\Users\Ross\Downloads\BoxSyncSetup.exe
2018-06-14 15:14 - 2018-06-14 15:14 - 000937701 _____ C:\Users\Ross\Downloads\50 Plus contract.pdf
2018-06-14 13:01 - 2018-06-14 13:01 - 000207511 _____ C:\Users\Ross\Downloads\MyNotifi Sales 6-9-18.pdf
2018-06-14 13:00 - 2018-06-14 13:00 - 000073728 _____ C:\Users\Ross\Downloads\Weekly MyNotifi Sales Report (8).pdf
2018-06-13 17:03 - 2018-06-13 17:03 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3) (2).pdf
2018-06-13 15:26 - 2018-06-08 01:18 - 000336328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-06-13 15:26 - 2018-06-08 01:00 - 000125856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 000804792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-13 15:26 - 2018-06-08 00:49 - 000606968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-06-13 15:26 - 2018-06-08 00:48 - 002260792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 15:26 - 2018-06-08 00:48 - 001839360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-13 15:26 - 2018-06-08 00:48 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 15:26 - 2018-06-08 00:46 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-06-13 15:26 - 2018-06-08 00:45 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 005829816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-13 15:26 - 2018-06-08 00:44 - 001474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-13 15:26 - 2018-06-08 00:44 - 000523304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 004215192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 002168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 001465872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 001267064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000559008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-13 15:26 - 2018-06-08 00:43 - 000433896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000354368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 002333080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 001998424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 001078048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000437552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000152448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 020378568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 006771936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 005809152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 004673368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 001645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 001529936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 001459216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000541328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000333704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000090488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2018-06-13 15:26 - 2018-06-08 00:39 - 000583672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-13 15:26 - 2018-06-08 00:35 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-06-13 15:26 - 2018-06-08 00:33 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-06-13 15:26 - 2018-06-08 00:33 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-06-13 15:26 - 2018-06-08 00:32 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-06-13 15:26 - 2018-06-08 00:31 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-06-13 15:26 - 2018-06-08 00:29 - 013849088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 15:26 - 2018-06-08 00:28 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 15:26 - 2018-06-08 00:28 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-06-13 15:26 - 2018-06-08 00:27 - 006729728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-06-13 15:26 - 2018-06-08 00:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 15:26 - 2018-06-08 00:22 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2018-06-13 15:26 - 2018-06-08 00:22 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-06-13 15:26 - 2018-06-08 00:22 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fidocredprov.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 002672640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 006124032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 001233408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2018-06-13 15:26 - 2018-06-08 00:20 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 001510400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000649216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-06-13 15:26 - 2018-06-08 00:19 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-06-13 15:26 - 2018-06-08 00:19 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 006535680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-06-13 15:26 - 2018-06-08 00:18 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 000797696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-06-13 15:26 - 2018-06-08 00:18 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002463232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002396672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002299392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2018-06-13 15:26 - 2018-06-08 00:16 - 004558848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 002212864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 000979968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 15:26 - 2018-06-08 00:15 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-06-13 15:26 - 2018-06-08 00:13 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2018-06-13 15:26 - 2018-06-08 00:13 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2018-06-13 15:26 - 2018-06-08 00:12 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2018-06-13 15:26 - 2018-04-26 14:56 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 15:26 - 2018-04-26 14:55 - 000059456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-06-13 15:26 - 2018-04-26 14:40 - 002951168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 15:26 - 2018-04-26 14:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-06-13 15:26 - 2018-04-26 14:33 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-06-13 15:26 - 2018-04-26 14:32 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-06-13 15:26 - 2018-04-26 14:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2018-06-13 15:26 - 2018-04-26 14:25 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-06-13 15:26 - 2018-03-04 20:58 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-06-13 15:26 - 2018-03-02 02:10 - 000278936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-06-13 15:26 - 2018-03-02 02:09 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-06-13 15:26 - 2018-03-02 02:06 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-06-13 15:26 - 2018-03-02 02:05 - 001123976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-13 15:26 - 2018-03-02 01:51 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2018-06-13 15:26 - 2018-03-02 01:47 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2018-06-13 15:26 - 2018-03-02 01:47 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 15:26 - 2018-03-02 01:45 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2018-06-13 15:26 - 2018-03-02 01:44 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-06-13 15:26 - 2018-03-02 01:42 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-06-13 15:26 - 2018-03-02 01:38 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2018-06-13 15:25 - 2018-06-09 13:13 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 15:25 - 2018-06-08 01:25 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 15:25 - 2018-06-08 01:23 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2018-06-13 15:25 - 2018-06-08 01:19 - 001911704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 15:25 - 2018-06-08 01:19 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-06-13 15:25 - 2018-06-08 01:19 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-13 15:25 - 2018-06-08 01:18 - 000730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 15:25 - 2018-06-08 01:17 - 000403440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2018-06-13 15:25 - 2018-06-08 01:15 - 002672032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-06-13 15:25 - 2018-06-08 00:49 - 002253040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-13 15:25 - 2018-06-08 00:47 - 001339864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2018-06-13 15:25 - 2018-06-08 00:46 - 001135352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-06-13 15:25 - 2018-06-08 00:46 - 000029000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\avrt.dll
2018-06-13 15:25 - 2018-06-08 00:45 - 000865232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 002417296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 001518056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000993840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000810400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000697248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000583584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000093536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000782240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000558008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000067752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptsp.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 001195752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 000867312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 000657576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-06-13 15:25 - 2018-06-08 00:40 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 15:25 - 2018-06-08 00:39 - 000542936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2018-06-13 15:25 - 2018-06-08 00:39 - 000411224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-06-13 15:25 - 2018-06-08 00:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-06-13 15:25 - 2018-06-08 00:38 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 15:25 - 2018-06-08 00:37 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-06-13 15:25 - 2018-06-08 00:36 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2018-06-13 15:25 - 2018-06-08 00:35 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2018-06-13 15:25 - 2018-06-08 00:35 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2018-06-13 15:25 - 2018-06-08 00:35 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 15:25 - 2018-06-08 00:33 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2018-06-13 15:25 - 2018-06-08 00:33 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2018-06-13 15:25 - 2018-06-08 00:33 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2018-06-13 15:25 - 2018-06-08 00:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2018-06-13 15:25 - 2018-06-08 00:31 - 004507136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-06-13 15:25 - 2018-06-08 00:31 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-06-13 15:25 - 2018-06-08 00:31 - 001611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-06-13 15:25 - 2018-06-08 00:31 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2018-06-13 15:25 - 2018-06-08 00:30 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2018-06-13 15:25 - 2018-06-08 00:30 - 000991744 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-06-13 15:25 - 2018-06-08 00:29 - 001048064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2018-06-13 15:25 - 2018-06-08 00:28 - 008214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-13 15:25 - 2018-06-08 00:28 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 001474048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2018-06-13 15:25 - 2018-06-08 00:26 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 15:25 - 2018-06-08 00:25 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2018-06-13 15:25 - 2018-06-08 00:23 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2018-06-13 15:25 - 2018-06-08 00:23 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2018-06-13 15:25 - 2018-06-08 00:23 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-06-13 15:25 - 2018-06-08 00:22 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shutdown.exe
2018-06-13 15:25 - 2018-06-08 00:21 - 005725184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000763904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 15:25 - 2018-06-08 00:21 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2018-06-13 15:25 - 2018-06-08 00:20 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 001172480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-06-13 15:25 - 2018-06-08 00:20 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-06-13 15:25 - 2018-06-08 00:20 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-06-13 15:25 - 2018-06-08 00:19 - 001238528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-13 15:25 - 2018-06-08 00:19 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-06-13 15:25 - 2018-06-08 00:19 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2018-06-13 15:25 - 2018-06-08 00:18 - 003425280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-06-13 15:25 - 2018-06-08 00:18 - 001623040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2018-06-13 15:25 - 2018-06-08 00:18 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-06-13 15:25 - 2018-06-08 00:18 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 005227008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 004418048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 002679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 002386432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001966080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001239040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 002871808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 002355200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 002142208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 001204736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-06-13 15:25 - 2018-06-08 00:14 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-06-13 15:25 - 2018-06-08 00:13 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 001505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 15:25 - 2018-06-08 00:12 - 001302016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-06-13 15:25 - 2018-06-08 00:12 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-06-13 15:25 - 2018-06-08 00:12 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2018-06-13 15:25 - 2018-06-08 00:11 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2018-06-13 15:25 - 2018-05-21 05:52 - 001859584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 15:25 - 2018-04-26 15:31 - 000194464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-06-13 15:25 - 2018-04-26 15:29 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-06-13 15:25 - 2018-04-26 15:25 - 000095648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 15:25 - 2018-04-26 15:24 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-06-13 15:25 - 2018-04-26 14:39 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 15:25 - 2018-04-26 14:38 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-13 15:25 - 2018-04-26 14:38 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 15:25 - 2018-04-26 14:38 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 15:25 - 2018-04-26 14:37 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-06-13 15:25 - 2018-04-26 14:37 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-06-13 15:25 - 2018-04-26 14:35 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2018-06-13 15:25 - 2018-03-02 09:36 - 000141720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-06-13 15:25 - 2018-03-02 09:35 - 000062880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-06-13 15:25 - 2018-03-02 08:53 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-06-13 15:25 - 2018-03-02 08:52 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2018-06-13 15:25 - 2018-03-02 02:20 - 001953448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2018-06-13 15:25 - 2018-03-02 02:09 - 000390560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-06-13 15:25 - 2018-03-02 02:08 - 000552656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-06-13 15:25 - 2018-03-02 02:08 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-06-13 15:25 - 2018-03-02 02:08 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-06-13 15:25 - 2018-03-02 02:06 - 000356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2018-06-13 15:25 - 2018-03-02 01:49 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.XboxLive.ProxyStub.dll
2018-06-13 15:25 - 2018-03-02 01:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2018-06-13 15:25 - 2018-03-02 01:48 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2018-06-13 15:25 - 2018-03-02 01:47 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000377344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-06-13 15:25 - 2018-03-02 01:43 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-06-13 15:25 - 2018-03-02 01:42 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2018-06-13 15:25 - 2018-03-02 01:42 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-06-13 15:25 - 2018-03-02 01:42 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2018-06-13 15:25 - 2018-03-02 01:41 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2018-06-13 15:25 - 2018-03-02 01:41 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2018-06-13 15:25 - 2018-03-02 01:41 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2018-06-13 15:25 - 2018-03-02 01:38 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2018-06-13 15:25 - 2018-03-02 01:36 - 000477184 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2018-06-13 15:25 - 2018-03-02 01:36 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2018-06-13 15:25 - 2018-03-02 01:36 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfmon.exe
2018-06-13 15:25 - 2018-03-02 01:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2018-06-13 15:25 - 2018-03-02 01:35 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2018-06-13 15:24 - 2018-06-08 08:22 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 15:24 - 2018-06-08 08:22 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 15:24 - 2018-06-08 01:31 - 000039328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2018-06-13 15:24 - 2018-06-08 01:27 - 002311936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-13 15:24 - 2018-06-08 01:27 - 002026504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2018-06-13 15:24 - 2018-06-08 01:26 - 008337312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 15:24 - 2018-06-08 01:26 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-13 15:24 - 2018-06-08 01:25 - 002970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 15:24 - 2018-06-08 01:25 - 002398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-13 15:24 - 2018-06-08 01:25 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 15:24 - 2018-06-08 01:22 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 15:24 - 2018-06-08 01:22 - 000367008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 15:24 - 2018-06-08 01:21 - 001239456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-06-13 15:24 - 2018-06-08 01:19 - 002994784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 001760784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 000938912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 000337824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 006557528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 004709016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001705088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001670520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001033552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000762784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000586264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000342432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 001194256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 000510872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 15:24 - 2018-06-08 01:15 - 001103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 15:24 - 2018-06-08 01:15 - 000523808 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-06-13 15:24 - 2018-06-08 00:50 - 023683072 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-13 15:24 - 2018-06-08 00:49 - 001618792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-13 15:24 - 2018-06-08 00:48 - 001150800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-06-13 15:24 - 2018-06-08 00:41 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-06-13 15:24 - 2018-06-08 00:41 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2018-06-13 15:24 - 2018-06-08 00:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2018-06-13 15:24 - 2018-06-08 00:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-13 15:24 - 2018-06-08 00:36 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-06-13 15:24 - 2018-06-08 00:36 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-13 15:24 - 2018-06-08 00:35 - 023702016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 15:24 - 2018-06-08 00:35 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-06-13 15:24 - 2018-06-08 00:35 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-13 15:24 - 2018-06-08 00:33 - 008337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 007149568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001304576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001191424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-06-13 15:24 - 2018-06-08 00:32 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-06-13 15:24 - 2018-06-08 00:32 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-06-13 15:24 - 2018-06-08 00:31 - 002079744 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 15:24 - 2018-06-08 00:31 - 000909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 005892608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2018-06-13 15:24 - 2018-06-08 00:29 - 012805120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 004398080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-06-13 15:24 - 2018-06-08 00:28 - 020517376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-13 15:24 - 2018-06-08 00:28 - 008168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-13 15:24 - 2018-06-08 00:28 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-06-13 15:24 - 2018-06-08 00:28 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 013384192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 004719104 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 002830848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 002939904 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 019355648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 001161728 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2018-06-13 15:24 - 2018-06-08 00:23 - 001912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-06-13 15:24 - 2018-06-08 00:23 - 001836032 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2018-06-13 15:24 - 2018-06-08 00:23 - 001179136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 011891712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-06-13 15:24 - 2018-06-08 00:22 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-06-13 15:24 - 2018-06-08 00:21 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 15:24 - 2018-06-08 00:20 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-06-13 15:24 - 2018-06-08 00:19 - 002011648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 15:24 - 2018-06-08 00:19 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 15:24 - 2018-06-08 00:19 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-13 15:24 - 2018-06-08 00:19 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2018-06-13 15:24 - 2018-06-08 00:18 - 006258176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-13 15:24 - 2018-06-08 00:17 - 003653632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 15:24 - 2018-06-08 00:17 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 15:24 - 2018-06-08 00:16 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 15:24 - 2018-05-24 16:28 - 002447360 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 15:24 - 2018-04-26 15:29 - 000381848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-13 15:24 - 2018-04-26 15:20 - 000527464 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-06-13 15:24 - 2018-04-26 14:38 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-06-13 15:24 - 2018-04-26 14:35 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-06-13 15:24 - 2018-04-26 14:34 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-06-13 15:24 - 2018-04-26 14:33 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-06-13 15:24 - 2018-04-26 14:33 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2018-06-13 15:24 - 2018-04-26 14:33 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-06-13 15:24 - 2018-04-26 14:32 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-13 15:24 - 2018-04-26 14:32 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-13 15:24 - 2018-03-04 20:55 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-13 15:24 - 2018-03-02 09:42 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2018-06-13 15:24 - 2018-03-02 09:35 - 000143768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2018-06-13 15:24 - 2018-03-02 08:53 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2018-06-13 15:24 - 2018-03-02 08:53 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2018-06-13 15:24 - 2018-03-02 08:52 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2018-06-13 15:24 - 2018-03-02 08:52 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2018-06-13 15:24 - 2018-03-02 08:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-06-13 15:24 - 2018-03-02 08:47 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2018-06-13 15:24 - 2018-03-02 08:44 - 001600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2018-06-13 15:24 - 2018-03-02 08:39 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2018-06-13 15:24 - 2018-03-02 08:37 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2018-06-13 15:24 - 2018-03-02 08:37 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2018-06-13 15:24 - 2018-03-02 08:37 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2018-06-13 15:24 - 2018-03-02 01:49 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2018-06-13 15:24 - 2018-03-02 01:49 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2018-06-13 15:23 - 2018-06-08 08:23 - 000960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-13 15:23 - 2018-06-08 01:31 - 001597112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 15:23 - 2018-06-08 01:31 - 001066128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-13 15:23 - 2018-06-08 01:30 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-13 15:23 - 2018-06-08 01:30 - 001459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-06-13 15:23 - 2018-06-08 01:30 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-13 15:23 - 2018-06-08 01:30 - 001022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-13 15:23 - 2018-06-08 01:30 - 000966560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-06-13 15:23 - 2018-06-08 01:29 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2018-06-13 15:23 - 2018-06-08 01:29 - 000901400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-13 15:23 - 2018-06-08 01:29 - 000822688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-06-13 15:23 - 2018-06-08 01:29 - 000176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 15:23 - 2018-06-08 01:26 - 004574200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 15:23 - 2018-06-08 01:26 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 15:23 - 2018-06-08 01:26 - 001188576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-13 15:23 - 2018-06-08 01:26 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-13 15:23 - 2018-06-08 01:25 - 001736096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 15:23 - 2018-06-08 01:22 - 000923592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-13 15:23 - 2018-06-08 01:21 - 000668104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 15:23 - 2018-06-08 01:20 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-13 15:23 - 2018-06-08 01:20 - 001019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 15:23 - 2018-06-08 01:20 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 007318896 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 005477608 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 002649272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 002443680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-13 15:23 - 2018-06-08 01:19 - 001667832 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 001506224 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 001219592 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 001171056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-13 15:23 - 2018-06-08 01:19 - 000524768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000416928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 002466424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000847264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmiEngine.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000643712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 15:23 - 2018-06-08 01:18 - 000555848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000128416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 021359384 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 007909936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 003116696 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 001282528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 001280416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-06-13 15:23 - 2018-06-08 01:16 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-06-13 15:23 - 2018-06-08 01:16 - 000700976 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-06-13 15:23 - 2018-06-08 01:16 - 000154528 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2018-06-13 15:23 - 2018-06-08 00:42 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 15:23 - 2018-06-08 00:41 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2018-06-13 15:23 - 2018-06-08 00:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2018-06-13 15:23 - 2018-06-08 00:41 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-06-13 15:23 - 2018-06-08 00:39 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-13 15:23 - 2018-06-08 00:38 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 15:23 - 2018-06-08 00:38 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 017372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-06-13 15:23 - 2018-06-08 00:36 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-13 15:23 - 2018-06-08 00:36 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFIoT.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 006569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsmsnap.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2018-06-13 15:23 - 2018-06-08 00:34 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 007931904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 003366400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-06-13 15:23 - 2018-06-08 00:32 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 001580544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 002053120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-13 15:23 - 2018-06-08 00:30 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-06-13 15:23 - 2018-06-08 00:29 - 004208640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 002491904 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001103360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-06-13 15:23 - 2018-06-08 00:29 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 002650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 002502656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 003141120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 003058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 002449920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 002426368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 001348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 001039360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-06-13 15:23 - 2018-06-08 00:25 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-06-13 15:23 - 2018-06-08 00:24 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 15:23 - 2018-06-08 00:24 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 15:23 - 2018-06-08 00:22 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-13 15:23 - 2018-05-24 16:26 - 000125015 ____R C:\WINDOWS\system32\CaptureCountdown.hcp
