Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016 Ran by lee (administrator) on LGW (17-03-2017 07:57:08) Running from C:\Users\lee\Desktop Loaded Profiles: lee (Available Profiles: lee) Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe Failed to access process -> Memory Compression (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Dropbox, Inc.) C:\Users\lee\AppData\Local\Dropbox\Update\DropboxUpdate.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-04-30] (LogMeIn, Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [VerizonCloud] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] () HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2017-01-19] (Apple Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2017-01-13] (Apple Inc.) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3001536 2016-12-16] (Sony Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [PxDotNetLoader] => C:\Program Files (x86)\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe [44104 2013-05-01] (Fidelity Investments) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [Dropbox Update] => C:\Users\lee\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-18] (Dropbox, Inc.) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [SynchronossPC] => C:\Program Files\Verizon\VerizonCloud\VerizonCloud.exe [2136728 2015-12-03] () HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [Google Update] => C:\Users\lee\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-16] (Google Inc.) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [1694344 2016-12-13] (BlueStack Systems, Inc.) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\Run: [GoogleChromeAutoLaunch_3E1EC7EAD0295B039D981EB280A2541F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\MountPoints2: {6f3c34a1-cd27-11e6-bf63-083e8ec90c4c} - "E:\VerizonSWUpgradeAssistantLauncher.exe" HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\...\MountPoints2: {b7a8cc39-4839-11e6-bf3b-083e8ec90c4c} - "F:\VerizonSWUpgradeAssistantLauncher.exe" HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [152064 2016-07-16] (Microsoft Corporation) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\lee\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\lee\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\lee\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.) ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.) ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.) ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\VerizonCloud\x64\Sncr.Overlays.dll [2015-12-03] (Synchronoss Technologies Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll [2017-03-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\lee\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\lee\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\lee\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\lee\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-07-15] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-11] ShortcutTarget: Dropbox.lnk -> C:\Users\lee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014-09-05] ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 127.0.0.1 pc-gizmos-ssl.com www.pc-gizmos-ssl.com # added by PC-Gizmos.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{11b3bbda-747e-497f-bb44-368ebed9cde7}: [DhcpNameServer] 82.163.142.7 Tcpip\..\Interfaces\{7f6d6f23-aae6-4cf7-b7e1-33d89b56d081}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{7f6d6f23-aae6-4cf7-b7e1-33d89b56d081}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{99412feb-a962-4dde-8c31-69ee68933d11}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{99412feb-a962-4dde-8c31-69ee68933d11}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{be5bb290-62e1-4fad-935b-6f086afe89fc}: [DhcpNameServer] 82.163.142.7 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {5C8EA8D3-8D6B-4614-A182-94576FCAF48D} URL = SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-12-28] (Qualcomm Atheros Commnucations) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security) BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-12-28] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-28] (Oracle Corporation) Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-28] (AO Kaspersky Lab) Handler-x32: x-atng - {7e8717b0-d862-11d5-8c9e-00010304f989} - C:\Program Files (x86)\Fidelity Investments\Fidelity Active Trader\System\atngprot.dll [2013-05-01] (Fidelity Investments) FireFox: ======== FF ProfilePath: C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\ivdgeazw.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-16] () FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-09-20] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-16] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File] FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-30] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-30] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-12-28] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-12-28] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-02-14] (RocketLife, LLP) FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-12] (Sony Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2636966743-1504812990-2223948466-1001: @citrixonline.com/appdetectorplugin -> C:\Users\lee\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-01-11] (Citrix Online) FF Plugin HKU\S-1-5-21-2636966743-1504812990-2223948466-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\lee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2636966743-1504812990-2223948466-1001: @talk.google.com/O1DPlugin -> C:\Users\lee\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-2636966743-1504812990-2223948466-1001: @tools.google.com/Google Update;version=3 -> C:\Users\lee\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin HKU\S-1-5-21-2636966743-1504812990-2223948466-1001: @tools.google.com/Google Update;version=9 -> C:\Users\lee\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\lee\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\lee\AppData\Roaming\mozilla\plugins\npMeetingJoinPluginAOCUser.dll [2013-05-25] () FF Plugin ProgramFiles/Appdata: C:\Users\lee\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-01-25] [not signed] FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-28] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-12-09] [not signed] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi Chrome: ======= CHR HomePage: Default -> hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_amnis_16_04¶m1=1¶m2=f%3D1%26b%3DChrome%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutAtD0Fzy0E0DyEtBtA0F0EyE0A0FtBtAtN0D0Tzu0StCyEzytDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2StAtAzzzy0A0AzytCtGyBtB0A0DtGyDzz0AtBtGyCyBzzzztGzztC0B0EyC0EzzzytDyE0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0F0EtBzzzzyBtCtGtDzzzz0CtGyEyB0DzztG0BzztAzytGzztByC0BzztAzzzztCzy0F0A2QtN0A0LzutB%26cr%3D459037637%26a%3Dwncy_amnis_16_04%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Profile: C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-20] CHR Extension: (Google Drive) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01] CHR Extension: (YouTube) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01] CHR Extension: (Google Search) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2016-12-09] CHR Extension: (Kaspersky Protection) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-06] CHR Extension: (Google Docs Offline) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-01] CHR Extension: (Hunter) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhmanijnjhaffoampdlllchpolkdnj [2017-03-08] CHR Extension: (Google Hangouts) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-02-21] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-23] CHR Extension: (Chrome Web Store Payments) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08] CHR Extension: (Gmail) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03] CHR Extension: (Chrome Media Router) - C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10] CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib CHR HKU\S-1-5-21-2636966743-1504812990-2223948466-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S4 AppVClient; C:\Windows\system32\AppVClient.exe [822624 2016-12-14] (Microsoft Corporation) R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab) S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [486936 2016-12-13] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [470552 2016-12-13] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [511512 2016-12-13] (BlueStack Systems, Inc.) S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation) R2 CDPUserSvc_44a441; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 CDPUserSvc_44a441; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] () S3 FrameServer; C:\Windows\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319096 2016-05-12] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-30] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-30] (Intel Corporation) R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336 2017-01-27] (LogMeIn, Inc.) R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [509448 2017-01-27] (LogMeIn, Inc.) R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.) R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC) R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39918080 2016-11-28] () [File not signed] R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed] S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [505024 2016-12-16] (Sony Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed] R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] S3 RmSvc; C:\Windows\System32\RMapi.dll [140800 2016-09-15] (Microsoft Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation) S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-05-23] (Sony Corporation) [File not signed] S2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] () R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation) S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.) S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.) S4 UevAgentService; C:\Windows\system32\AgentService.exe [1227264 2016-07-16] (Microsoft Corporation) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] () S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [635904 2017-03-04] (Microsoft Corporation) S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation) S3 WpnUserService_44a441; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 WpnUserService_44a441; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation) S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [29696 2016-03-02] (LG Electronics Inc.) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-03-02] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-03-02] (LG Electronics Inc.) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation) S3 AppvStrm; C:\Windows\system32\drivers\AppvStrm.sys [127328 2016-09-15] (Microsoft Corporation) S3 AppvVemgr; C:\Windows\system32\drivers\AppvVemgr.sys [157024 2016-07-16] (Microsoft Corporation) S3 AppvVfs; C:\Windows\system32\drivers\AppvVfs.sys [141152 2016-07-16] (Microsoft Corporation) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-12-13] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-11-08] (Bluestack System Inc. ) S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications) R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-09-16] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation) S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [48992 2016-11-02] (Microsoft Corporation) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-08] (AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [196376 2017-03-14] (AO Kaspersky Lab) R1 klhk; C:\Windows\System32\drivers\klhk.sys [509728 2017-03-14] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1017624 2017-03-14] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2016-12-28] (AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-06-01] (AO