2018-06-13 15:23 - 2018-05-24 16:26 - 000119017 ____R C:\WINDOWS\system32\CaptureBrackets.hcp
2018-06-13 15:23 - 2018-05-24 16:26 - 000017806 ____R C:\WINDOWS\system32\CaptureToast.hcp
2018-06-13 15:23 - 2018-04-26 15:32 - 000544672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-06-13 15:23 - 2018-04-26 15:23 - 000350776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 15:23 - 2018-04-26 14:41 - 003666944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 15:23 - 2018-04-26 14:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-06-13 15:23 - 2018-04-26 14:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2018-06-13 15:23 - 2018-04-26 14:36 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-06-13 15:23 - 2018-04-26 14:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-06-13 15:23 - 2018-03-04 20:56 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-06-13 15:23 - 2018-03-04 20:48 - 001461248 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-06-13 15:23 - 2018-03-02 09:41 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-06-13 15:23 - 2018-03-02 09:37 - 000100808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-06-13 15:23 - 2018-03-02 09:36 - 000431352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-06-13 15:23 - 2018-03-02 09:35 - 000093568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-06-13 15:23 - 2018-03-02 09:34 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 15:23 - 2018-03-02 08:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2018-06-13 15:23 - 2018-03-02 08:54 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvcPAL.dll
2018-06-13 15:23 - 2018-03-02 08:53 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2018-06-13 15:23 - 2018-03-02 08:52 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-06-13 15:23 - 2018-03-02 08:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2018-06-13 15:23 - 2018-03-02 08:51 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2018-06-13 15:23 - 2018-03-02 08:50 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2018-06-13 15:23 - 2018-03-02 08:50 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\correngine.dll
2018-06-13 15:23 - 2018-03-02 08:50 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2018-06-13 15:23 - 2018-03-02 08:49 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-06-13 15:23 - 2018-03-02 08:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2018-06-13 15:23 - 2018-03-02 08:47 - 004269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2018-06-13 15:23 - 2018-03-02 08:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2018-06-13 15:23 - 2018-03-02 08:45 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2018-06-13 15:23 - 2018-03-02 01:41 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2018-06-13 15:22 - 2018-06-08 08:25 - 020416512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 15:22 - 2018-06-08 08:24 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 15:22 - 2018-06-08 08:23 - 001161216 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-06-13 15:22 - 2018-06-08 08:23 - 000528896 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2018-06-13 15:22 - 2018-06-08 08:22 - 017049600 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-13 15:22 - 2018-06-08 08:16 - 007136256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Havok.Physics.dll
2018-06-13 15:22 - 2018-06-08 01:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-13 15:22 - 2018-06-08 01:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 15:22 - 2018-06-08 01:35 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-13 15:22 - 2018-06-08 01:34 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-13 15:22 - 2018-06-08 01:34 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-13 15:22 - 2018-06-08 01:34 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-13 15:22 - 2018-06-08 01:32 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-13 15:22 - 2018-06-08 01:32 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-13 15:22 - 2018-06-08 01:32 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-13 15:22 - 2018-06-08 01:30 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-13 15:22 - 2018-06-08 01:28 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-13 15:22 - 2018-06-08 01:28 - 000486592 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 15:22 - 2018-06-08 01:23 - 000421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2018-06-13 15:22 - 2018-06-08 01:21 - 001200912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-06-13 15:22 - 2018-06-08 01:21 - 000528288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-13 15:22 - 2018-06-08 01:20 - 001058376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2018-06-13 15:22 - 2018-06-08 01:20 - 001046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-13 15:22 - 2018-06-08 01:20 - 000515000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 15:22 - 2018-06-08 01:19 - 000673136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-06-13 15:22 - 2018-06-08 01:19 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-06-13 15:22 - 2018-06-08 01:19 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-06-13 15:22 - 2018-06-08 01:19 - 000370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-06-13 15:22 - 2018-06-08 01:19 - 000350624 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 005305008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 002087328 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 001347640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-06-13 15:22 - 2018-06-08 01:18 - 000690592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 000141136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 15:22 - 2018-06-08 01:17 - 001337872 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 15:22 - 2018-06-08 01:17 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 15:22 - 2018-06-08 01:17 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 15:22 - 2018-06-08 01:16 - 001763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-06-13 15:22 - 2018-06-08 01:16 - 000833168 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-06-13 15:22 - 2018-06-08 01:16 - 000802720 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 15:22 - 2018-06-08 01:16 - 000222712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-06-13 15:22 - 2018-06-08 01:15 - 001115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 15:22 - 2018-06-08 01:15 - 000624040 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2018-06-13 15:22 - 2018-06-08 00:41 - 001723392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 15:22 - 2018-06-08 00:41 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2018-06-13 15:22 - 2018-06-08 00:39 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-13 15:22 - 2018-06-08 00:39 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\eUICCsCSP.dll
2018-06-13 15:22 - 2018-06-08 00:38 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-06-13 15:22 - 2018-06-08 00:38 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2018-06-13 15:22 - 2018-06-08 00:38 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-06-13 15:22 - 2018-06-08 00:38 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRCommon.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 15:22 - 2018-06-08 00:37 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 15:22 - 2018-06-08 00:36 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000723456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafupnp.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2018-06-13 15:22 - 2018-06-08 00:36 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-06-13 15:22 - 2018-06-08 00:35 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 15:22 - 2018-06-08 00:35 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 002727936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2018-06-13 15:22 - 2018-06-08 00:33 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 15:22 - 2018-06-08 00:33 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000679936 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2018-06-13 15:22 - 2018-06-08 00:33 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-06-13 15:22 - 2018-06-08 00:32 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-06-13 15:22 - 2018-06-08 00:32 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-06-13 15:22 - 2018-06-08 00:31 - 000727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 15:22 - 2018-06-08 00:31 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 001242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 001888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2018-06-13 15:22 - 2018-06-08 00:28 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-06-13 15:22 - 2018-06-08 00:28 - 002813440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-13 15:22 - 2018-06-08 00:28 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-13 15:22 - 2018-06-08 00:28 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2018-06-13 15:22 - 2018-06-08 00:27 - 002177536 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 15:22 - 2018-06-08 00:27 - 001844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 003490304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 002757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 002855936 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 001044480 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 002899968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 001550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-06-13 15:22 - 2018-06-08 00:23 - 001313280 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 001651200 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 001529856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 001527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-13 15:22 - 2018-04-26 15:23 - 000070352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-06-13 15:22 - 2018-04-26 14:38 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-06-13 15:22 - 2018-04-26 14:37 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-06-13 15:22 - 2018-04-26 14:35 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2018-06-13 15:22 - 2018-04-26 14:35 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2018-06-13 15:22 - 2018-04-26 14:32 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-06-13 15:22 - 2018-04-26 14:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-06-13 15:22 - 2018-04-26 14:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2018-06-13 15:22 - 2018-03-02 09:45 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2018-06-13 15:22 - 2018-03-02 09:45 - 000041368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2018-06-13 15:22 - 2018-03-02 09:36 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 15:22 - 2018-03-02 09:36 - 000146336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-06-13 15:22 - 2018-03-02 09:36 - 000135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2018-06-13 15:22 - 2018-03-02 09:36 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-06-13 15:22 - 2018-03-02 09:35 - 000963992 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2018-06-13 15:22 - 2018-03-02 08:54 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragproxy.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2018-06-13 15:22 - 2018-03-02 08:52 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2018-06-13 15:22 - 2018-03-02 08:51 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-06-13 15:22 - 2018-03-02 08:51 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-06-13 15:22 - 2018-03-02 08:40 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-06-13 15:22 - 2018-03-02 08:40 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2018-06-13 15:22 - 2018-03-02 08:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2018-06-13 15:22 - 2018-03-02 08:39 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2018-06-13 15:22 - 2018-03-02 08:38 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2018-06-13 15:22 - 2018-03-02 08:38 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFCoinstaller.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 000566272 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2018-06-13 15:22 - 2018-03-02 08:37 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-06-13 15:22 - 2018-03-02 08:37 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfmon.exe
2018-06-13 15:22 - 2018-03-02 08:37 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2018-06-13 15:22 - 2018-03-02 08:36 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdhui.dll
2018-06-13 15:22 - 2018-03-02 01:36 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2018-06-13 15:21 - 2018-06-08 00:39 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-13 15:21 - 2018-04-26 14:38 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 15:21 - 2018-03-02 08:52 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzSqlExt.dll
2018-06-13 15:21 - 2018-03-02 08:49 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-06-13 15:21 - 2018-03-02 08:44 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2018-06-13 15:21 - 2018-03-02 08:40 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2018-06-13 15:21 - 2018-03-02 08:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2018-06-13 15:21 - 2018-03-02 08:37 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2018-06-13 15:09 - 2018-06-13 15:09 - 000600354 _____ C:\Users\Ross\Downloads\NSCA Newsletter TWO rev E (2).pdf
2018-06-13 15:08 - 2018-06-13 15:08 - 000143010 _____ C:\Users\Ross\Downloads\NSCA Newsletter ONE rev B (3).pdf
2018-06-12 23:48 - 2018-06-12 23:48 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3) (1).pdf
2018-06-12 14:01 - 2018-06-12 14:01 - 001421706 _____ C:\Users\Ross\Downloads\BR18_flyer (1).pdf
2018-06-12 13:06 - 2018-06-12 13:06 - 002013160 _____ C:\Users\Ross\Downloads\snapshots.zip
2018-06-11 20:39 - 2018-06-11 20:39 - 000064481 _____ C:\Users\Ross\Downloads\MedHab Cap tables 2018 Proforma v2.xlsx
2018-06-11 20:00 - 2018-06-11 20:00 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3).pdf
2018-06-11 14:46 - 2018-06-11 14:47 - 002724199 _____ C:\Users\Ross\Downloads\new legion20180611_11371555.pdf
2018-06-11 14:19 - 2018-06-11 14:19 - 009882624 _____ C:\Users\Ross\Downloads\2018 Catholic Television of San Antono Media Kit.ppt
2018-06-11 13:14 - 2018-06-11 13:14 - 000086871 _____ C:\Users\Ross\Downloads\INV-000455 (1).pdf
2018-06-11 10:55 - 2018-06-11 10:55 - 000052519 _____ C:\Users\Ross\Downloads\medhab060818 (1).pdf
2018-06-11 09:27 - 2018-06-11 09:27 - 001118860 _____ C:\Users\Ross\Desktop\Cari's test document.pdf
2018-06-11 08:28 - 2018-06-11 08:28 - 000046613 _____ C:\Users\Ross\Downloads\MedHab Cap tables 2018 Proforma.xlsx
2018-06-08 13:59 - 2018-06-08 13:59 - 000086871 _____ C:\Users\Ross\Downloads\INV-000455.pdf
2018-06-08 12:33 - 2018-06-08 12:33 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-06-08 12:30 - 2018-06-08 12:30 - 000054584 _____ C:\Users\Ross\Downloads\medhab060818.pdf
2018-06-08 09:31 - 2018-06-08 09:31 - 000454665 _____ C:\Users\Ross\Downloads\sample.pdf
2018-06-08 09:28 - 2018-06-08 09:28 - 000585208 _____ C:\Users\Ross\Downloads\2018 May - MyNotifi Monthly Report.pdf
2018-06-07 12:57 - 2018-06-07 12:57 - 000206791 _____ C:\Users\Ross\Downloads\MyNotifi Sales 6-2-18.pdf
2018-06-07 12:56 - 2018-06-07 12:56 - 000069959 _____ C:\Users\Ross\Downloads\Weekly MyNotifi Sales Report (7).pdf
2018-06-07 12:27 - 2018-06-07 12:37 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-05 13:39 - 2018-06-05 13:39 - 004411343 _____ C:\Users\Ross\Downloads\13009 MyNotifi Digital Banner Ad Layouts 6-5-18.pdf
2018-06-05 10:22 - 2018-06-05 10:22 - 000655245 _____ C:\Users\Ross\Downloads\MedHab Invoices - May.pdf
2018-06-04 16:05 - 2018-06-04 16:05 - 000037269 _____ C:\Users\Ross\Downloads\STMAC-KM-C418060414300.pdf
2018-06-04 15:45 - 2018-06-04 15:45 - 000044513 _____ C:\Users\Ross\Downloads\PRN_Statement (1).pdf
2018-06-04 13:21 - 2018-06-04 13:21 - 000036560 _____ C:\Users\Ross\Downloads\Camp Round Up 2018 Staffing.pdf
2018-06-04 13:18 - 2018-06-04 13:18 - 000402112 _____ C:\Users\Ross\Downloads\Medhab 6-18.pdf
2018-06-04 10:17 - 2018-06-04 10:17 - 000000000 ____D C:\ProgramData\MB2Migration
2018-06-04 10:16 - 2018-06-04 10:16 - 074288784 _____ (Malwarebytes ) C:\Users\Ross\Desktop\mb3-setup-1878.1878-3.5.1.2522.exe
2018-06-01 12:50 - 2018-06-01 12:50 - 015781318 _____ C:\Users\Ross\Downloads\MyNotifi Tech Support may 30_2018 final (1).odt
2018-06-01 12:49 - 2018-06-01 12:50 - 015781318 _____ C:\Users\Ross\Downloads\MyNotifi Tech Support may 30_2018 final.odt
2018-06-01 12:27 - 2018-06-01 12:27 - 007980782 _____ C:\Users\Ross\Downloads\LC - 009 MyNotifi UserManual Rev 4 5-29-2018.pdf
2018-06-01 11:39 - 2018-06-01 11:39 - 000086039 _____ C:\Users\Ross\Downloads\Johnny Ross - Cover Sheet (non-employee).pdf
2018-06-01 07:28 - 2018-06-01 07:28 - 000001900 _____ C:\Users\Ross\Downloads\call_log-2018-05-31.csv
2018-05-31 23:28 - 2018-05-31 23:28 - 000919846 _____ C:\Users\Ross\Downloads\8315681_0000004536_20180530 (1).pdf
2018-05-31 18:33 - 2018-05-31 19:02 - 474907002 _____ C:\Users\Ross\Downloads\83156_Coffee_With_America_1080p_MP4 (1).zip
2018-05-31 18:33 - 2018-05-31 18:56 - 361811449 _____ C:\Users\Ross\Downloads\83156_KOB__1080p_MP4.zip
2018-05-31 18:33 - 2018-05-31 18:55 - 331273191 _____ C:\Users\Ross\Downloads\83156_WFTX_1080p_MP4 (1).zip
2018-05-31 18:33 - 2018-05-31 18:41 - 087042959 _____ C:\Users\Ross\Downloads\83156_WCIU_1080_MP4 (1).zip
2018-05-31 18:33 - 2018-05-31 18:35 - 022099779 _____ C:\Users\Ross\Downloads\83156_IN_FOCUS_1080_MP4 (1).zip
2018-05-31 18:32 - 2018-05-31 18:54 - 315327788 _____ C:\Users\Ross\Downloads\83156_BusinessFirst_1080p_MP4.zip
2018-05-31 17:24 - 2018-05-31 17:31 - 331273191 _____ C:\Users\Ross\Downloads\83156_WFTX_1080p_MP4.zip
2018-05-31 17:19 - 2018-05-31 17:21 - 087042959 _____ C:\Users\Ross\Downloads\83156_WCIU_1080_MP4.zip
2018-05-31 16:42 - 2018-05-31 16:42 - 000206109 _____ C:\Users\Ross\Downloads\MyNotifi-Report-May-2018 (1).pdf
2018-05-31 16:26 - 2018-05-31 16:26 - 000206109 _____ C:\Users\Ross\Downloads\MyNotifi-Report-May-2018.pdf
2018-05-31 16:04 - 2018-05-31 16:04 - 000086010 _____ C:\Users\Ross\Downloads\Non-employee cover sheet - Johnny Ross (1).pdf
2018-05-31 16:02 - 2018-05-31 16:02 - 002184960 _____ C:\Users\Ross\Downloads\Johnny Ross Corpus Christi ER.pdf
2018-05-31 16:01 - 2018-05-31 16:01 - 000086010 _____ C:\Users\Ross\Downloads\Non-employee cover sheet - Johnny Ross.pdf
2018-05-31 15:36 - 2018-05-31 15:36 - 000207303 _____ C:\Users\Ross\Downloads\MyNotifi Sales 5-26-18.pdf
2018-05-31 15:36 - 2018-05-31 15:36 - 000195639 _____ C:\Users\Ross\Downloads\MyNotifi Coupon Sales (1).pdf
2018-05-31 15:35 - 2018-05-31 15:35 - 000071238 _____ C:\Users\Ross\Downloads\Weekly MyNotifi Sales Report (6).pdf
2018-05-30 23:15 - 2018-05-30 23:15 - 000011146 _____ C:\Users\Ross\Downloads\MEDHAB Payment for R-80104.xlsx
2018-05-30 23:15 - 2018-05-30 23:15 - 000009801 _____ C:\Users\Ross\Downloads\30 pcs defective MLF-70100.xlsx
2018-05-30 14:54 - 2018-05-30 14:54 - 000919846 _____ C:\Users\Ross\Downloads\8315681_0000004536_20180530.pdf
2018-05-30 13:19 - 2018-05-30 13:37 - 882596708 _____ C:\Users\Ross\Downloads\83156_TESTEMONIAL_1080p_MP4.zip
2018-05-30 13:05 - 2018-05-30 13:05 - 000042898 _____ C:\Users\Ross\Downloads\message_zdm (14).html
2018-05-30 12:57 - 2018-05-30 12:57 - 000396274 _____ C:\Users\Ross\Desktop\Johnnys ER bill From Grapevine.pdf
2018-05-30 12:54 - 2018-05-30 12:54 - 000813667 _____ C:\Users\Ross\Desktop\Johnnys PIP form for Becky.pdf
2018-05-30 11:59 - 2018-05-30 11:59 - 002633786 _____ C:\Users\Ross\Desktop\Janices accident bills.pdf
2018-05-30 08:41 - 2018-05-30 08:41 - 000000550 _____ C:\Users\Ross\Downloads\call_log-2018-05-29.csv
2018-05-29 16:33 - 2018-05-29 16:33 - 000690080 _____ (Dropbox, Inc.) C:\Users\Ross\Downloads\DropboxInstaller.exe
2018-05-29 15:35 - 2018-05-29 15:35 - 000217350 _____ C:\Users\Ross\Downloads\MedHabAgreement.pdf
2018-05-29 15:27 - 2018-05-29 15:39 - 021728218 _____ C:\Users\Ross\Downloads\Unconfirmed 150461.crdownload
2018-05-29 14:29 - 2018-05-29 14:29 - 000485522 _____ C:\Users\Ross\Downloads\MedHab, LLC-US-180521-OC 140346_0.pdf
2018-05-29 13:46 - 2018-05-29 13:46 - 000134376 _____ C:\Users\Ross\Downloads\NCNR Agreement 2010_04_12.pdf
2018-05-29 13:20 - 2018-05-29 13:20 - 000037281 _____ C:\Users\Ross\Downloads\Copy of Material box build need for  25k  5-25-18  .xlsx
2018-05-29 13:20 - 2018-05-29 13:20 - 000028566 _____ C:\Users\Ross\Downloads\Copy of Purchase order R-80525  SPARTON VIETNAM MyNotifi  Second 25k prebuild  .xlsx
2018-05-29 13:20 - 2018-05-29 13:20 - 000028566 _____ C:\Users\Ross\Downloads\Copy of Purchase order R-80524  SPARTON VIETNAM MyNotifi  first 25k prebuild  .xlsx
2018-05-29 13:09 - 2018-05-29 13:09 - 000690926 _____ C:\Users\Ross\Desktop\TMAC receipts.pdf
2018-05-29 12:28 - 2018-05-29 12:42 - 022099779 _____ C:\Users\Ross\Downloads\83156_IN_FOCUS_1080_MP4.zip
2018-05-29 09:50 - 2018-05-29 09:51 - 005829514 _____ C:\Users\Ross\Downloads\4430.mp4
2018-05-29 09:38 - 2018-05-29 10:32 - 474907002 _____ C:\Users\Ross\Downloads\83156_Coffee_With_America_1080p_MP4.zip
2018-05-29 09:16 - 2018-05-29 09:16 - 000371719 _____ C:\Users\Ross\Downloads\sales tax exempt form.pdf
2018-05-29 09:16 - 2018-05-29 09:16 - 000175156 _____ C:\Users\Ross\Downloads\New Product Summary General - 3-26-18.xlsx
2018-05-29 09:16 - 2018-05-29 09:16 - 000032768 _____ C:\Users\Ross\Downloads\Credit Sheet Update - 2018.xls
2018-05-25 13:56 - 2018-05-25 13:56 - 012278723 _____ C:\Users\Ross\Downloads\83156_CMK_preview.mp4
2018-05-25 13:53 - 2018-05-25 13:53 - 005090259 _____ C:\Users\Ross\Downloads\83156_IN_FOCUS_preview (4).mp4
2018-05-25 12:35 - 2018-05-25 12:35 - 000000692 _____ C:\Users\Ross\Downloads\call_log-2018-05-22.csv
2018-05-25 12:32 - 2018-05-25 12:32 - 000000740 _____ C:\Users\Ross\Downloads\call_log-2018-05-23.csv
2018-05-25 12:18 - 2018-05-25 12:18 - 000000000 ____D C:\Windows.old
2018-05-25 11:13 - 2018-06-12 14:33 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-25 11:13 - 2018-06-12 14:33 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-25 10:59 - 2018-05-25 10:59 - 001130840 _____ (Google Inc.) C:\Users\Ross\Downloads\ChromeSetup.exe
2018-05-25 10:59 - 2018-05-25 10:59 - 000003448 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d3f4416c8695b7
2018-05-25 10:59 - 2018-05-25 10:59 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d3f4416c6d641b
2018-05-23 10:01 - 2018-05-23 10:01 - 001836027 _____ C:\Users\Ross\Downloads\MyNotifi-LovedOnesBrochure (2).pdf
2018-05-21 11:12 - 2018-05-21 11:12 - 000114500 _____ C:\Users\Ross\Downloads\Note Modification Agreement - MedHab LLC - $750000.00 (2).pdf
2018-05-21 08:07 - 2018-05-21 08:07 - 000034165 _____ C:\Users\Ross\Downloads\Purchase order R-80518  25k ship 3 K Ublox Chips  to SPARTON   (1).xlsx
2018-05-20 14:50 - 2018-05-20 14:50 - 005090259 _____ C:\Users\Ross\Downloads\83156_IN_FOCUS_preview (3).mp4
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-19 14:35 - 2017-06-15 10:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-19 13:28 - 2017-03-18 16:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-19 13:28 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-18 11:01 - 2017-03-18 15:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-14 15:46 - 2017-06-15 10:12 - 000000000 ____D C:\Users\Ross
2018-06-14 15:44 - 2013-11-23 17:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-14 11:55 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\rescache
2018-06-14 05:48 - 2017-03-18 16:01 - 000000000 ____D C:\WINDOWS\INF
2018-06-13 23:32 - 2018-03-30 10:43 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-06-13 23:31 - 2013-07-09 15:04 - 000000000 ____D C:\Users\Ross\AppData\Roaming\Dropbox
2018-06-13 23:29 - 2013-01-19 07:41 - 000000408 _____ C:\Users\Ross\AppData\Roaming\sp_data.sys
2018-06-13 23:28 - 2017-06-15 10:32 - 001902922 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-13 23:28 - 2017-04-12 20:20 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-06-13 23:28 - 2016-02-13 08:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 20:27 - 2016-05-20 03:38 - 000000000 __SHD C:\Users\Ross\IntelGraphicsProfiles
2018-06-13 20:22 - 2017-06-15 10:06 - 000311792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-13 20:20 - 2017-06-15 10:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-13 20:20 - 2015-06-05 16:47 - 000000640 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-64034393-3022908189-2605214032-1001.job
2018-06-13 20:20 - 2014-05-22 09:50 - 000000544 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-64034393-3022908189-2605214032-1001.job
2018-06-13 20:18 - 2017-03-18 06:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-06-13 20:15 - 2017-06-13 19:34 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-06-13 20:14 - 2017-03-18 06:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 20:13 - 2017-03-18 21:31 - 000000000 ____D C:\WINDOWS\HoloShell
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-06-13 20:13 - 2017-03-18 06:40 - 000000000 ____D C:\WINDOWS\servicing
2018-06-13 17:01 - 2015-03-03 12:04 - 000000000 ____D C:\Users\Ross\AppData\Roaming\webex
2018-06-13 17:01 - 2015-03-03 12:04 - 000000000 ____D C:\Users\Ross\AppData\LocalLow\WebEx
2018-06-13 15:32 - 2013-07-27 15:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 15:30 - 2017-10-10 22:52 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 15:30 - 2013-01-18 17:54 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-11 07:29 - 2017-07-09 09:34 - 000000000 ____D C:\Users\Ross\AppData\Local\GoToMeeting
2018-06-11 07:29 - 2017-06-15 10:33 - 000003788 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-64034393-3022908189-2605214032-1001
2018-06-11 07:29 - 2017-06-15 10:33 - 000003692 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-64034393-3022908189-2605214032-1001
2018-06-08 12:17 - 2017-07-26 21:30 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-64034393-3022908189-2605214032-1001
2018-06-08 12:17 - 2016-05-19 09:18 - 000002362 _____ C:\Users\Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-08 12:17 - 2016-05-19 09:18 - 000000000 ___RD C:\Users\Ross\OneDrive
2018-06-07 12:37 - 2018-03-01 22:40 - 000000000 ___HD C:\$GetCurrent
2018-06-07 12:37 - 2017-06-15 10:39 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2018-06-07 12:37 - 2017-06-15 10:39 - 000001908 _____ C:\WINDOWS\diagerr.xml
2018-06-07 12:37 - 2017-06-14 22:11 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-07 12:27 - 2018-03-02 01:05 - 000000036 _____ C:\WINDOWS\progress.ini
2018-06-07 12:23 - 2018-03-01 22:39 - 000000000 ____D C:\Windows10Upgrade
2018-06-07 12:19 - 2018-03-13 16:31 - 000004570 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-07 12:19 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-07 12:19 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-05 15:45 - 2017-11-17 09:17 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 15:45 - 2017-11-17 09:17 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-04 11:46 - 2013-10-30 21:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-04 11:15 - 2013-08-19 20:37 - 000000000 ____D C:\ProgramData\APN
2018-06-04 11:15 - 2013-07-09 15:04 - 000000000 ____D C:\Users\Ross\AppData\LocalLow\Delta
2018-06-04 10:31 - 2017-07-16 16:43 - 000001293 _____ C:\Users\Ross\Desktop\Google Chrome.lnk
2018-05-31 12:17 - 2018-02-27 17:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-29 15:54 - 2013-01-18 19:33 - 000000000 ____D C:\Users\Ross\Desktop\MedHab LLC
2018-05-25 11:33 - 2013-02-04 12:08 - 000000000 ____D C:\Users\Ross\AppData\Local\Google
2018-05-25 11:13 - 2013-02-04 12:08 - 000000000 ____D C:\Program Files (x86)\Google
2018-05-25 10:09 - 2017-03-18 06:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-25 10:01 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\Registration
2018-05-25 08:28 - 2018-01-12 09:20 - 000000000 ____D C:\Program Files\rempl
2018-05-21 14:59 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
 
==================== Files in the root of some directories =======
 
2014-03-31 10:19 - 2014-03-31 10:19 - 000000021 _____ () C:\Users\Ross\AppData\Roaming\my_intel.sys
2013-01-19 07:41 - 2018-06-13 23:29 - 000000408 _____ () C:\Users\Ross\AppData\Roaming\sp_data.sys
 
Some files in TEMP:
====================
2013-01-02 20:20 - 2013-01-02 20:20 - 000726016 _____ (Igor Pavlov) C:\Users\Ross\AppData\Local\Temp\7z.dll
2013-01-02 20:20 - 2013-01-02 20:20 - 000150016 _____ (Igor Pavlov) C:\Users\Ross\AppData\Local\Temp\7z.exe
2018-06-13 23:30 - 2018-06-13 23:30 - 000043008 _____ () C:\Users\Ross\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_nkiev.dll
2013-01-02 20:20 - 2013-01-02 20:20 - 000023477 _____ () C:\Users\Ross\AppData\Local\Temp\dtkill.exe
2013-01-02 20:20 - 2013-01-02 20:20 - 000006656 _____ (doubleTwist Corperation) C:\Users\Ross\AppData\Local\Temp\Executor.exe
2018-02-21 10:51 - 2018-02-21 10:51 - 011097040 _____ () C:\Users\Ross\AppData\Local\Temp\HPPSdr.exe
2013-04-23 17:15 - 2013-04-23 17:15 - 004995416 _____ (Microsoft Corporation) C:\Users\Ross\AppData\Local\Temp\vcredist_x86-2010.exe
2013-01-02 20:20 - 2013-01-02 20:20 - 006560088 _____ (Microsoft Corporation) C:\Users\Ross\AppData\Local\Temp\vcredist_x86-2012.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-11 11:01
 
==================== End of FRST.txt ============================
 
 


BC AdBot (Login to Remove)

 