Kaspersky Lab) R3 kltap; C:\Windows\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-28] (AO Kaspersky Lab) R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-01] (AO Kaspersky Lab) R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-28] (AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-28] (AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-28] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [136416 2017-03-14] (AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2017-03-14] (AO Kaspersky Lab) R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [30448 2017-01-27] (LogMeIn, Inc.) S4 LMIRfsClientNP; no ImagePath S0 megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies) S3 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [179040 2016-07-16] (Microsoft Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-15] (CACE Technologies, Inc.) S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies) R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-23] (REDC) R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-23] (REDC) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation) S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation) S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] () R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2014-04-08] () R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation) S4 UevAgentDriver; C:\Windows\system32\drivers\UevAgentDriver.sys [40288 2016-07-16] (Microsoft Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-09-15] (Microsoft Corporation) R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-17 07:57 - 2017-03-17 07:58 - 00043347 _____ C:\Users\lee\Desktop\FRST.txt 2017-03-16 20:08 - 2017-03-16 20:08 - 06847064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2017-03-16 08:19 - 2017-03-16 08:19 - 00001034 _____ C:\Users\lee\Downloads\237007ad61dd460993afbf94b12cc4ec.ics 2017-03-15 20:18 - 2017-03-10 01:17 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-03-15 20:18 - 2017-03-10 01:17 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-14 17:39 - 2017-03-04 02:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2017-03-14 17:39 - 2017-03-04 02:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-03-14 17:39 - 2017-03-04 02:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-03-14 17:39 - 2017-03-04 02:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-03-14 17:39 - 2017-03-04 02:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-03-14 17:39 - 2017-03-04 02:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-03-14 17:39 - 2017-03-04 02:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-03-14 17:39 - 2017-03-04 02:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-03-14 17:39 - 2017-03-04 02:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-03-14 17:39 - 2017-03-04 02:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-03-14 17:39 - 2017-03-04 02:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-03-14 17:39 - 2017-03-04 02:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-03-14 17:39 - 2017-03-04 02:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-03-14 17:39 - 2017-03-04 02:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-03-14 17:39 - 2017-03-04 02:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-03-14 17:39 - 2017-03-04 02:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-03-14 17:39 - 2017-03-04 02:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-03-14 17:39 - 2017-03-04 02:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-03-14 17:39 - 2017-03-04 02:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-03-14 17:38 - 2017-03-04 03:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-03-14 17:38 - 2017-03-04 03:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-03-14 17:38 - 2017-03-04 03:44 - 01470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-03-14 17:38 - 2017-03-04 03:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-03-14 17:38 - 2017-03-04 03:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2017-03-14 17:38 - 2017-03-04 03:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2017-03-14 17:38 - 2017-03-04 03:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-03-14 17:38 - 2017-03-04 03:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll 2017-03-14 17:38 - 2017-03-04 03:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-03-14 17:38 - 2017-03-04 03:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2017-03-14 17:38 - 2017-03-04 03:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-03-14 17:38 - 2017-03-04 03:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2017-03-14 17:38 - 2017-03-04 03:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-03-14 17:38 - 2017-03-04 03:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-03-14 17:38 - 2017-03-04 03:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll 2017-03-14 17:38 - 2017-03-04 03:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL 2017-03-14 17:38 - 2017-03-04 02:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-03-14 17:38 - 2017-03-04 02:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2017-03-14 17:38 - 2017-03-04 02:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2017-03-14 17:38 - 2017-03-04 02:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-03-14 17:38 - 2017-03-04 02:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-03-14 17:38 - 2017-03-04 02:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-03-14 17:38 - 2017-03-04 02:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-03-14 17:38 - 2017-03-04 02:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-03-14 17:38 - 2017-03-04 02:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-03-14 17:38 - 2017-03-04 02:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2017-03-14 17:38 - 2017-03-04 02:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-03-14 17:38 - 2017-03-04 02:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2017-03-14 17:38 - 2017-03-04 02:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2017-03-14 17:38 - 2017-03-04 02:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-03-14 17:38 - 2017-03-04 02:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-03-14 17:38 - 2017-03-04 02:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll 2017-03-14 17:38 - 2017-03-04 02:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2017-03-14 17:38 - 2017-03-04 02:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-03-14 17:38 - 2017-03-04 02:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2017-03-14 17:38 - 2017-03-04 02:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-03-14 17:38 - 2017-03-04 02:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-03-14 17:38 - 2017-03-04 02:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-03-14 17:38 - 2017-03-04 02:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2017-03-14 17:38 - 2017-03-04 02:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2017-03-14 17:38 - 2017-03-04 02:36 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PJLMON.DLL 2017-03-14 17:38 - 2017-03-04 02:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2017-03-14 17:38 - 2017-03-04 02:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-03-14 17:38 - 2017-03-04 02:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-03-14 17:38 - 2017-03-04 02:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-03-14 17:38 - 2017-03-04 02:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-03-14 17:38 - 2017-03-04 02:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-03-14 17:38 - 2017-03-04 02:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll 2017-03-14 17:38 - 2017-03-04 02:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll 2017-03-14 17:38 - 2017-03-04 02:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll 2017-03-14 17:38 - 2017-03-04 02:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll 2017-03-14 17:38 - 2017-03-04 02:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-03-14 17:38 - 2017-03-04 02:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-03-14 17:38 - 2017-03-04 02:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2017-03-14 17:38 - 2017-03-04 02:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll 2017-03-14 17:38 - 2017-03-04 02:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-03-14 17:38 - 2017-03-04 02:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll 2017-03-14 17:38 - 2017-03-04 02:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2017-03-14 17:38 - 2017-03-04 02:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe 2017-03-14 17:38 - 2017-03-04 02:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-03-14 17:38 - 2017-03-04 02:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll 2017-03-14 17:38 - 2017-03-04 02:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2017-03-14 17:38 - 2017-03-04 02:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll 2017-03-14 17:38 - 2017-03-04 02:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-03-14 17:38 - 2017-03-04 02:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll 2017-03-14 17:38 - 2017-03-04 02:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-03-14 17:38 - 2017-03-04 02:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-03-14 17:38 - 2017-03-04 02:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2017-03-14 17:38 - 2017-03-04 02:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-03-14 17:38 - 2017-03-04 02:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-03-14 17:38 - 2017-03-04 02:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2017-03-14 17:38 - 2017-03-04 02:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-03-14 17:38 - 2017-03-04 02:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl 2017-03-14 17:38 - 2017-03-04 02:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll 2017-03-14 17:38 - 2017-03-04 02:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-03-14 17:38 - 2017-03-04 02:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2017-03-14 17:38 - 2017-03-04 02:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2017-03-14 17:38 - 2017-03-04 02:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2017-03-14 17:38 - 2017-03-04 02:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-03-14 17:38 - 2017-03-04 02:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-03-14 17:38 - 2017-03-04 02:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2017-03-14 17:38 - 2017-03-04 02:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2017-03-14 17:38 - 2017-03-04 02:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-03-14 17:38 - 2017-03-04 02:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-03-14 17:38 - 2017-03-04 02:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe 2017-03-14 17:38 - 2017-03-04 02:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-03-14 17:38 - 2017-03-04 02:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll 2017-03-14 17:38 - 2017-03-04 02:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-03-14 17:38 - 2017-03-04 02:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-03-14 17:38 - 2017-03-04 02:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-03-14 17:38 - 2017-03-04 02:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-03-14 17:38 - 2017-03-04 02:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2017-03-14 17:38 - 2017-03-04 02:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-03-14 17:38 - 2017-03-04 02:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-03-14 17:38 - 2017-03-04 02:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-03-14 17:38 - 2017-03-04 02:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2017-03-14 17:38 - 2017-03-04 02:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll 2017-03-14 17:38 - 2017-03-04 02:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-03-14 17:38 - 2017-03-04 02:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-03-14 17:38 - 2017-03-04 02:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2017-03-14 