#2 phaonica

phaonica
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 19 June 2018 - 03:11 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.06.2018
Ran by Ross (19-06-2018 14:56:37)
Running from C:\Users\Ross\Desktop
Windows 10 Home Version 1703 15063.1155 (X64) (2017-06-15 15:45:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
admin (S-1-5-21-64034393-3022908189-2605214032-1002 - Limited - Enabled) => C:\Users\admin
Administrator (S-1-5-21-64034393-3022908189-2605214032-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-64034393-3022908189-2605214032-503 - Limited - Disabled)
Guest (S-1-5-21-64034393-3022908189-2605214032-501 - Limited - Disabled)
Ross (S-1-5-21-64034393-3022908189-2605214032-1001 - Administrator - Enabled) => C:\Users\Ross
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{69CC4B1E-0ADB-48E7-83D5-B45DA8CD1320}) (Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.8.142.61628 - Alcor Micro Corp.)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.4 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Secure Delete (HKLM\...\{761C6783-D3BC-48AB-8E7C-61CE918A8436}) (Version: 1.00.0011 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.4 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Box Sync (HKLM\...\{BFA57077-F78C-4B92-815E-7BCDA6B9686E}) (Version: 4.0.7911.0 - Box, Inc.)
Box Sync (HKLM-x32\...\{ed843567-7f06-4706-911f-0b460b78e35d}) (Version: 4.0.7911.0 - Box Inc.) Hidden
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914 - CyberLink Corp.)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
Dropbox (HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
EPSON USB Display (HKLM-x32\...\{7650F538-6274-44EA-8F50-843479073333}) (Version: 1.42.000 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.22.3 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 8.29.1.8953 (HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\GoToMeeting) (Version: 8.29.1.8953 - LogMeIn, Inc.)
HP ENVY 4500 series Basic Device Software (HKLM\...\{38A08516-1847-43E4-8076-9540B60EC43B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8500 A910 Basic Device Software (HKLM\...\{13BE337F-9557-416D-A696-F91A6807B170}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Help (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8500 A910 Product Improvement Study (HKLM\...\{24E45339-C750-4EAE-8241-BA25A7DABBDD}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{C43602FE-988C-47BA-9F9F-B95FDDAFB624}) (Version: 11.50.0031 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® WiDi (HKLM\...\{EDBA2433-0910-4C72-8C5B-8FEDAE3EF18E}) (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.650 - Oracle)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.717.1 - McAfee, Inc.)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NETGEAR A6100 Genie (HKLM-x32\...\{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.32 - NETGEAR) Hidden
NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.32 - NETGEAR)
Price Check by AOL (HKLM-x32\...\Price Check by AOL) (Version: 1.11.2.1 - AOL Inc.)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{3A5F6684-5FD8-4660-A4DA-BF60A20FCCFC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Product Improvement Study for HP Officejet Pro 8610 (HKLM\...\{D2064264-3162-4DB1-AFE0-167BEFBBCD9C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6716 - Realtek Semiconductor Corp.)
Reflector (HKLM-x32\...\{2411196F-6A18-4AA2-AA11-AF88018BBE41}) (Version: 1.5.0.0 - Squirrels)
Reflector 2 (HKLM\...\{21985515-1EE5-4918-976B-F2E0795801D6}) (Version: 2.3.0.0 - Squirrels)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5009B7EE-8A15-4A23-B404-15E31D02DA67}) (Version: 2.43.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B0D957AA-9ADA-4396-9757-B7EF0FCA648C}) (Version: 1.17.0.0 - Microsoft Corporation) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
Windows Driver Package - ASUS (ATP) Mouse  (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
Workspace Desktop (HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\workspacedesktop) (Version:  - Starfield Technologies)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\Ross\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Ross\AppData\Local\GoToMeeting\7297\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\Ross\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technology, LLC)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-64034393-3022908189-2605214032-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [    BoxSyncFileLocked] -> {06395f73-8d75-3c47-ac2f-93524a83ce03} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncFileLockedByOther] -> {072d2f45-ddf0-35bd-a911-38b853695def} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncNotSynced] -> {88092007-0d01-3d32-a4b4-56f7e19a1c49} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncProblem] -> {507a0531-fd10-3efc-8eb8-64e35606e542} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [    BoxSyncSynced] -> {b9b9e487-7684-373f-a7a2-6b04c8d772a8} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2013-05-10] (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll [2013-05-10] (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers1: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-03-14] (TODO: <Company name>)
ContextMenuHandlers4: [BoxContextMenuClient] -> {53792c99-3144-3699-8968-fa4278ad3c1e} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers4: [DataSanitizerShellExtObj] -> {35595751-F655-4A14-90AB-C2EC32780F41} => C:\Program Files (x86)\Common Files\ASUS\Secure Delete\ASUS Secure Delete ShellExt.dll [2012-03-14] (TODO: <Company name>)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers1_S-1-5-21-64034393-3022908189-2605214032-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-64034393-3022908189-2605214032-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-64034393-3022908189-2605214032-1001: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ross\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [2014-06-24] (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06F95839-3FF4-4C9C-8F9F-2F7F96C0BC9E} - System32\Tasks\G2MUpdateTask-S-1-5-21-64034393-3022908189-2605214032-1001 => C:\Users\Ross\AppData\Local\GoToMeeting\8953\g2mupdate.exe [2018-06-11] (LogMeIn, Inc.)
Task: {0BACDFB8-5966-4CFC-A902-CE34E8D45380} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {0C0148F2-83BB-4F91-9130-A7586934B4D6} - System32\Tasks\GoogleUpdateTaskMachineUA1d3f4416c8695b7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - \Microsoft\Windows\SideShow\GadgetManager -> No File <==== ATTENTION
Task: {18E5E492-DF4F-4521-A8EC-9E7B7B59EDB5} - \ASUS USB Charger Plus -> No File <==== ATTENTION
Task: {1C3F0E85-6D7E-460D-ABE7-804254266076} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {1D91E4DA-89BC-42C3-B2AD-0B342122D9E8} - \WPD\SqmUpload_S-1-5-21-64034393-3022908189-2605214032-1002 -> No File <==== ATTENTION
Task: {23CF0B14-C212-4CD9-B536-A428A24FFF4A} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-03] (Microsoft Corporation)
Task: {2543F2E7-BC2E-4C78-ACC4-73C5791CCED5} - \ASUS P4G -> No File <==== ATTENTION
Task: {2652DC19-4A5C-40E9-9B1E-0EDFF3DA50C0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - \Microsoft\Windows\SideShow\SessionAgent -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35783C34-3DCD-4A68-8192-D46A8C05B329} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {47A2176D-B334-4930-B081-145BF0D4E974} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {548465CA-6619-49FC-AC80-D39D362F6027} - System32\Tasks\Secure Delete => C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe [2012-03-14] ()
Task: {554AFAE4-7530-4CD8-9D56-4C1E480AC8D2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {57757B7D-C65D-42D7-A4D0-809B5F2CFBEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {5B2900D2-BF2A-4C56-B635-0E9C9B4C492B} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {5BB42228-A785-47FC-B9D8-9643737F3FFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {66025440-8237-453C-8BE8-0A54EE03652B} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {6A12DA12-1BAF-47A0-8D3A-D69C36A92947} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-07] (Adobe Systems Incorporated)
Task: {7B857988-3067-4E13-8891-998F430972F7} - \Microsoft\Windows\SideShow\AutoWake -> No File <==== ATTENTION
Task: {7B8A83A6-8470-49EF-8885-603A827586A6} - System32\Tasks\G2MUploadTask-S-1-5-21-64034393-3022908189-2605214032-1001 => C:\Users\Ross\AppData\Local\GoToMeeting\8953\g2mupload.exe [2018-06-11] (LogMeIn, Inc.)
Task: {8413DE71-B5A4-4B2C-A7CD-BD7C36DE60B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8662CDEF-788F-4894-B6EA-22E8F04596E1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {91F35AA9-C638-4E65-B7A4-1C0878C61F13} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {93C0B215-D8B1-4507-B78A-BB95E0CE772F} - System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910 => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - \Microsoft\Windows\SideShow\SystemDataProviders -> No File <==== ATTENTION
Task: {99692543-60EE-4E73-B2BA-2B7807E797FE} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {9BFFB807-71CF-4FF0-B694-78F250FBC6B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A44EEE82-454D-4A79-AB06-676A62ABB921} - System32\Tasks\GoogleUpdateTaskMachineCore1d3f4416c6d641b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {A527150E-EAC7-43DA-B835-C36241750BE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {A98AD84B-FCB7-4FA5-9CD3-2E8F70C6AC3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-05-31] (Microsoft Corporation)
Task: {B319C9E0-DB27-448B-89D5-924B995BAA96} - \WPD\SqmUpload_S-1-5-21-64034393-3022908189-2605214032-1001 -> No File <==== ATTENTION
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - \Microsoft\Windows\MobilePC\HotStart -> No File <==== ATTENTION
Task: {CCFA2A79-D54B-4DDF-8754-735E80CC78A6} - \ASUS Live Update -> No File <==== ATTENTION
Task: {D407DD82-BA5D-4305-9BC2-67EFA5A9D1C6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D80AEC5A-1410-45FF-8BC0-DFFD2E19FCFD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {DD592085-67D0-4F13-A59C-4A533BB95FA7} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {DE32CF1C-9098-4EFB-9A6F-61798ED66D09} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E2E92E33-A969-479F-AF9E-703FA3B2FFC4} - System32\Tasks\Setup PowerfulBrowse => C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowse_S.exe
Task: {EAFCCECC-6A1C-485D-A1C8-B17EED140AFC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F5131DE2-EC58-44B8-9013-A6AD36D41100} - \ASUS Touchpad Launcher (x64) -> No File <==== ATTENTION
Task: {F601FAB0-A515-4F1D-8FCB-71311B7D515F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F732C9DD-9F4D-4C29-8353-51289F6E2B93} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F7C593AD-E9BC-4EDA-8F46-BA0F52F06629} - \Apple\AppleSoftwareUpdate -> No File <==== ATTENTION
Task: {F9254A5C-DE09-468F-B76C-9D7AC9179F48} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F9692470-2179-47B7-8319-19A85D985BE0} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-64034393-3022908189-2605214032-1001.job => C:\Users\Ross\AppData\Local\GoToMeeting\8953\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-64034393-3022908189-2605214032-1001.job => C:\Users\Ross\AppData\Local\GoToMeeting\8953\g2mupload.exe
Task: C:\WINDOWS\Tasks\Setup PowerfulBrowse.job => C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowse_S.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-03-14 10:59 - 2012-03-14 10:59 - 000556976 _____ () C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
2017-03-18 15:58 - 2017-03-18 15:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-23 08:41 - 2018-05-23 09:05 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 08:41 - 2018-05-23 09:05 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 08:41 - 2018-05-23 09:07 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 08:41 - 2018-05-23 09:05 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-23 08:41 - 2018-05-23 08:53 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-06-01 07:28 - 2018-06-01 07:28 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-23 09:11 - 2018-05-23 09:42 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-23 09:11 - 2018-05-23 09:42 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 04:56 - 2017-09-26 04:57 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-23 09:11 - 2018-05-23 09:42 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-05-02 13:02 - 2018-05-02 13:02 - 000126792 _____ () C:\Program Files\Box\Box Sync\_ctypes.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 001488200 _____ () C:\Program Files\Box\Box Sync\_hashlib.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000056648 _____ () C:\Program Files\Box\Box Sync\_socket.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 002106696 _____ () C:\Program Files\Box\Box Sync\_ssl.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000136520 _____ () C:\Program Files\Box\Box Sync\win32api.pyd
2018-05-02 13:01 - 2018-05-02 13:01 - 000143688 _____ () C:\Program Files\Box\Box Sync\pywintypes27.dll
2018-05-02 13:01 - 2018-05-02 13:01 - 000554824 _____ () C:\Program Files\Box\Box Sync\pythoncom27.dll
2018-05-02 13:01 - 2018-05-02 13:01 - 000017736 _____ () C:\Program Files\Box\Box Sync\select.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000698184 _____ () C:\Program Files\Box\Box Sync\unicodedata.pyd
2018-05-02 13:01 - 2018-05-02 13:01 - 000063304 _____ () C:\Program Files\Box\Box Sync\psutil._psutil_windows.pyd
2018-05-02 12:58 - 2018-05-02 12:58 - 000009544 _____ () C:\Program Files\Box\Box Sync\clr.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000033096 _____ () C:\Program Files\Box\Box Sync\ujson.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000528200 _____ () C:\Program Files\Box\Box Sync\win32com.shell.shell.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000029000 _____ () C:\Program Files\Box\Box Sync\win32event.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000155976 _____ () C:\Program Files\Box\Box Sync\win32file.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000142152 _____ () C:\Program Files\Box\Box Sync\win32security.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000069960 _____ () C:\Program Files\Box\Box Sync\_sqlite3.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000051016 _____ () C:\Program Files\Box\Box Sync\win32process.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000059720 _____ () C:\Program Files\Box\Box Sync\win32service.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000032072 _____ () C:\Program Files\Box\Box Sync\_yappi.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000040776 _____ () C:\Program Files\Box\Box Sync\_multiprocessing.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000027464 _____ () C:\Program Files\Box\Box Sync\win32clipboard.pyd
2018-05-02 13:02 - 2018-05-02 13:02 - 000229704 _____ () C:\Program Files\Box\Box Sync\win32gui.pyd
2018-05-02 12:53 - 2018-05-02 12:53 - 000166216 _____ () C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
2018-06-13 15:24 - 2018-06-08 00:26 - 001731584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-12 14:33 - 2018-06-12 00:36 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libglesv2.dll
2018-06-12 14:33 - 2018-06-12 00:36 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\libegl.dll
2018-06-08 09:50 - 2018-06-08 09:51 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-06-08 09:50 - 2018-06-08 09:51 - 067232256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 07:40 - 2017-10-04 07:41 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-03 17:05 - 2018-05-03 17:06 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 004214784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 10:57 - 2018-04-05 10:58 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-06-08 09:50 - 2018-06-08 09:51 - 014851072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 004058624 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-06-08 09:50 - 2018-06-08 09:51 - 003266048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 001393664 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 004218080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-29 09:02 - 2018-05-29 09:02 - 000103424 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-05-29 09:02 - 2018-05-29 09:03 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-04-05 10:57 - 2018-04-05 10:58 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-06-08 09:50 - 2018-06-08 09:51 - 000165376 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\SKU.dll
2018-06-19 13:28 - 2018-06-19 13:28 - 025120768 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-06-19 13:28 - 2018-06-19 13:28 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-06-19 13:28 - 2018-06-19 13:28 - 006735872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-01 08:52 - 2017-12-01 08:54 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 04:56 - 2017-09-26 04:57 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 000073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 001044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-16 07:38 - 2012-06-25 12:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2016-01-07 09:17 - 2016-01-07 09:17 - 000094208 _____ () C:\Program Files (x86)\NETGEAR\A6100\Realtek.dll
2012-11-06 09:47 - 2012-11-06 09:47 - 000114688 _____ () C:\Program Files (x86)\NETGEAR\A6100\EnumDevLib.dll
2012-08-24 19:17 - 2012-08-24 19:17 - 000009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-10-11 18:15 - 2010-10-11 18:15 - 001840424 _____ () C:\Program Files (x86)\CyberLink\Power2Go\Language\ENU\P2GRC.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 000144680 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-03-09 14:21 - 2011-03-09 14:21 - 000619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 000013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2018-05-10 18:12 - 2018-05-10 18:12 - 024030704 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2018-02-11 17:53 - 2018-02-11 17:53 - 000392688 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-08-10 10:24 - 2017-08-10 10:24 - 072940016 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2018-03-30 10:44 - 000000210 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ross\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 10.208.1.203 - 10.201.1.203
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{932B4E76-BCF3-470B-9F51-6B28D720AE66}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS3F9D\HPDiagnosticCoreUI.exe
FirewallRules: [{8C14F4CC-B056-4246-B8E6-112B2C6B5EB4}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS3F9D\HPDiagnosticCoreUI.exe
FirewallRules: [{C9204B2A-1FEA-480D-A283-DFB96983F1C5}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS3F42\HPDiagnosticCoreUI.exe
FirewallRules: [{46786B4B-E170-4132-B130-75B295B09F37}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS3F42\HPDiagnosticCoreUI.exe
FirewallRules: [{5DA11BD9-445F-4636-A522-8E2A375879FE}] => (Allow) C:\Program Files\Reflector 2\Reflector2.exe
FirewallRules: [{9A1ED381-163B-4717-A28F-843882A34AA0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{AF299174-20B7-4F69-B0B4-411B379EDD9D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{1DEBA0DF-BE48-4286-ABE1-34F23563E5E7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{81FF0838-07E8-4181-A02A-9D3E4DF066B7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{C6D91797-113D-4814-815F-16CAD9F09F21}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [UDP Query User{5E19BC0C-ECEA-4473-80DE-54F10F494492}C:\program files (x86)\reflector\reflector.exe] => (Allow) C:\program files (x86)\reflector\reflector.exe
FirewallRules: [TCP Query User{B00333E8-2D70-45DE-BDCA-BE9F4B970527}C:\program files (x86)\reflector\reflector.exe] => (Allow) C:\program files (x86)\reflector\reflector.exe
FirewallRules: [UDP Query User{4D83B9BF-C93B-4B4B-89DE-D9CA357C02A0}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{DCF13619-B157-409F-8C35-2AD6CB6E3665}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7ABC1B7C-D9BA-43EA-966A-37FD9DB72B66}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{75FCD121-482D-4E39-A9F9-C4EC5B5D5306}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2244DF50-5311-47D0-95A0-659286DD58E2}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7F51AA3B-8692-406D-B221-621EAFE6F6B8}] => (Allow) LPort=5357
FirewallRules: [{C6D34D73-CD1D-4F45-B5CB-C4F5647660EF}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{6431EC7D-9842-4A27-AF50-11C8A64BCF78}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{89214D35-6A29-4596-8E01-E979E191A2E2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{F53A3BC7-1EBE-4006-B827-794E1745B135}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{ACF3AD6E-65A6-4CBD-AC77-A8A10CC16F71}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\SendAFax.exe
FirewallRules: [{42B80DBA-84D9-40E4-8BE8-719406B0B550}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\DigitalWizards.exe
FirewallRules: [{90245E8B-D27B-4CCA-9624-C36E2D9707CD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\bin\FaxApplications.exe
FirewallRules: [{7C6487D2-CB0C-4761-A106-4B07B50636E7}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS1152\HPDiagnosticCoreUI.exe
FirewallRules: [{692DC535-24C9-4638-B85C-2A7829C93672}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS1152\HPDiagnosticCoreUI.exe
FirewallRules: [{DD443399-448A-4135-8AA7-F8C40968A1D2}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS0B97\HPDiagnosticCoreUI.exe
FirewallRules: [{5C42003C-4E03-44BE-8005-1059FE04021A}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS0B97\HPDiagnosticCoreUI.exe
FirewallRules: [{753E1C5F-99D3-4EA6-B620-E263B4C15E06}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS5D1C\HPDiagnosticCoreUI.exe
FirewallRules: [{E44AFE94-3491-41DA-888B-3A9A0F229DD6}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS5D1C\HPDiagnosticCoreUI.exe
FirewallRules: [{FC5FC09B-4DBE-492F-BD61-0CC3BC3D7BE5}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{C0814BE1-2A67-4DC9-AB91-044808421577}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{8F917A61-B148-44A7-A34E-59D4163A87FE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{E2C5B749-6DFF-4427-8627-97561F81020B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{980BAD89-D17B-4BF2-A21F-4FAA53594312}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{FF10D106-3668-4D57-B756-AB37508CA7EB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{53187368-8C7C-4028-8365-64F968AE6226}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{89AE5883-2608-4776-903F-A31E46525FDE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{AD04F3C2-54BE-4123-9588-63E356E24B5E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A78F826B-3B87-40B2-AFB0-4FAFA8EC8CAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F128ECE4-7601-48A6-969E-2EAB6FFD6681}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{46BABCA7-2794-4DF8-AF71-A1A4C03D0213}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{E601B7F8-C43C-4DD2-A7ED-30633D3EF0A4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7878FE5C-2FA1-47AF-ABA9-B134FB47AAAE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{E6F649E0-14A5-4431-B0C2-DA3ED0DFE6A9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{69AA0731-51EE-4884-847E-886A1F1A65C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{D407F57C-36EC-43F6-AB5E-477C24490D63}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{FA5AB504-8C98-4624-A617-511488134044}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS75D7\setup\hpznui40.exe
FirewallRules: [{6BB76C56-A019-46A8-A748-773C4849B212}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{0F4A86D3-604D-46B2-ABDD-48681976C1A0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{AEE85A14-31A1-4857-B04E-14B67A51C84B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F1657475-DC11-4DEF-8AA0-FDB3ED813365}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{1D99A7C2-E09E-4E11-A424-14FE9653DF1C}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS4CCA\HPDiagnosticCoreUI.exe
FirewallRules: [{D40BD4FE-A327-4081-BC9B-3EC300860045}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS4CCA\HPDiagnosticCoreUI.exe
FirewallRules: [{528FB110-E8B0-47BA-A8F8-A3697B2D32EF}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS4D26\HPDiagnosticCoreUI.exe
FirewallRules: [{CDE1E4E4-80AC-4103-8EC8-5C9428D06658}] => (Allow) C:\Users\Ross\AppData\Local\Temp\7zS4D26\HPDiagnosticCoreUI.exe
FirewallRules: [{7FA286D1-FDE5-436C-94E8-23AD83595B78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
05-06-2018 07:45:57 Windows Update
08-06-2018 12:33:01 Windows Update
12-06-2018 08:26:58 Windows Update
18-06-2018 11:06:46 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/19/2018 01:15:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-LT)
Description: Activation of app Microsoft.Adera_8wekyb3d8bbwe!App failed with error: -2143322111 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/18/2018 10:59:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-LT)
Description: Activation of app Microsoft.Adera_8wekyb3d8bbwe!App failed with error: -2143322111 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/15/2018 07:32:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-LT)
Description: Activation of app Microsoft.Adera_8wekyb3d8bbwe!App failed with error: -2143322111 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/14/2018 03:45:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (06/14/2018 05:44:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-LT)
Description: Activation of app Microsoft.Adera_8wekyb3d8bbwe!App failed with error: -2143322111 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/13/2018 11:28:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Asus-LT)
Description: Activation of app Microsoft.Adera_8wekyb3d8bbwe!App failed with error: -2143322111 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (06/13/2018 03:31:57 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (06/13/2018 07:02:59 AM) (Source: ESENT) (EventID: 104) (User: )
Description: qmgr.dll (20892) QmgrDatabaseInstance: The database engine stopped the instance (0) with error (-1090).
 
 
 
Internal Timing Sequence: 
[1] 0.000004 +J(0)
[2] 0.000013 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[3] 0.000001 +J(0)
[4] 0.000003 +J(0)
[5] 0.0 +J(0)
[6] 0.000091 +J(0) +M(C:0K, Fs:2, WS:-80K # 0K, PF:-88K # 0K, P:-88K)
[7] -
[8] 0.000006 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[9] 0.003071 +J(0) +M(C:0K, Fs:4, WS:-32K # 0K, PF:-40K # 0K, P:-40K)
[10] -
[11] 0.000006 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[12] -
[13] 0.000026 +J(0) +M(C:0K, Fs:0, WS:-4K # 0K, PF:-4K # 0K, P:-4K)
[14] 0.000579 +J(0) +M(C:0K, Fs:0, WS:-8K # 0K, PF:-8K # 0K, P:-8K)
[15] 0.000010 +J(0) +M(C:0K, Fs:0, WS:-8K # 0K, PF:-12K # 0K, P:-12K)
[16] 0.000002 +J(0).
 
 
System errors:
=============
Error: (06/19/2018 01:44:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/19/2018 01:29:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070663: Security Update for Microsoft Office 2010 (KB4011274) 32-Bit Edition.
 