17:38 - 2017-03-04 02:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-03-14 17:38 - 2017-03-04 02:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2017-03-14 17:38 - 2017-03-04 02:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-03-14 17:38 - 2017-03-04 02:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-03-14 17:38 - 2017-03-04 02:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-03-14 17:38 - 2017-03-04 02:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2017-03-14 17:38 - 2017-03-04 02:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe 2017-03-14 17:38 - 2017-03-04 02:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll 2017-03-14 17:38 - 2017-03-04 02:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-03-14 17:38 - 2017-03-04 02:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2017-03-14 17:38 - 2017-03-04 02:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-03-14 17:38 - 2017-03-04 02:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2017-03-14 17:38 - 2017-03-04 02:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-03-14 17:38 - 2017-03-04 02:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-03-14 17:38 - 2017-03-04 02:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-03-14 17:38 - 2017-03-04 02:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-03-14 17:38 - 2017-03-04 02:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-03-14 17:38 - 2017-03-04 02:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2017-03-14 17:38 - 2017-03-04 02:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-03-14 17:38 - 2017-03-04 02:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2017-03-14 17:38 - 2017-03-04 02:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2017-03-14 17:38 - 2017-03-04 02:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-03-14 17:38 - 2017-03-04 02:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-03-14 17:38 - 2017-03-04 02:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-03-14 17:38 - 2017-03-04 02:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-03-14 17:38 - 2017-03-04 02:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-03-14 17:38 - 2017-03-04 02:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll 2017-03-14 17:38 - 2017-03-04 02:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll 2017-03-14 17:38 - 2017-03-04 02:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll 2017-03-14 17:38 - 2017-03-04 02:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-03-14 17:38 - 2017-03-04 02:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2017-03-14 17:38 - 2017-03-04 02:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2017-03-14 17:38 - 2017-03-04 02:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-03-14 17:38 - 2017-03-04 02:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2017-03-14 17:38 - 2017-03-04 02:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-03-14 17:38 - 2017-03-04 02:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-03-14 17:38 - 2017-03-04 02:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2017-03-14 17:38 - 2017-03-04 02:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2017-03-14 17:38 - 2017-03-04 02:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll 2017-03-14 17:38 - 2017-03-04 02:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-03-14 17:38 - 2017-03-04 02:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2017-03-14 17:38 - 2017-03-04 02:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-03-14 17:38 - 2017-03-04 01:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2017-03-14 17:38 - 2017-03-04 01:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2017-03-14 17:38 - 2017-03-04 01:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-03-14 17:38 - 2017-03-04 01:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-03-14 17:38 - 2017-03-04 01:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-03-14 17:38 - 2017-03-04 01:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll 2017-03-14 17:38 - 2017-03-04 01:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-03-14 17:37 - 2017-03-04 03:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-03-14 17:37 - 2017-03-04 03:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2017-03-14 17:37 - 2017-03-04 03:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll 2017-03-14 17:37 - 2017-03-04 03:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2017-03-14 17:37 - 2017-03-04 03:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2017-03-14 17:37 - 2017-03-04 03:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-03-14 17:37 - 2017-03-04 03:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-03-14 17:37 - 2017-03-04 03:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2017-03-14 17:37 - 2017-03-04 03:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2017-03-14 17:37 - 2017-03-04 03:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-03-14 17:37 - 2017-03-04 03:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-03-14 17:37 - 2017-03-04 03:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-03-14 17:37 - 2017-03-04 03:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-03-14 17:37 - 2017-03-04 03:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-03-14 17:37 - 2017-03-04 03:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2017-03-14 17:37 - 2017-03-04 03:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-03-14 17:37 - 2017-03-04 03:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-03-14 17:37 - 2017-03-04 03:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2017-03-14 17:37 - 2017-03-04 03:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-03-14 17:37 - 2017-03-04 03:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2017-03-14 17:37 - 2017-03-04 03:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2017-03-14 17:37 - 2017-03-04 02:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-03-14 17:37 - 2017-03-04 02:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-03-14 