Error: (06/19/2018 01:25:11 PM) (Source: DCOM) (EventID: 10016) (User: Asus-LT)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user Asus-LT\Ross SID (S-1-5-21-64034393-3022908189-2605214032-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/19/2018 01:15:24 AM) (Source: DCOM) (EventID: 10001) (User: Asus-LT)
Description: Unable to start a DCOM Server: Microsoft.Adera_2.5.2.34894_x86__8wekyb3d8bbwe!App.AppXtqbncymnff8pnntbaet75mk5e8kzmy3h.mca as Unavailable/Unavailable. The error:
"317"
Happened while starting this command:
"C:\WINDOWS\syswow64\backgroundTaskHost.exe" -ServerName:App.AppX2e6h94h6qek410y3rzfv2a72rfdgkyx6.mca
 
Error: (06/19/2018 12:27:21 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/18/2018 08:18:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/18/2018 07:21:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (06/18/2018 05:29:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-06-14 13:17:36.241
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {CB7A2621-07E3-40B6-AE97-EBB728FE9490}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-05 12:41:02.334
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B6D2D0BE-E7EC-48DE-AD7A-B9908B29D94C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-04 13:47:18.395
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3FD7882D-C89C-4AD9-9E43-29E60F377F44}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-04 10:31:40.300
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: BrowserModifier:Win32/Foxiebro
ID: 235004
Severity: High
Category: Browser Modifier
Path: containerfile:_c:\program files (x86)\yawtix\bin\utilYawtix.exe;containerfile:_c:\program files (x86)\yawtix\bin\Yawtix.PurBrowse64.exe;containerfile:_C:\Program Files (x86)\Yawtix\updateYawtix.exe;file:_c:\program files (x86)\yawtix\bin\7za.exe;file:_c:\program files (x86)\yawtix\bin\BrowserAdapterS.7z;file:_c:\program files (x86)\yawtix\bin\utilYawtix.exe;file:_c:\program files (x86)\yawtix\bin\utilYawtix.exe->[lowcase_mzpe];file:_c:\program files (x86)\yawtix\bin\Yawtix.BrowserAdapter.exe;file:_c:\program files (x86)\yawtix\bin\Yawtix.PurBrowse64.exe;file:_c:\program files (x86)\yawtix\bin\Yawtix.PurBrowse64.exe->[lowcase_mzpe];file:_c:\program files (x86)\yawtix\bin\YawtixBAApp.dll;file:_c:\program files (x86)\yawtix\bin\{16d667ee-6782-4b21-81df-8ded8ebc3868}.dll;file:_c:\program files (x86)\yawtix\updateYawtix.exe;file:_C:\Program Files (x86)\Yawtix\updateYawtix.exe->[lowcase_mzpe];folder:_c:\program files (x86)\yawtix\;folder:_c:\program files (x86)\yawtix\bin;folder:_c:\program files (x86)\yawtix\bin\
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Signature Version: AV: 1.269.580.0, AS: 1.269.580.0, NIS: 1.269.580.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4
 
Date: 2018-06-04 10:31:07.560
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: BrowserModifier:Win32/Foxiebro
ID: 235004
Severity: High
Category: Browser Modifier
Path: containerfile:_c:\program files (x86)\yawtix\bin\utilYawtix.exe;containerfile:_c:\program files (x86)\yawtix\bin\Yawtix.PurBrowse64.exe;containerfile:_C:\Program Files (x86)\Yawtix\updateYawtix.exe;file:_c:\program files (x86)\yawtix\bin\7za.exe;file:_c:\program files (x86)\yawtix\bin\BrowserAdapterS.7z;file:_c:\program files (x86)\yawtix\bin\utilYawtix.exe;file:_c:\program files (x86)\yawtix\bin\utilYawtix.exe->[lowcase_mzpe];file:_c:\program files (x86)\yawtix\bin\Yawtix.BrowserAdapter.exe;file:_c:\program files (x86)\yawtix\bin\Yawtix.PurBrowse64.exe;file:_c:\program files (x86)\yawtix\bin\Yawtix.PurBrowse64.exe->[lowcase_mzpe];file:_c:\program files (x86)\yawtix\bin\YawtixBAApp.dll;file:_c:\program files (x86)\yawtix\bin\{16d667ee-6782-4b21-81df-8ded8ebc3868}.dll;file:_c:\program files (x86)\yawtix\updateYawtix.exe;file:_C:\Program Files (x86)\Yawtix\updateYawtix.exe->[lowcase_mzpe];folder:_c:\program files (x86)\yawtix\;folder:_c:\program files (x86)\yawtix\bin;folder:_c:\program files (x86)\yawtix\bin\
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.269.580.0, AS: 1.269.580.0, NIS: 1.269.580.0
Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4
 
Date: 2018-06-15 07:50:54.134
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.1296.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2018-05-21 15:16:00.742
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.267.1740.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14800.3
Error code: 0x80072f8f
Error description: A security error occurred 
 
Date: 2018-04-11 07:38:35.790
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.265.333.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14700.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-04-11 07:38:35.790
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version: 
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-04-11 07:38:35.785
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.265.333.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14700.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
CodeIntegrity:
===================================
 
Date: 2018-06-19 14:54:10.392
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:54:10.390
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:54:08.174
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:54:08.172
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:54:05.628
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:54:05.626
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:53:28.314
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2018-06-19 14:53:28.312
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3632QM CPU @ 2.20GHz
Percentage of memory in use: 49%
Total physical RAM: 8077.84 MB
Available physical RAM: 4086 MB
Total Virtual: 17293.84 MB
Available Virtual: 12463.99 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:676.86 GB) (Free:526.48 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{a6548009-af32-4cfc-bc76-17d676f7749c}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.31 GB) NTFS
\\?\Volume{820d2b9e-8a9d-449a-b7e4-f319d78fad3c}\ () (Fixed) (Total:0.77 GB) (Free:0.34 GB) NTFS
\\?\Volume{521eee93-109a-467a-80e6-57af0417d5eb}\ (Restore) (Fixed) (Total:20 GB) (Free:11.71 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 4F359092)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,729 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:25 PM

Posted 24 June 2018 - 03:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/679333 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 phaonica

phaonica
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 27 June 2018 - 10:40 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2018
Ran by Ross (administrator) on ASUS-LT (27-06-2018 17:58:46)
Running from C:\Users\Ross\Desktop
Loaded Profiles: Ross (Available Profiles: Ross & admin)
Platform: Windows 10 Home Version 1703 15063.1155 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\A6100\A6100.EXE
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\ASUS\ASUS Secure Delete\ADDEL.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Box, Inc.) C:\Program Files\Box\Box Sync\BoxSync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Starfield Technologies) C:\Users\Ross\AppData\Local\Workspace\workspaceupdate.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\Box\Box Sync\BoxSyncMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18052.11111.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Dropbox, Inc.) C:\Users\Ross\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [107192 2012-08-24] ()
HKLM\...\Run: [BoxSync] => C:\Program Files\Box\Box Sync\BoxSync.exe [5966864 2018-05-02] (Box, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-04-15] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [HP Officejet Pro 8500 A910 (NET)] => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett-Packard Co.)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [Starfield Updater] => C:\Users\Ross\AppData\Local\Workspace\WorkspaceUpdate.exe [35008 2013-05-10] (Starfield Technologies)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2646504 2012-05-14] (CyberLink Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-03-30]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2018-03-11]
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)
Startup: C:\Users\Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ross\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1    mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 69.55.192.5 69.55.192.6
Tcpip\..\Interfaces\{21409fbf-3318-4f65-b7ae-fd4fd6ba17b5}: [DhcpNameServer] 69.55.192.5 69.55.192.6

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-64034393-3022908189-2605214032-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131447150157257679&GUID=17C61995-AC3E-4F03-BAE8-F5260D5CA2F0
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=webpickaol-ie&s_qt=sb&tb_uuid=741C119616144BB188F32756277F8A00&tb_oid=09-07-2013&tb_mrud=09-07-2013
SearchScopes: HKU\S-1-5-21-64034393-3022908189-2605214032-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-64034393-3022908189-2605214032-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-28] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-28] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-07] ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-07] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/off -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npoff.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/off64 -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npoff64.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/wbe -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npwbe.dll [2013-05-10] (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-64034393-3022908189-2605214032-1001: @starfield.com/wbe64 -> C:\Users\Ross\AppData\Roaming\Mozilla\Plugins\npwbe64.dll [2013-05-10] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-03-30] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npoff.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npoff64.dll [2015-04-06] ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npwbe.dll [2013-05-10] (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Ross\AppData\Roaming\mozilla\plugins\npwbe64.dll [2013-05-10] (Starfield Technology, LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default [2018-06-25]
CHR Extension: (Skype) - C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-05-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ross\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
S3 BoxSyncUpdateService; C:\Program Files\Box\Box Sync\SyncUpdaterService.exe [36680 2018-05-02] (Box, Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-04-15] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [697472 2014-10-20] (Starfield Technologies)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [72992 2014-07-07] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [405392 2018-03-27] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 assd; C:\Windows\System32\Drivers\assd.sys [27056 2011-10-28] (ASUS Corporation) [File not signed]
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [12416 2010-05-25] ()
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R1 MpKslb5cd20e3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B280346-8085-472C-B7DC-7003773484DF}\MpKslb5cd20e3.sys [58120 2018-06-27] (Microsoft Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [48096 2012-08-09] (Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-27] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-27] (Microsoft Corporation)
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-27 16:08 - 2018-06-27 16:08 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-06-25 15:29 - 2018-06-25 15:29 - 000010408 _____ C:\Users\Ross\Downloads\Senior News LLC Inv 2018-67809 5-27-18.pdf
2018-06-25 13:27 - 2018-06-25 13:27 - 000739299 _____ C:\Users\Ross\Desktop\Janice Ross Proof of income.pdf
2018-06-25 13:05 - 2018-06-25 13:05 - 000414993 _____ C:\Users\Ross\Desktop\Johnny Ross Proof of income.pdf
2018-06-25 13:02 - 2018-06-25 13:02 - 000122961 _____ C:\Users\Ross\Desktop\Johnny Ross DL.pdf
2018-06-25 12:35 - 2018-06-25 12:35 - 000143299 _____ C:\Users\Ross\Downloads\Mynotifi.pdf
2018-06-25 08:13 - 2018-06-25 08:13 - 000382996 _____ C:\Users\Ross\Desktop\MyNotifi Marketing Kit.html
2018-06-25 08:13 - 2018-06-25 08:13 - 000000000 ____D C:\Users\Ross\Desktop\MyNotifi Marketing Kit_files
2018-06-19 14:54 - 2018-06-27 17:59 - 000018965 _____ C:\Users\Ross\Desktop\FRST.txt
2018-06-19 14:54 - 2018-06-27 17:58 - 000000000 ____D C:\FRST
2018-06-19 14:53 - 2018-06-19 14:53 - 002413056 _____ (Farbar) C:\Users\Ross\Desktop\FRST64.exe
2018-06-18 17:57 - 2018-06-18 17:57 - 000085046 _____ C:\Users\Ross\Downloads\6-15-2018.zip
2018-06-18 17:29 - 2018-06-18 17:29 - 003153355 _____ C:\Users\Ross\Downloads\message_zdm (15).html
2018-06-18 16:46 - 2018-06-18 16:46 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3) (3).pdf
2018-06-18 13:53 - 2018-06-18 13:53 - 000586745 _____ C:\Users\Ross\Downloads\rma sweeney.pdf
2018-06-18 11:23 - 2018-06-18 11:23 - 000729471 _____ C:\Users\Ross\Downloads\ORD180526-01_final.pdf
2018-06-15 09:03 - 2018-06-18 17:57 - 000086175 _____ C:\Users\Ross\Downloads\MedHab Cap tables 2018 Proforma v3.xlsx
2018-06-15 07:50 - 2018-06-15 07:50 - 000156450 _____ C:\Users\Ross\Downloads\Parkinson's Foundation MyNotifi Announcement.pdf
2018-06-15 07:50 - 2018-06-15 07:50 - 000088077 _____ C:\Users\Ross\Downloads\Parkinson's Foundation Member Introductory Email.pdf
2018-06-14 15:46 - 2018-06-14 15:46 - 000001601 _____ C:\Users\Ross\Desktop\Box Sync.lnk
2018-06-14 15:46 - 2018-06-14 15:46 - 000000000 ___RD C:\Users\Ross\Box Sync
2018-06-14 15:44 - 2018-06-20 08:42 - 000000000 ____D C:\Users\Ross\AppData\Local\Box Sync
2018-06-14 15:44 - 2018-06-14 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
2018-06-14 15:44 - 2018-06-14 15:44 - 000000000 ____D C:\Program Files\Box
2018-06-14 15:41 - 2018-06-14 15:43 - 036278560 _____ (Box Inc.) C:\Users\Ross\Downloads\BoxSyncSetup.exe
2018-06-14 15:14 - 2018-06-14 15:14 - 000937701 _____ C:\Users\Ross\Downloads\50 Plus contract.pdf
2018-06-14 13:01 - 2018-06-14 13:01 - 000207511 _____ C:\Users\Ross\Downloads\MyNotifi Sales 6-9-18.pdf
2018-06-14 13:00 - 2018-06-14 13:00 - 000073728 _____ C:\Users\Ross\Downloads\Weekly MyNotifi Sales Report (8).pdf
2018-06-13 17:03 - 2018-06-13 17:03 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3) (2).pdf
2018-06-13 15:26 - 2018-06-08 01:18 - 000336328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-06-13 15:26 - 2018-06-08 01:00 - 000125856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 000804792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2018-06-13 15:26 - 2018-06-08 00:59 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-13 15:26 - 2018-06-08 00:49 - 000606968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-06-13 15:26 - 2018-06-08 00:48 - 002260792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 15:26 - 2018-06-08 00:48 - 001839360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-13 15:26 - 2018-06-08 00:48 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 15:26 - 2018-06-08 00:46 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-06-13 15:26 - 2018-06-08 00:45 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 005829816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-13 15:26 - 2018-06-08 00:44 - 001474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2018-06-13 15:26 - 2018-06-08 00:44 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-13 15:26 - 2018-06-08 00:44 - 000523304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 004215192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 002168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 001465872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 001267064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000559008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-13 15:26 - 2018-06-08 00:43 - 000433896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-06-13 15:26 - 2018-06-08 00:43 - 000354368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 002333080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 001998424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 001078048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000437552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000152448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll
2018-06-13 15:26 - 2018-06-08 00:42 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 020378568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 006771936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 005809152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 004673368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 001645120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 001529936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 001459216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000541328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000333704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2018-06-13 15:26 - 2018-06-08 00:41 - 000090488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2018-06-13 15:26 - 2018-06-08 00:39 - 000583672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-13 15:26 - 2018-06-08 00:35 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-06-13 15:26 - 2018-06-08 00:33 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-06-13 15:26 - 2018-06-08 00:33 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-06-13 15:26 - 2018-06-08 00:32 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-06-13 15:26 - 2018-06-08 00:31 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-06-13 15:26 - 2018-06-08 00:29 - 013849088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 15:26 - 2018-06-08 00:28 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 15:26 - 2018-06-08 00:28 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-06-13 15:26 - 2018-06-08 00:27 - 006729728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-06-13 15:26 - 2018-06-08 00:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-06-13 15:26 - 2018-06-08 00:23 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 15:26 - 2018-06-08 00:22 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2018-06-13 15:26 - 2018-06-08 00:22 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-06-13 15:26 - 2018-06-08 00:22 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fidocredprov.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 002672640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-06-13 15:26 - 2018-06-08 00:21 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 006124032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 001233408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2018-06-13 15:26 - 2018-06-08 00:20 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-06-13 15:26 - 2018-06-08 00:20 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 001510400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000649216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-06-13 15:26 - 2018-06-08 00:19 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-06-13 15:26 - 2018-06-08 00:19 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-06-13 15:26 - 2018-06-08 00:19 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 006535680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-06-13 15:26 - 2018-06-08 00:18 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 000797696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-06-13 15:26 - 2018-06-08 00:18 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-06-13 15:26 - 2018-06-08 00:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002463232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002396672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002299392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-06-13 15:26 - 2018-06-08 00:17 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2018-06-13 15:26 - 2018-06-08 00:16 - 004558848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 002212864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 000979968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2018-06-13 15:26 - 2018-06-08 00:16 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 15:26 - 2018-06-08 00:15 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-06-13 15:26 - 2018-06-08 00:15 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2018-06-13 15:26 - 2018-06-08 00:14 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-06-13 15:26 - 2018-06-08 00:13 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2018-06-13 15:26 - 2018-06-08 00:13 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2018-06-13 15:26 - 2018-06-08 00:12 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2018-06-13 15:26 - 2018-04-26 14:56 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 15:26 - 2018-04-26 14:55 - 000059456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-06-13 15:26 - 2018-04-26 14:40 - 002951168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 15:26 - 2018-04-26 14:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-06-13 15:26 - 2018-04-26 14:33 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-06-13 15:26 - 2018-04-26 14:32 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-06-13 15:26 - 2018-04-26 14:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2018-06-13 15:26 - 2018-04-26 14:25 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-06-13 15:26 - 2018-03-04 20:58 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-06-13 15:26 - 2018-03-02 02:10 - 000278936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-06-13 15:26 - 2018-03-02 02:09 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-06-13 15:26 - 2018-03-02 02:06 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-06-13 15:26 - 2018-03-02 02:05 - 001123976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-13 15:26 - 2018-03-02 01:51 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2018-06-13 15:26 - 2018-03-02 01:47 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2018-06-13 15:26 - 2018-03-02 01:47 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 15:26 - 2018-03-02 01:45 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2018-06-13 15:26 - 2018-03-02 01:44 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-06-13 15:26 - 2018-03-02 01:42 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-06-13 15:26 - 2018-03-02 01:38 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2018-06-13 15:25 - 2018-06-09 13:13 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 15:25 - 2018-06-08 01:25 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 15:25 - 2018-06-08 01:23 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2018-06-13 15:25 - 2018-06-08 01:19 - 001911704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 15:25 - 2018-06-08 01:19 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-06-13 15:25 - 2018-06-08 01:19 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-13 15:25 - 2018-06-08 01:18 - 000730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 15:25 - 2018-06-08 01:17 - 000403440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2018-06-13 15:25 - 2018-06-08 01:15 - 002672032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-06-13 15:25 - 2018-06-08 00:49 - 002253040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-13 15:25 - 2018-06-08 00:47 - 001339864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2018-06-13 15:25 - 2018-06-08 00:46 - 001135352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-06-13 15:25 - 2018-06-08 00:46 - 000029000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\avrt.dll
2018-06-13 15:25 - 2018-06-08 00:45 - 000865232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 002417296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 001518056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000993840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000810400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 15:25 - 2018-06-08 00:44 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000697248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000583584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-06-13 15:25 - 2018-06-08 00:43 - 000093536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000782240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000558008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000067752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptsp.dll
2018-06-13 15:25 - 2018-06-08 00:42 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 001195752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 000867312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 15:25 - 2018-06-08 00:41 - 000657576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-06-13 15:25 - 2018-06-08 00:40 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 15:25 - 2018-06-08 00:39 - 000542936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2018-06-13 15:25 - 2018-06-08 00:39 - 000411224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-06-13 15:25 - 2018-06-08 00:39 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-06-13 15:25 - 2018-06-08 00:38 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 15:25 - 2018-06-08 00:37 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-06-13 15:25 - 2018-06-08 00:36 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2018-06-13 15:25 - 2018-06-08 00:35 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2018-06-13 15:25 - 2018-06-08 00:35 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2018-06-13 15:25 - 2018-06-08 00:35 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2018-06-13 15:25 - 2018-06-08 00:34 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 15:25 - 2018-06-08 00:33 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2018-06-13 15:25 - 2018-06-08 00:33 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2018-06-13 15:25 - 2018-06-08 00:33 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2018-06-13 15:25 - 2018-06-08 00:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000930304 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2018-06-13 15:25 - 2018-06-08 00:32 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2018-06-13 15:25 - 2018-06-08 00:31 - 004507136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-06-13 15:25 - 2018-06-08 00:31 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-06-13 15:25 - 2018-06-08 00:31 - 001611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-06-13 15:25 - 2018-06-08 00:31 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2018-06-13 15:25 - 2018-06-08 00:30 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2018-06-13 15:25 - 2018-06-08 00:30 - 000991744 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-06-13 15:25 - 2018-06-08 00:29 - 001048064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2018-06-13 15:25 - 2018-06-08 00:28 - 008214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-13 15:25 - 2018-06-08 00:28 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 001474048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2018-06-13 15:25 - 2018-06-08 00:27 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2018-06-13 15:25 - 2018-06-08 00:26 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 15:25 - 2018-06-08 00:25 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-06-13 15:25 - 2018-06-08 00:24 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2018-06-13 15:25 - 2018-06-08 00:23 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2018-06-13 15:25 - 2018-06-08 00:23 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2018-06-13 15:25 - 2018-06-08 00:23 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-06-13 15:25 - 2018-06-08 00:22 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-06-13 15:25 - 2018-06-08 00:22 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2018-06-13 15:25 - 2018-06-08 00:22 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shutdown.exe
2018-06-13 15:25 - 2018-06-08 00:21 - 005725184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000763904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2018-06-13 15:25 - 2018-06-08 00:21 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 15:25 - 2018-06-08 00:21 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2018-06-13 15:25 - 2018-06-08 00:20 - 004175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 001172480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-06-13 15:25 - 2018-06-08 00:20 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-06-13 15:25 - 2018-06-08 00:20 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2018-06-13 15:25 - 2018-06-08 00:20 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-06-13 15:25 - 2018-06-08 00:19 - 001238528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-13 15:25 - 2018-06-08 00:19 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-06-13 15:25 - 2018-06-08 00:19 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2018-06-13 15:25 - 2018-06-08 00:19 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2018-06-13 15:25 - 2018-06-08 00:18 - 003425280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-06-13 15:25 - 2018-06-08 00:18 - 001623040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2018-06-13 15:25 - 2018-06-08 00:18 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-06-13 15:25 - 2018-06-08 00:18 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 005227008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 004418048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 002679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 002386432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001966080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001239040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2018-06-13 15:25 - 2018-06-08 00:17 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-06-13 15:25 - 2018-06-08 00:16 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 002871808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 002355200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 002142208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-06-13 15:25 - 2018-06-08 00:15 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 001204736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-06-13 15:25 - 2018-06-08 00:14 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-06-13 15:25 - 2018-06-08 00:14 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 002373632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-06-13 15:25 - 2018-06-08 00:13 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-13 15:25 - 2018-06-08 00:13 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 001505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 15:25 - 2018-06-08 00:12 - 001302016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-06-13 15:25 - 2018-06-08 00:12 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-06-13 15:25 - 2018-06-08 00:12 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-06-13 15:25 - 2018-06-08 00:12 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2018-06-13 15:25 - 2018-06-08 00:11 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2018-06-13 15:25 - 2018-05-21 05:52 - 001859584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 15:25 - 2018-04-26 15:31 - 000194464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-06-13 15:25 - 2018-04-26 15:29 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-06-13 15:25 - 2018-04-26 15:25 - 000095648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 15:25 - 2018-04-26 15:24 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-06-13 15:25 - 2018-04-26 14:39 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 15:25 - 2018-04-26 14:38 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-13 15:25 - 2018-04-26 14:38 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 15:25 - 2018-04-26 14:38 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 15:25 - 2018-04-26 14:37 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-06-13 15:25 - 2018-04-26 14:37 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-06-13 15:25 - 2018-04-26 14:35 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2018-06-13 15:25 - 2018-03-02 09:36 - 000141720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-06-13 15:25 - 2018-03-02 09:35 - 000062880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-06-13 15:25 - 2018-03-02 08:53 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-06-13 15:25 - 2018-03-02 08:52 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2018-06-13 15:25 - 2018-03-02 02:20 - 001953448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2018-06-13 15:25 - 2018-03-02 02:09 - 000390560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-06-13 15:25 - 2018-03-02 02:08 - 000552656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-06-13 15:25 - 2018-03-02 02:08 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-06-13 15:25 - 2018-03-02 02:08 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-06-13 15:25 - 2018-03-02 02:06 - 000356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2018-06-13 15:25 - 2018-03-02 01:49 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.XboxLive.ProxyStub.dll
2018-06-13 15:25 - 2018-03-02 01:48 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2018-06-13 15:25 - 2018-03-02 01:48 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2018-06-13 15:25 - 2018-03-02 01:47 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 15:25 - 2018-03-02 01:46 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000377344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2018-06-13 15:25 - 2018-03-02 01:45 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2018-06-13 15:25 - 2018-03-02 01:44 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-06-13 15:25 - 2018-03-02 01:43 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-06-13 15:25 - 2018-03-02 01:43 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-06-13 15:25 - 2018-03-02 01:42 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2018-06-13 15:25 - 2018-03-02 01:42 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-06-13 15:25 - 2018-03-02 01:42 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2018-06-13 15:25 - 2018-03-02 01:41 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2018-06-13 15:25 - 2018-03-02 01:41 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2018-06-13 15:25 - 2018-03-02 01:41 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2018-06-13 15:25 - 2018-03-02 01:38 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2018-06-13 15:25 - 2018-03-02 01:38 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2018-06-13 15:25 - 2018-03-02 01:37 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2018-06-13 15:25 - 2018-03-02 01:36 - 000477184 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2018-06-13 15:25 - 2018-03-02 01:36 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2018-06-13 15:25 - 2018-03-02 01:36 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfmon.exe
2018-06-13 15:25 - 2018-03-02 01:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2018-06-13 15:25 - 2018-03-02 01:35 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2018-06-13 15:24 - 2018-06-08 08:22 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 15:24 - 2018-06-08 08:22 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 15:24 - 2018-06-08 01:31 - 000039328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2018-06-13 15:24 - 2018-06-08 01:27 - 002311936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-13 15:24 - 2018-06-08 01:27 - 002026504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2018-06-13 15:24 - 2018-06-08 01:26 - 008337312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 15:24 - 2018-06-08 01:26 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-13 15:24 - 2018-06-08 01:25 - 002970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 15:24 - 2018-06-08 01:25 - 002398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-13 15:24 - 2018-06-08 01:25 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 15:24 - 2018-06-08 01:22 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 15:24 - 2018-06-08 01:22 - 000367008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 15:24 - 2018-06-08 01:21 - 001239456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-06-13 15:24 - 2018-06-08 01:19 - 002994784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 001760784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 000938912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 000337824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-06-13 15:24 - 2018-06-08 01:19 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 006557528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 004709016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001705088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001670520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 001033552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000762784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000586264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000342432 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-06-13 15:24 - 2018-06-08 01:17 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 001194256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 000510872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2018-06-13 15:24 - 2018-06-08 01:16 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 15:24 - 2018-06-08 01:15 - 001103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 15:24 - 2018-06-08 01:15 - 000523808 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-06-13 15:24 - 2018-06-08 00:50 - 023683072 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-13 15:24 - 2018-06-08 00:49 - 001618792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-13 15:24 - 2018-06-08 00:48 - 001150800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-06-13 15:24 - 2018-06-08 00:41 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-06-13 15:24 - 2018-06-08 00:41 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2018-06-13 15:24 - 2018-06-08 00:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2018-06-13 15:24 - 2018-06-08 00:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-13 15:24 - 2018-06-08 00:36 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-06-13 15:24 - 2018-06-08 00:36 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-13 15:24 - 2018-06-08 00:35 - 023702016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 15:24 - 2018-06-08 00:35 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-06-13 15:24 - 2018-06-08 00:35 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-06-13 15:24 - 2018-06-08 00:34 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-13 15:24 - 2018-06-08 00:33 - 008337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-06-13 15:24 - 2018-06-08 00:33 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 007149568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001304576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001191424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-06-13 15:24 - 2018-06-08 00:32 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-06-13 15:24 - 2018-06-08 00:32 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000753664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 15:24 - 2018-06-08 00:32 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-06-13 15:24 - 2018-06-08 00:31 - 002079744 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 15:24 - 2018-06-08 00:31 - 000909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 005892608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 15:24 - 2018-06-08 00:30 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2018-06-13 15:24 - 2018-06-08 00:29 - 012805120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 004398080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-06-13 15:24 - 2018-06-08 00:29 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-06-13 15:24 - 2018-06-08 00:28 - 020517376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-13 15:24 - 2018-06-08 00:28 - 008168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-13 15:24 - 2018-06-08 00:28 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-06-13 15:24 - 2018-06-08 00:28 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 013384192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 004719104 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 002830848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-13 15:24 - 2018-06-08 00:27 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 002939904 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 15:24 - 2018-06-08 00:26 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 019355648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 001161728 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2018-06-13 15:24 - 2018-06-08 00:25 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2018-06-13 15:24 - 2018-06-08 00:24 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2018-06-13 15:24 - 2018-06-08 00:23 - 001912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-06-13 15:24 - 2018-06-08 00:23 - 001836032 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2018-06-13 15:24 - 2018-06-08 00:23 - 001179136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 011891712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-06-13 15:24 - 2018-06-08 00:22 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2018-06-13 15:24 - 2018-06-08 00:22 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-06-13 15:24 - 2018-06-08 00:21 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 15:24 - 2018-06-08 00:20 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-06-13 15:24 - 2018-06-08 00:19 - 002011648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 15:24 - 2018-06-08 00:19 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 15:24 - 2018-06-08 00:19 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-13 15:24 - 2018-06-08 00:19 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2018-06-13 15:24 - 2018-06-08 00:18 - 006258176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-13 15:24 - 2018-06-08 00:17 - 003653632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 15:24 - 2018-06-08 00:17 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 15:24 - 2018-06-08 00:16 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 15:24 - 2018-05-24 16:28 - 002447360 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 15:24 - 2018-04-26 15:29 - 000381848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-13 15:24 - 2018-04-26 15:20 - 000527464 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-06-13 15:24 - 2018-04-26 14:38 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-06-13 15:24 - 2018-04-26 14:35 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-06-13 15:24 - 2018-04-26 14:34 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-06-13 15:24 - 2018-04-26 14:33 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-06-13 15:24 - 2018-04-26 14:33 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2018-06-13 15:24 - 2018-04-26 14:33 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-06-13 15:24 - 2018-04-26 14:32 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-13 15:24 - 2018-04-26 14:32 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-13 15:24 - 2018-03-04 20:55 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-13 15:24 - 2018-03-02 09:42 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2018-06-13 15:24 - 2018-03-02 09:35 - 000143768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2018-06-13 15:24 - 2018-03-02 08:53 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2018-06-13 15:24 - 2018-03-02 08:53 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2018-06-13 15:24 - 2018-03-02 08:52 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2018-06-13 15:24 - 2018-03-02 08:52 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2018-06-13 15:24 - 2018-03-02 08:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-06-13 15:24 - 2018-03-02 08:47 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2018-06-13 15:24 - 2018-03-02 08:44 - 001600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2018-06-13 15:24 - 2018-03-02 08:39 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2018-06-13 15:24 - 2018-03-02 08:38 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2018-06-13 15:24 - 2018-03-02 08:37 - 001208832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2018-06-13 15:24 - 2018-03-02 08:37 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2018-06-13 15:24 - 2018-03-02 08:37 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2018-06-13 15:24 - 2018-03-02 01:49 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2018-06-13 15:24 - 2018-03-02 01:49 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2018-06-13 15:23 - 2018-06-08 08:23 - 000960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-06-13 15:23 - 2018-06-08 01:31 - 001597112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 15:23 - 2018-06-08 01:31 - 001066128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-13 15:23 - 2018-06-08 01:30 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-13 15:23 - 2018-06-08 01:30 - 001459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-06-13 15:23 - 2018-06-08 01:30 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-13 15:23 - 2018-06-08 01:30 - 001022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-13 15:23 - 2018-06-08 01:30 - 000966560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-06-13 15:23 - 2018-06-08 01:29 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2018-06-13 15:23 - 2018-06-08 01:29 - 000901400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-13 15:23 - 2018-06-08 01:29 - 000822688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-06-13 15:23 - 2018-06-08 01:29 - 000176320 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 15:23 - 2018-06-08 01:26 - 004574200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 15:23 - 2018-06-08 01:26 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 15:23 - 2018-06-08 01:26 - 001188576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-13 15:23 - 2018-06-08 01:26 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-13 15:23 - 2018-06-08 01:25 - 001736096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 15:23 - 2018-06-08 01:22 - 000923592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-13 15:23 - 2018-06-08 01:21 - 000668104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 15:23 - 2018-06-08 01:20 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-13 15:23 - 2018-06-08 01:20 - 001019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 15:23 - 2018-06-08 01:20 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 007318896 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 005477608 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 002649272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 002443680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-13 15:23 - 2018-06-08 01:19 - 001667832 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 001506224 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 001219592 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 001171056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-13 15:23 - 2018-06-08 01:19 - 000524768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-06-13 15:23 - 2018-06-08 01:19 - 000416928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 002466424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000847264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmiEngine.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000643712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 15:23 - 2018-06-08 01:18 - 000555848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2018-06-13 15:23 - 2018-06-08 01:18 - 000128416 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 021359384 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 007909936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 003116696 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 001282528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 001280416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-13 15:23 - 2018-06-08 01:17 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-06-13 15:23 - 2018-06-08 01:16 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-06-13 15:23 - 2018-06-08 01:16 - 000700976 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-06-13 15:23 - 2018-06-08 01:16 - 000154528 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2018-06-13 15:23 - 2018-06-08 00:42 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 15:23 - 2018-06-08 00:41 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2018-06-13 15:23 - 2018-06-08 00:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2018-06-13 15:23 - 2018-06-08 00:41 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-06-13 15:23 - 2018-06-08 00:39 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-13 15:23 - 2018-06-08 00:38 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 15:23 - 2018-06-08 00:38 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 017372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 15:23 - 2018-06-08 00:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-06-13 15:23 - 2018-06-08 00:36 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-13 15:23 - 2018-06-08 00:36 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFIoT.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-06-13 15:23 - 2018-06-08 00:35 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 006569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsmsnap.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-06-13 15:23 - 2018-06-08 00:34 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2018-06-13 15:23 - 2018-06-08 00:34 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-06-13 15:23 - 2018-06-08 00:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 007931904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 003366400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-06-13 15:23 - 2018-06-08 00:32 - 000577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-06-13 15:23 - 2018-06-08 00:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 001580544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-06-13 15:23 - 2018-06-08 00:31 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 002053120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-13 15:23 - 2018-06-08 00:30 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 001046528 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-06-13 15:23 - 2018-06-08 00:30 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-06-13 15:23 - 2018-06-08 00:29 - 004208640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 002491904 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 001103360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-06-13 15:23 - 2018-06-08 00:29 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2018-06-13 15:23 - 2018-06-08 00:29 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 002650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 002502656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-06-13 15:23 - 2018-06-08 00:28 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 003141120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 003058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 002449920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 002426368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 001348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-06-13 15:23 - 2018-06-08 00:27 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-06-13 15:23 - 2018-06-08 00:26 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 001039360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-06-13 15:23 - 2018-06-08 00:25 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-06-13 15:23 - 2018-06-08 00:25 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-06-13 15:23 - 2018-06-08 00:24 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 15:23 - 2018-06-08 00:24 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 15:23 - 2018-06-08 00:22 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-13 15:23 - 2018-05-24 16:26 - 000125015 ____R C:\WINDOWS\system32\CaptureCountdown.hcp
2018-06-13 15:23 - 2018-05-24 16:26 - 000119017 ____R C:\WINDOWS\system32\CaptureBrackets.hcp
2018-06-13 15:23 - 2018-05-24 16:26 - 000017806 ____R C:\WINDOWS\system32\CaptureToast.hcp
2018-06-13 15:23 - 2018-04-26 15:32 - 000544672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-06-13 15:23 - 2018-04-26 15:23 - 000350776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 15:23 - 2018-04-26 14:41 - 003666944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 15:23 - 2018-04-26 14:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-06-13 15:23 - 2018-04-26 14:37 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2018-06-13 15:23 - 2018-04-26 14:36 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-06-13 15:23 - 2018-04-26 14:35 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-06-13 15:23 - 2018-03-04 20:56 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-06-13 15:23 - 2018-03-04 20:48 - 001461248 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-06-13 15:23 - 2018-03-02 09:41 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-06-13 15:23 - 2018-03-02 09:37 - 000100808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-06-13 15:23 - 2018-03-02 09:36 - 000431352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-06-13 15:23 - 2018-03-02 09:35 - 000093568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-06-13 15:23 - 2018-03-02 09:34 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 15:23 - 2018-03-02 08:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2018-06-13 15:23 - 2018-03-02 08:54 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvcPAL.dll
2018-06-13 15:23 - 2018-03-02 08:53 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2018-06-13 15:23 - 2018-03-02 08:52 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-06-13 15:23 - 2018-03-02 08:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2018-06-13 15:23 - 2018-03-02 08:51 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2018-06-13 15:23 - 2018-03-02 08:50 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2018-06-13 15:23 - 2018-03-02 08:50 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\correngine.dll
2018-06-13 15:23 - 2018-03-02 08:50 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2018-06-13 15:23 - 2018-03-02 08:49 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-06-13 15:23 - 2018-03-02 08:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2018-06-13 15:23 - 2018-03-02 08:47 - 004269056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2018-06-13 15:23 - 2018-03-02 08:46 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2018-06-13 15:23 - 2018-03-02 08:45 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2018-06-13 15:23 - 2018-03-02 01:41 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2018-06-13 15:22 - 2018-06-08 08:25 - 020416512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 15:22 - 2018-06-08 08:24 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 15:22 - 2018-06-08 08:23 - 001161216 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-06-13 15:22 - 2018-06-08 08:23 - 000528896 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2018-06-13 15:22 - 2018-06-08 08:22 - 017049600 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-13 15:22 - 2018-06-08 08:16 - 007136256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Havok.Physics.dll
2018-06-13 15:22 - 2018-06-08 01:36 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-13 15:22 - 2018-06-08 01:35 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 15:22 - 2018-06-08 01:35 - 000137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-13 15:22 - 2018-06-08 01:34 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-13 15:22 - 2018-06-08 01:34 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-13 15:22 - 2018-06-08 01:34 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-13 15:22 - 2018-06-08 01:32 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-13 15:22 - 2018-06-08 01:32 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-13 15:22 - 2018-06-08 01:32 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-13 15:22 - 2018-06-08 01:30 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-13 15:22 - 2018-06-08 01:28 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-13 15:22 - 2018-06-08 01:28 - 000486592 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 15:22 - 2018-06-08 01:23 - 000421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2018-06-13 15:22 - 2018-06-08 01:21 - 001200912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-06-13 15:22 - 2018-06-08 01:21 - 000528288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-13 15:22 - 2018-06-08 01:20 - 001058376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2018-06-13 15:22 - 2018-06-08 01:20 - 001046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-13 15:22 - 2018-06-08 01:20 - 000515000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 15:22 - 2018-06-08 01:19 - 000673136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-06-13 15:22 - 2018-06-08 01:19 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-06-13 15:22 - 2018-06-08 01:19 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-06-13 15:22 - 2018-06-08 01:19 - 000370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-06-13 15:22 - 2018-06-08 01:19 - 000350624 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 005305008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 002087328 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 001347640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-06-13 15:22 - 2018-06-08 01:18 - 000690592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 15:22 - 2018-06-08 01:18 - 000141136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 15:22 - 2018-06-08 01:17 - 001337872 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 15:22 - 2018-06-08 01:17 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 15:22 - 2018-06-08 01:17 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 15:22 - 2018-06-08 01:16 - 001763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-06-13 15:22 - 2018-06-08 01:16 - 000833168 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-06-13 15:22 - 2018-06-08 01:16 - 000802720 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 15:22 - 2018-06-08 01:16 - 000222712 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-06-13 15:22 - 2018-06-08 01:15 - 001115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 15:22 - 2018-06-08 01:15 - 000624040 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2018-06-13 15:22 - 2018-06-08 00:41 - 001723392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 15:22 - 2018-06-08 00:41 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2018-06-13 15:22 - 2018-06-08 00:39 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-13 15:22 - 2018-06-08 00:39 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\eUICCsCSP.dll
2018-06-13 15:22 - 2018-06-08 00:38 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-06-13 15:22 - 2018-06-08 00:38 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2018-06-13 15:22 - 2018-06-08 00:38 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-06-13 15:22 - 2018-06-08 00:38 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRCommon.dll
2018-06-13 15:22 - 2018-06-08 00:37 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 15:22 - 2018-06-08 00:37 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 15:22 - 2018-06-08 00:36 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000723456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafupnp.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 15:22 - 2018-06-08 00:36 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2018-06-13 15:22 - 2018-06-08 00:36 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-06-13 15:22 - 2018-06-08 00:35 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 15:22 - 2018-06-08 00:35 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2018-06-13 15:22 - 2018-06-08 00:35 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-06-13 15:22 - 2018-06-08 00:34 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 002727936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 001266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2018-06-13 15:22 - 2018-06-08 00:33 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 15:22 - 2018-06-08 00:33 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000679936 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2018-06-13 15:22 - 2018-06-08 00:33 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 15:22 - 2018-06-08 00:33 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-06-13 15:22 - 2018-06-08 00:32 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-06-13 15:22 - 2018-06-08 00:32 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-06-13 15:22 - 2018-06-08 00:32 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-06-13 15:22 - 2018-06-08 00:31 - 000727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 15:22 - 2018-06-08 00:31 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 003206656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 001750528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 001242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2018-06-13 15:22 - 2018-06-08 00:30 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 001888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2018-06-13 15:22 - 2018-06-08 00:29 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2018-06-13 15:22 - 2018-06-08 00:28 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-06-13 15:22 - 2018-06-08 00:28 - 002813440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-13 15:22 - 2018-06-08 00:28 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-13 15:22 - 2018-06-08 00:28 - 000318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2018-06-13 15:22 - 2018-06-08 00:27 - 002177536 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 15:22 - 2018-06-08 00:27 - 001844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 003490304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 002757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-13 15:22 - 2018-06-08 00:26 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 002855936 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2018-06-13 15:22 - 2018-06-08 00:25 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 001044480 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2018-06-13 15:22 - 2018-06-08 00:24 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 002899968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 001550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-06-13 15:22 - 2018-06-08 00:23 - 001313280 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2018-06-13 15:22 - 2018-06-08 00:23 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 001651200 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 001529856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 001527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsdyn.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2018-06-13 15:22 - 2018-06-08 00:22 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-13 15:22 - 2018-06-08 00:22 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-13 15:22 - 2018-04-26 15:23 - 000070352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-06-13 15:22 - 2018-04-26 14:38 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-06-13 15:22 - 2018-04-26 14:37 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-06-13 15:22 - 2018-04-26 14:35 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2018-06-13 15:22 - 2018-04-26 14:35 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2018-06-13 15:22 - 2018-04-26 14:32 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-06-13 15:22 - 2018-04-26 14:26 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-06-13 15:22 - 2018-04-26 14:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2018-06-13 15:22 - 2018-03-02 09:45 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2018-06-13 15:22 - 2018-03-02 09:45 - 000041368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2018-06-13 15:22 - 2018-03-02 09:36 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 15:22 - 2018-03-02 09:36 - 000146336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-06-13 15:22 - 2018-03-02 09:36 - 000135584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2018-06-13 15:22 - 2018-03-02 09:36 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-06-13 15:22 - 2018-03-02 09:35 - 000963992 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2018-06-13 15:22 - 2018-03-02 08:54 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-06-13 15:22 - 2018-03-02 08:53 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragproxy.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpcsp.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2018-06-13 15:22 - 2018-03-02 08:52 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2018-06-13 15:22 - 2018-03-02 08:52 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2018-06-13 15:22 - 2018-03-02 08:51 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-06-13 15:22 - 2018-03-02 08:51 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2018-06-13 15:22 - 2018-03-02 08:50 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2018-06-13 15:22 - 2018-03-02 08:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-06-13 15:22 - 2018-03-02 08:40 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-06-13 15:22 - 2018-03-02 08:40 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2018-06-13 15:22 - 2018-03-02 08:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2018-06-13 15:22 - 2018-03-02 08:39 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-06-13 15:22 - 2018-03-02 08:39 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2018-06-13 15:22 - 2018-03-02 08:38 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2018-06-13 15:22 - 2018-03-02 08:38 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFCoinstaller.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 000566272 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2018-06-13 15:22 - 2018-03-02 08:37 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2018-06-13 15:22 - 2018-03-02 08:37 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-06-13 15:22 - 2018-03-02 08:37 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfmon.exe
2018-06-13 15:22 - 2018-03-02 08:37 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2018-06-13 15:22 - 2018-03-02 08:36 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdhui.dll
2018-06-13 15:22 - 2018-03-02 01:36 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2018-06-13 15:21 - 2018-06-08 00:39 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-13 15:21 - 2018-04-26 14:38 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 15:21 - 2018-03-02 08:52 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzSqlExt.dll
2018-06-13 15:21 - 2018-03-02 08:49 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-06-13 15:21 - 2018-03-02 08:44 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2018-06-13 15:21 - 2018-03-02 08:40 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2018-06-13 15:21 - 2018-03-02 08:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2018-06-13 15:21 - 2018-03-02 08:37 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2018-06-13 15:09 - 2018-06-13 15:09 - 000600354 _____ C:\Users\Ross\Downloads\NSCA Newsletter TWO rev E (2).pdf
2018-06-13 15:08 - 2018-06-13 15:08 - 000143010 _____ C:\Users\Ross\Downloads\NSCA Newsletter ONE rev B (3).pdf
2018-06-12 23:48 - 2018-06-12 23:48 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3) (1).pdf
2018-06-12 14:01 - 2018-06-12 14:01 - 001421706 _____ C:\Users\Ross\Downloads\BR18_flyer (1).pdf
2018-06-12 13:06 - 2018-06-12 13:06 - 002013160 _____ C:\Users\Ross\Downloads\snapshots.zip
2018-06-11 20:39 - 2018-06-11 20:39 - 000064481 _____ C:\Users\Ross\Downloads\MedHab Cap tables 2018 Proforma v2.xlsx
2018-06-11 20:00 - 2018-06-11 20:00 - 001901413 _____ C:\Users\Ross\Downloads\GrandCareMediaKit-Spring2016 (3).pdf
2018-06-11 14:46 - 2018-06-11 14:47 - 002724199 _____ C:\Users\Ross\Downloads\new legion20180611_11371555.pdf
2018-06-11 14:19 - 2018-06-11 14:19 - 009882624 _____ C:\Users\Ross\Downloads\2018 Catholic Television of San Antono Media Kit.ppt
2018-06-11 13:14 - 2018-06-11 13:14 - 000086871 _____ C:\Users\Ross\Downloads\INV-000455 (1).pdf
2018-06-11 10:55 - 2018-06-11 10:55 - 000052519 _____ C:\Users\Ross\Downloads\medhab060818 (1).pdf
2018-06-11 08:28 - 2018-06-11 08:28 - 000046613 _____ C:\Users\Ross\Downloads\MedHab Cap tables 2018 Proforma.xlsx
2018-06-08 13:59 - 2018-06-08 13:59 - 000086871 _____ C:\Users\Ross\Downloads\INV-000455.pdf
2018-06-08 12:30 - 2018-06-08 12:30 - 000054584 _____ C:\Users\Ross\Downloads\medhab060818.pdf
2018-06-08 09:31 - 2018-06-08 09:31 - 000454665 _____ C:\Users\Ross\Downloads\sample.pdf
2018-06-08 09:28 - 2018-06-08 09:28 - 000585208 _____ C:\Users\Ross\Downloads\2018 May - MyNotifi Monthly Report.pdf
2018-06-07 12:57 - 2018-06-07 12:57 - 000206791 _____ C:\Users\Ross\Downloads\MyNotifi Sales 6-2-18.pdf
2018-06-07 12:56 - 2018-06-07 12:56 - 000069959 _____ C:\Users\Ross\Downloads\Weekly MyNotifi Sales Report (7).pdf
2018-06-05 13:39 - 2018-06-05 13:39 - 004411343 _____ C:\Users\Ross\Downloads\13009 MyNotifi Digital Banner Ad Layouts 6-5-18.pdf
2018-06-05 10:22 - 2018-06-05 10:22 - 000655245 _____ C:\Users\Ross\Downloads\MedHab Invoices - May.pdf
2018-06-04 16:05 - 2018-06-04 16:05 - 000037269 _____ C:\Users\Ross\Downloads\STMAC-KM-C418060414300.pdf
2018-06-04 15:45 - 2018-06-04 15:45 - 000044513 _____ C:\Users\Ross\Downloads\PRN_Statement (1).pdf
2018-06-04 13:21 - 2018-06-04 13:21 - 000036560 _____ C:\Users\Ross\Downloads\Camp Round Up 2018 Staffing.pdf
2018-06-04 13:18 - 2018-06-04 13:18 - 000402112 _____ C:\Users\Ross\Downloads\Medhab 6-18.pdf
2018-06-04 10:17 - 2018-06-04 10:17 - 000000000 ____D C:\ProgramData\MB2Migration
2018-06-04 10:16 - 2018-06-04 10:16 - 074288784 _____ (Malwarebytes ) C:\Users\Ross\Desktop\mb3-setup-1878.1878-3.5.1.2522.exe
2018-06-01 12:50 - 2018-06-01 12:50 - 015781318 _____ C:\Users\Ross\Downloads\MyNotifi Tech Support may 30_2018 final (1).odt
2018-06-01 12:49 - 2018-06-01 12:50 - 015781318 _____ C:\Users\Ross\Downloads\MyNotifi Tech Support may 30_2018 final.odt
2018-06-01 12:27 - 2018-06-01 12:27 - 007980782 _____ C:\Users\Ross\Downloads\LC - 009 MyNotifi UserManual Rev 4 5-29-2018.pdf
2018-06-01 11:39 - 2018-06-01 11:39 - 000086039 _____ C:\Users\Ross\Downloads\Johnny Ross - Cover Sheet (non-employee).pdf
2018-06-01 07:28 - 2018-06-01 07:28 - 000001900 _____ C:\Users\Ross\Downloads\call_log-2018-05-31.csv
2018-05-31 23:28 - 2018-05-31 23:28 - 000919846 _____ C:\Users\Ross\Downloads\8315681_0000004536_20180530 (1).pdf
2018-05-31 18:33 - 2018-05-31 19:02 - 474907002 _____ C:\Users\Ross\Downloads\83156_Coffee_With_America_1080p_MP4 (1).zip
2018-05-31 18:33 - 2018-05-31 18:56 - 361811449 _____ C:\Users\Ross\Downloads\83156_KOB__1080p_MP4.zip
2018-05-31 18:33 - 2018-05-31 18:55 - 331273191 _____ C:\Users\Ross\Downloads\83156_WFTX_1080p_MP4 (1).zip
2018-05-31 18:33 - 2018-05-31 18:41 - 087042959 _____ C:\Users\Ross\Downloads\83156_WCIU_1080_MP4 (1).zip
2018-05-31 18:33 - 2018-05-31 18:35 - 022099779 _____ C:\Users\Ross\Downloads\83156_IN_FOCUS_1080_MP4 (1).zip
2018-05-31 18:32 - 2018-05-31 18:54 - 315327788 _____ C:\Users\Ross\Downloads\83156_BusinessFirst_1080p_MP4.zip
2018-05-31 17:24 - 2018-05-31 17:31 - 331273191 _____ C:\Users\Ross\Downloads\83156_WFTX_1080p_MP4.zip
2018-05-31 17:19 - 2018-05-31 17:21 - 087042959 _____ C:\Users\Ross\Downloads\83156_WCIU_1080_MP4.zip
2018-05-31 16:42 - 2018-05-31 16:42 - 000206109 _____ C:\Users\Ross\Downloads\MyNotifi-Report-May-2018 (1).pdf
2018-05-31 16:26 - 2018-05-31 16:26 - 000206109 _____ C:\Users\Ross\Downloads\MyNotifi-Report-May-2018.pdf
2018-05-31 16:04 - 2018-05-31 16:04 - 000086010 _____ C:\Users\Ross\Downloads\Non-employee cover sheet - Johnny Ross (1).pdf
2018-05-31 16:02 - 2018-05-31 16:02 - 002184960 _____ C:\Users\Ross\Downloads\Johnny Ross Corpus Christi ER.pdf
2018-05-31 16:01 - 2018-05-31 16:01 - 000086010 _____ C:\Users\Ross\Downloads\Non-employee cover sheet - Johnny Ross.pdf
2018-05-31 15:36 - 2018-05-31 15:36 - 000207303 _____ C:\Users\Ross\Downloads\MyNotifi Sales 5-26-18.pdf
2018-05-31 15:36 - 2018-05-31 15:36 - 000195639 _____ C:\Users\Ross\Downloads\MyNotifi Coupon Sales (1).pdf
2018-05-31 15:35 - 2018-05-31 15:35 - 000071238 _____ C:\Users\Ross\Downloads\Weekly MyNotifi Sales Report (6).pdf
2018-05-30 23:15 - 2018-05-30 23:15 - 000011146 _____ C:\Users\Ross\Downloads\MEDHAB Payment for R-80104.xlsx
2018-05-30 23:15 - 2018-05-30 23:15 - 000009801 _____ C:\Users\Ross\Downloads\30 pcs defective MLF-70100.xlsx
2018-05-30 14:54 - 2018-05-30 14:54 - 000919846 _____ C:\Users\Ross\Downloads\8315681_0000004536_20180530.pdf
2018-05-30 13:19 - 2018-05-30 13:37 - 882596708 _____ C:\Users\Ross\Downloads\83156_TESTEMONIAL_1080p_MP4.zip
2018-05-30 13:05 - 2018-05-30 13:05 - 000042898 _____ C:\Users\Ross\Downloads\message_zdm (14).html
2018-05-30 12:57 - 2018-05-30 12:57 - 000396274 _____ C:\Users\Ross\Desktop\Johnnys ER bill From Grapevine.pdf
2018-05-30 12:54 - 2018-05-30 12:54 - 000813667 _____ C:\Users\Ross\Desktop\Johnnys PIP form for Becky.pdf
2018-05-30 11:59 - 2018-05-30 11:59 - 002633786 _____ C:\Users\Ross\Desktop\Janices accident bills.pdf
2018-05-30 08:41 - 2018-05-30 08:41 - 000000550 _____ C:\Users\Ross\Downloads\call_log-2018-05-29.csv
2018-05-29 16:33 - 2018-05-29 16:33 - 000690080 _____ (Dropbox, Inc.) C:\Users\Ross\Downloads\DropboxInstaller.exe
2018-05-29 15:35 - 2018-05-29 15:35 - 000217350 _____ C:\Users\Ross\Downloads\MedHabAgreement.pdf
2018-05-29 15:27 - 2018-05-29 15:39 - 021728218 _____ C:\Users\Ross\Downloads\Unconfirmed 150461.crdownload
2018-05-29 14:29 - 2018-05-29 14:29 - 000485522 _____ C:\Users\Ross\Downloads\MedHab, LLC-US-180521-OC 140346_0.pdf
2018-05-29 13:46 - 2018-05-29 13:46 - 000134376 _____ C:\Users\Ross\Downloads\NCNR Agreement 2010_04_12.pdf
2018-05-29 13:20 - 2018-05-29 13:20 - 000037281 _____ C:\Users\Ross\Downloads\Copy of Material box build need for  25k  5-25-18  .xlsx
2018-05-29 13:20 - 2018-05-29 13:20 - 000028566 _____ C:\Users\Ross\Downloads\Copy of Purchase order R-80525  SPARTON VIETNAM MyNotifi  Second 25k prebuild  .xlsx
2018-05-29 13:20 - 2018-05-29 13:20 - 000028566 _____ C:\Users\Ross\Downloads\Copy of Purchase order R-80524  SPARTON VIETNAM MyNotifi  first 25k prebuild  .xlsx
2018-05-29 12:28 - 2018-05-29 12:42 - 022099779 _____ C:\Users\Ross\Downloads\83156_IN_FOCUS_1080_MP4.zip
2018-05-29 09:50 - 2018-05-29 09:51 - 005829514 _____ C:\Users\Ross\Downloads\4430.mp4
2018-05-29 09:38 - 2018-05-29 10:32 - 474907002 _____ C:\Users\Ross\Downloads\83156_Coffee_With_America_1080p_MP4.zip
2018-05-29 09:16 - 2018-05-29 09:16 - 000371719 _____ C:\Users\Ross\Downloads\sales tax exempt form.pdf
2018-05-29 09:16 - 2018-05-29 09:16 - 000175156 _____ C:\Users\Ross\Downloads\New Product Summary General - 3-26-18.xlsx
2018-05-29 09:16 - 2018-05-29 09:16 - 000032768 _____ C:\Users\Ross\Downloads\Credit Sheet Update - 2018.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-27 17:58 - 2017-03-18 16:01 - 000000000 ____D C:\WINDOWS\INF
2018-06-27 17:55 - 2017-06-15 10:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-27 16:39 - 2017-06-15 10:32 - 001942014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-27 16:38 - 2018-03-01 22:39 - 000000000 ____D C:\Windows10Upgrade
2018-06-27 16:34 - 2013-07-09 15:04 - 000000000 ____D C:\Users\Ross\AppData\Roaming\Dropbox
2018-06-27 16:08 - 2018-02-27 17:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-27 16:06 - 2017-03-18 16:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-27 16:06 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-26 16:08 - 2018-05-25 11:13 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-26 16:08 - 2018-05-25 11:13 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-25 13:19 - 2017-04-12 20:20 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-06-25 13:18 - 2013-01-19 07:41 - 000000408 _____ C:\Users\Ross\AppData\Roaming\sp_data.sys
2018-06-25 13:17 - 2016-05-20 03:38 - 000000000 __SHD C:\Users\Ross\IntelGraphicsProfiles
2018-06-25 13:16 - 2017-06-15 10:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-22 14:44 - 2017-06-14 22:11 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-22 14:35 - 2018-04-12 05:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-21 16:43 - 2017-07-26 21:30 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-64034393-3022908189-2605214032-1001
2018-06-21 16:43 - 2016-05-19 09:18 - 000002362 _____ C:\Users\Ross\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-21 16:43 - 2016-05-19 09:18 - 000000000 ___RD C:\Users\Ross\OneDrive
2018-06-21 14:23 - 2017-07-09 09:34 - 000000000 ____D C:\Users\Ross\AppData\Local\GoToMeeting
2018-06-21 14:23 - 2017-06-15 10:12 - 000000000 ____D C:\Users\Ross
2018-06-20 08:44 - 2018-03-30 10:43 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2018-06-18 11:01 - 2017-03-18 15:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-14 15:44 - 2013-11-23 17:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-14 11:55 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\rescache
2018-06-13 23:28 - 2016-02-13 08:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-13 20:22 - 2017-06-15 10:06 - 000311792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-13 20:20 - 2015-06-05 16:47 - 000000640 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-64034393-3022908189-2605214032-1001.job
2018-06-13 20:20 - 2014-05-22 09:50 - 000000544 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-64034393-3022908189-2605214032-1001.job
2018-06-13 20:18 - 2017-03-18 06:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-06-13 20:15 - 2017-06-13 19:34 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-13 20:15 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-13 20:14 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-06-13 20:14 - 2017-03-18 06:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 20:13 - 2017-03-18 21:31 - 000000000 ____D C:\WINDOWS\HoloShell
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 20:13 - 2017-03-18 16:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-06-13 20:13 - 2017-03-18 06:40 - 000000000 ____D C:\WINDOWS\servicing
2018-06-13 17:01 - 2015-03-03 12:04 - 000000000 ____D C:\Users\Ross\AppData\Roaming\webex
2018-06-13 17:01 - 2015-03-03 12:04 - 000000000 ____D C:\Users\Ross\AppData\LocalLow\WebEx
2018-06-13 15:32 - 2013-07-27 15:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 15:30 - 2017-10-10 22:52 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 15:30 - 2013-01-18 17:54 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-11 07:29 - 2017-06-15 10:33 - 000003788 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-64034393-3022908189-2605214032-1001
2018-06-11 07:29 - 2017-06-15 10:33 - 000003692 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-64034393-3022908189-2605214032-1001
2018-06-07 12:37 - 2018-03-01 22:40 - 000000000 ___HD C:\$GetCurrent
2018-06-07 12:37 - 2017-06-15 10:39 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2018-06-07 12:37 - 2017-06-15 10:39 - 000001908 _____ C:\WINDOWS\diagerr.xml
2018-06-07 12:27 - 2018-03-02 01:05 - 000000036 _____ C:\WINDOWS\progress.ini
2018-06-07 12:19 - 2018-03-13 16:31 - 000004570 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-07 12:19 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-07 12:19 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-05 15:45 - 2017-11-17 09:17 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 15:45 - 2017-11-17 09:17 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-04 11:46 - 2013-10-30 21:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-04 11:15 - 2013-08-19 20:37 - 000000000 ____D C:\ProgramData\APN
2018-06-04 11:15 - 2013-07-09 15:04 - 000000000 ____D C:\Users\Ross\AppData\LocalLow\Delta
2018-06-04 10:31 - 2017-07-16 16:43 - 000001293 _____ C:\Users\Ross\Desktop\Google Chrome.lnk
2018-05-29 15:54 - 2013-01-18 19:33 - 000000000 ____D C:\Users\Ross\Desktop\MedHab LLC

==================== Files in the root of some directories =======

2014-03-31 10:19 - 2014-03-31 10:19 - 000000021 _____ () C:\Users\Ross\AppData\Roaming\my_intel.sys
2013-01-19 07:41 - 2018-06-25 13:18 - 000000408 _____ () C:\Users\Ross\AppData\Roaming\sp_data.sys

Some files in TEMP:
====================
2013-01-02 20:20 - 2013-01-02 20:20 - 000726016 _____ (Igor Pavlov) C:\Users\Ross\AppData\Local\Temp\7z.dll
2013-01-02 20:20 - 2013-01-02 20:20 - 000150016 _____ (Igor Pavlov) C:\Users\Ross\AppData\Local\Temp\7z.exe
2018-06-27 16:34 - 2018-06-27 16:34 - 000043008 _____ () C:\Users\Ross\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4piasi.dll
2013-01-02 20:20 - 2013-01-02 20:20 - 000023477 _____ () C:\Users\Ross\AppData\Local\Temp\dtkill.exe
2013-01-02 20:20 - 2013-01-02 20:20 - 000006656 _____ (doubleTwist Corperation) C:\Users\Ross\AppData\Local\Temp\Executor.exe
2018-02-21 10:51 - 2018-02-21 10:51 - 011097040 _____ () C:\Users\Ross\AppData\Local\Temp\HPPSdr.exe
2013-04-23 17:15 - 2013-04-23 17:15 - 004995416 _____ (Microsoft Corporation) C:\Users\Ross\AppData\Local\Temp\vcredist_x86-2010.exe
2013-01-02 20:20 - 2013-01-02 20:20 - 006560088 _____ (Microsoft Corporation) C:\Users\Ross\AppData\Local\Temp\vcredist_x86-2012.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-21 10:37

==================== End of FRST.txt ============================

 

 

We do not have our original Windows CD/DVD available.



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 04 July 2018 - 07:30 PM

Greetings phaonica and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please do this.

===================================================

Malwarebytes AdwCleaner

-------------------
  • Please download AdwCleaner and save it on your desktop.
  • Close all open programs and browsers
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed if there are threats found you will see Found 3 threats or something similar above the progress bar
  • Click each tab under Results and uncheck any items you want to keep
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Click OK twice to finish the removal process by automatically rebooting your computer
  • Once completed an AdwCleaner document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
  • The information will be copied invisibly and will be "pasted" into FRST automatically when you click Fix as instructed below
Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: C:\WINDOWS\Tasks\Setup PowerfulBrowse.job => C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowse_S.exe
C:\Program Files (x86)\PowerfulBrowse
ExportKey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
emptytemp:
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • Note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program agree to the request.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner report
  • Fixlog
  • Update on situation

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 07 July 2018 - 08:39 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 phaonica

phaonica
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 09 July 2018 - 11:29 AM

I was away during the holidays, but I am back now. Thank you for your help. I will update this thread with my reports as soon as possible.



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 09 July 2018 - 12:40 PM

Thanks for touching base. When you are ready we will get started.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#9 phaonica

phaonica
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 11 July 2018 - 11:09 AM

My computer didn't reboot quite as described after running AdwCleaner, so hopefully one of these file is the right one

 

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build:    07-04-2018
# Database: 2018-07-04.1
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-11-2018
# Duration: 00:03:26
# OS:       Windows 10 Home
# Scanned:  41365
# Detected: 76
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.Ask                C:\ProgramData\Ask
PUP.Optional.CompuClever        C:\Program Files (x86)\CompuClever
PUP.Optional.CompuClever        C:\Users\Ross\AppData\Roaming\CompuClever
PUP.Optional.Delta              C:\Users\Ross\APPDATA\LOCALLOW\DELTA
PUP.Optional.DriverRestore      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
PUP.Optional.InstallCore        C:\Users\Ross\AppData\Local\Rocket
PUP.Optional.Legacy             C:\ProgramData\StarApp
PUP.Optional.Legacy             C:\Program Files (x86)\Common Files\Software Update Utility
PUP.Optional.RegCleanerPro      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Rogue.ForcedExtension           C:\ProgramData\apn
Trojan.Agent                    C:\Users\Ross\AppData\Local\iac
Trojan.Agent                    C:\Users\Ross\AppData\LocalLow\iac
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.DriverRestore      HKCU\Software\DriverRestore
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Optimizer Pro
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnUpdater
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
PUP.Optional.Legacy             HKCU\Software\Rocket Browser
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
PUP.Optional.Legacy             HKCU\Software\BABSOLUTION
PUP.Optional.Legacy             HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\AppID\dnu.EXE
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\AppID\dnu.EXE
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
PUP.Optional.Legacy             HKLM\Software\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
PUP.Optional.Legacy             HKLM\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
PUP.Optional.Legacy             HKLM\Software\Classes\Prod.cap
PUP.Optional.Legacy             HKLM\Software\Classes\dnUpdate
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\sjc-usadmm.dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\sjc-usadmm.dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\greentreeservicing.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cars.trovit.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cars.trovit.com
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
PUP.Optional.OpenSoftware.Updater HKCU\Software\SoftwareUpdater
PUP.Optional.Yontoo             HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-64034393-3022908189-2605214032-1001\Software\Deal Keeper
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries found.
 
***** [ Chromium URLs ] *****
 
PUP.Optional.Legacy             Ask
PUP.Optional.Legacy             AOL
PUP.Optional.Legacy             AOL
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
 
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
 
 
 
 
# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build:    07-04-2018
# Database: 2018-07-04.1
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-11-2018
# Duration: 00:00:17
# OS:       Windows 10 Home
# Cleaned:  76
# Failed:   0
 
 
***** [ Services ] *****
 
No malicious services cleaned.
 
***** [ Folders ] *****
 
Deleted       C:\ProgramData\Ask
Deleted       C:\Program Files (x86)\CompuClever
Deleted       C:\Users\Ross\AppData\Roaming\CompuClever
Deleted       C:\Users\Ross\APPDATA\LOCALLOW\DELTA
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Deleted       C:\Users\Ross\AppData\Local\Rocket
Deleted       C:\ProgramData\StarApp
Deleted       C:\Program Files (x86)\Common Files\Software Update Utility
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Deleted       C:\ProgramData\apn
Deleted       C:\Users\Ross\AppData\Local\iac
Deleted       C:\Users\Ross\AppData\LocalLow\iac
 
***** [ Files ] *****
 
No malicious files cleaned.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks cleaned.
 
***** [ Registry ] *****
 
Deleted       HKCU\Software\DriverRestore
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Optimizer Pro
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ApnUpdater
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Deleted       HKCU\Software\Rocket Browser
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Deleted       HKCU\Software\BABSOLUTION
Deleted       HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted       HKLM\Software\Wow6432Node\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\dnu.EXE
Deleted       HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Deleted       HKLM\Software\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Deleted       HKLM\Software\Wow6432Node\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Deleted       HKLM\Software\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Deleted       HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Deleted       HKLM\Software\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Deleted       HKLM\Software\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Deleted       HKLM\Software\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Deleted       HKLM\Software\Wow6432Node\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Deleted       HKLM\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Deleted       HKLM\Software\Classes\Prod.cap
Deleted       HKLM\Software\Classes\dnUpdate
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\sjc-usadmm.dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\iad-usadmm.dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\sjc-usadmm.dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\iad-usadmm.dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\greentreeservicing.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\trovit.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cars.trovit.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\trovit.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cars.trovit.com
Deleted       HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Deleted       HKCU\Software\SoftwareUpdater
Deleted       HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-64034393-3022908189-2605214032-1001\Software\Deal Keeper
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries cleaned.
 
***** [ Chromium URLs ] *****
 
Deleted       Ask
Deleted       AOL
Deleted       AOL
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries cleaned.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs cleaned.
 
 
*************************
 
[+] Delete Tracing Keys
[+] Reset Winsock
 
*************************
 
AdwCleaner[S00].txt - [10309 octets] - [11/07/2018 09:46:14]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Ross (11-07-2018 10:39:29) Run:1
Running from C:\Users\Ross\Desktop
Loaded Profiles: Ross (Available Profiles: Ross & admin)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: C:\WINDOWS\Tasks\Setup PowerfulBrowse.job => C:\Program Files (x86)\PowerfulBrowse\PowerfulBrowse_S.exe
C:\Program Files (x86)\PowerfulBrowse
ExportKey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
emptytemp:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => removed successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
C:\WINDOWS\Tasks\Setup PowerfulBrowse.job => moved successfully
"C:\Program Files (x86)\PowerfulBrowse" => not found
================== ExportKey: ===================
 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"="%ProgramFiles%\Windows Defender\MSASCuiL.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe"
"ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe*********************************************"
"BoxSync"=""C:\Program Files\Box\Box Sync\BoxSync.exe" -m"
 
=== End of ExportKey ===
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.
 
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{8DDF5576-8364-47E2-AF8A-B7DFE74A3292} canceled.
1 out of 1 jobs canceled.
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
========= RemoveProxy: =========
 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-64034393-3022908189-2605214032-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-64034393-3022908189-2605214032-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 159192672 B
Java, Flash, Steam htmlcache => 48370 B
Windows/system/drivers => 107790876 B
Edge => 363222169 B
Chrome => 431021928 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 426288 B
NetworkService => 1862574 B
Ross => 1313891885 B
admin => 6112 B
 
RecycleBin => 567291617 B
EmptyTemp: => 2.7 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 10:54:33 ====


#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 11 July 2018 - 12:39 PM

Thank you, AdwCleaner ran properly.

Please do this.

===================================================

Farbar's Recovery Scan Tool Search

--------------------
  • Launch FRST
  • Copy/paste the following in the Search: box
ACMON.exe*;ACMON.*
  • Click Search Files button
  • When completed click OK and a Search.txt document will open on your desktop
  • Copy and paste the contents of that document your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Search.txt
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#11 phaonica

phaonica
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 12 July 2018 - 09:09 AM

Here are the results of the requested Farbar scan. As far as an update goes: this computer was never running unusually slow or getting popups or ads or anything, it's just that it was the only computer that ever accessed an email account that became compromised, so we needed a thorough scan performed to clean up whatever might be on this computer that could account for how the email account became compromised
 
I really appreciate your time helping me with this.
 
 
 
 
 
Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Ross (12-07-2018 08:54:38)
Running from C:\Users\Ross\Desktop
Boot Mode: Normal
 
================== Search Files: "ACMON.exe*;ACMON.*
" =============
 
C:\Windows\Prefetch\ACMON.EXE-039F45B0.pf
[2018-07-11 09:26][2018-07-11 10:58] 000003570 _____ () 37914463C1711EBAEFDC2068FD485BA1 [File not signed]
 
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
[2012-08-24 19:17][2012-08-24 19:17] 000107192 _____ (ASUS) B7BCA8A30CE13A283CDBDECEF5616C39 [File is digitally signed]
 
 
====== End of Search ======

Edited by phaonica, 12 July 2018 - 09:09 AM.


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 12 July 2018 - 02:18 PM

Greetings.

It is my pleasure.

Thanks for the update. Let's run these now.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

Security Analysis by Rocket Grannie

--------------------
  • Please download Security Analysis by Rocket Grannie and save it to your Desktop
  • Right click on the icon and select Run as administrator
  • Click OK on the disclaimer and ignore any security warnings that may appear
  • In your reply, please copy and paste the contents of the Notepad document that will appear on your desktop
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Analysis log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 15 July 2018 - 09:01 AM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#14 phaonica

phaonica
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:01:25 PM

Posted 15 July 2018 - 03:14 PM

Thank you for your patience. I will run the recommended scan as soon as possible.



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,372 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:25 AM

Posted 15 July 2018 - 03:49 PM

No problem, I just needed to make sure you were still with me. Thanks for the update.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users