17:37 - 2017-03-04 02:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-03-14 17:37 - 2017-03-04 02:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll 2017-03-14 17:37 - 2017-03-04 02:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-03-14 17:37 - 2017-03-04 02:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2017-03-14 17:37 - 2017-03-04 02:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-03-14 17:37 - 2017-03-04 02:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-03-14 17:37 - 2017-03-04 02:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-03-14 17:37 - 2017-03-04 02:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-03-14 17:37 - 2017-03-04 02:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-03-14 17:37 - 2017-03-04 02:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-03-14 17:37 - 2017-03-04 02:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-03-14 17:37 - 2017-03-04 02:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2017-03-14 17:37 - 2017-03-04 02:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-03-14 17:37 - 2017-03-04 02:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll 2017-03-14 17:37 - 2017-03-04 02:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe 2017-03-14 17:37 - 2017-03-04 02:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2017-03-14 17:37 - 2017-03-04 02:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-03-14 17:37 - 2017-03-04 02:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll 2017-03-14 17:37 - 2017-03-04 02:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-03-14 17:37 - 2017-03-04 02:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-03-14 17:37 - 2017-03-04 02:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2017-03-14 17:37 - 2017-03-04 02:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2017-03-14 17:37 - 2017-03-04 02:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-03-14 17:37 - 2017-03-04 02:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-03-14 17:37 - 2017-03-04 02:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-03-14 17:37 - 2017-03-04 02:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2017-03-14 17:37 - 2017-03-04 02:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll 2017-03-14 17:37 - 2017-03-04 02:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2017-03-14 17:37 - 2017-03-04 02:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2017-03-14 17:37 - 2017-03-04 02:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2017-03-14 17:37 - 2017-03-04 02:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2017-03-14 17:37 - 2017-03-04 02:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2017-03-14 17:37 - 2017-03-04 02:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll 2017-03-14 17:37 - 2017-03-04 02:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2017-03-14 17:37 - 2017-03-04 02:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll 2017-03-14 17:37 - 2017-03-04 02:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll 2017-03-14 17:37 - 2017-03-04 02:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2017-03-14 17:37 - 2017-03-04 02:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-03-14 17:37 - 2017-03-04 02:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2017-03-14 17:37 - 2017-03-04 02:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2017-03-14 17:37 - 2017-03-04 02:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll 2017-03-14 17:37 - 2017-03-04 02:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2017-03-14 17:37 - 2017-03-04 02:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-03-14 17:37 - 2017-03-04 02:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2017-03-14 17:37 - 2017-03-04 02:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-03-14 17:37 - 2017-03-04 02:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-03-14 17:37 - 2017-03-04 02:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2017-03-14 17:37 - 2017-03-04 02:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL 2017-03-14 17:37 - 2017-03-04 02:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-03-14 17:37 - 2017-03-04 02:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-03-14 17:37 - 2017-03-04 02:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-03-14 17:37 - 2017-03-04 02:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2017-03-14 17:37 - 2017-03-04 02:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-03-14 17:37 - 2017-03-04 02:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe 2017-03-14 17:37 - 2017-03-04 02:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll 2017-03-14 17:37 - 2017-03-04 02:21 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2017-03-14 17:37 - 2017-03-04 02:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-03-14 17:37 - 2017-03-04 02:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-03-14 17:37 - 2017-03-04 02:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-03-14 17:37 - 2017-03-04 02:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-03-14 17:37 - 2017-03-04 02:19 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys 2017-03-14 17:37 - 2017-03-04 02:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-03-14 17:37 - 2017-03-04 02:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-03-14 17:37 - 2017-03-04 02:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2017-03-14 17:37 - 2017-03-04 02:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll 2017-03-14 17:37 - 2017-03-04 02:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe 2017-03-14 17:37 - 2017-03-04 02:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-03-14 17:37 - 2017-03-04 02:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-03-14 17:37 - 2017-03-04 02:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-03-14 17:37 - 2017-03-04 02:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-03-14 17:37 - 2017-03-04 02:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2017-03-14 17:37 - 2017-03-04 02:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-03-14 17:37 - 2017-03-04 02:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-03-14 17:37 - 2017-03-04 02:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-03-14 17:37 - 2017-03-04 02:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-03-14 17:37 - 2017-03-04 02:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-03-14 17:37 - 2017-03-04 02:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-03-14 17:37 - 2017-03-04 02:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2017-03-14 17:37 - 2017-03-04 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll 2017-03-14 17:37 - 2017-03-04 02:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-03-14 17:37 - 2017-03-04 02:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-03-14 17:37 - 2017-03-04 02:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2017-03-14 17:37 - 2017-03-04 02:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2017-03-14 17:37 - 2017-03-04 02:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2017-03-14 17:37 - 2017-03-04 02:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2017-03-14 17:37 - 2017-03-04 02:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2017-03-14 17:37 - 2017-03-04 02:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2017-03-14 17:37 - 2017-03-04 02:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-03-14 17:37 - 2017-03-04 02:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-03-14 17:37 - 2017-03-04 02:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2017-03-14 17:37 - 2017-03-04 02:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-03-14 17:37 - 2017-03-04 02:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-03-14 17:37 - 2017-03-04 02:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-03-14 17:37 - 2017-03-04 02:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2017-03-14 17:37 - 2017-03-04 02:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-03-14 17:37 - 2017-03-04 02:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2017-03-14 17:37 - 2017-03-04 02:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2017-03-14 17:37 - 2017-03-04 02:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2017-03-14 17:37 - 2017-03-04 02:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2017-03-14 17:37 - 2017-03-04 02:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2017-03-14 17:37 - 2017-03-04 02:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-03-14 17:37 - 2017-03-04 02:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2017-03-14 17:37 - 2017-03-04 02:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-03-14 17:37 - 2017-03-04 02:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-03-14 17:37 - 2017-03-04 02:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2017-03-14 17:37 - 2017-03-04 02:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2017-03-14 17:37 - 2017-03-04 02:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2017-03-14 17:37 - 2017-03-04 02:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-03-14 17:37 - 2017-03-04 02:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-03-14 17:37 - 2017-03-04 02:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2017-03-14 17:37 - 2017-03-04 02:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll 2017-03-14 17:37 - 2017-03-04 02:03 - 00119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll 2017-03-14 17:37 - 2017-03-04 02:02 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll 2017-03-14 17:37 - 2017-03-04 02:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2017-03-14 17:37 - 2017-02-21 22:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml 2017-03-14 17:36 - 2017-03-04 03:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-03-14 17:36 - 2017-03-04 03:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-03-14 17:36 - 2017-03-04 03:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-03-14 17:36 - 2017-03-04 03:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-03-14 17:36 - 2017-03-04 03:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL 2017-03-14 17:36 - 2017-03-04 03:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2017-03-14 17:36 - 2017-03-04 03:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-03-14 17:36 - 2017-03-04 03:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2017-03-14 17:36 - 2017-03-04 03:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-03-14 17:36 - 2017-03-04 03:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-03-14 17:36 - 2017-03-04 03:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-03-14 17:36 - 2017-03-04 03:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2017-03-14 17:36 - 2017-03-04 03:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-03-14 17:36 - 2017-03-04 03:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2017-03-14 17:36 - 2017-03-04 03:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-03-14 17:36 - 2017-03-04 03:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2017-03-14 17:36 - 2017-03-04 03:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-03-14 17:36 - 2017-03-04 03:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-03-14 17:36 - 2017-03-04 03:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2017-03-14 17:36 - 2017-03-04 03:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2017-03-14 17:36 - 2017-03-04 03:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll 2017-03-14 17:36 - 2017-03-04 03:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2017-03-14 17:36 - 2017-03-04 03:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-03-14 17:36 - 2017-03-04 03:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-03-14 17:36 - 2017-03-04 02:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-03-14 17:36 - 2017-03-04 02:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-03-14 17:36 - 2017-03-04 02:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2017-03-14 17:36 - 2017-03-04 02:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll 2017-03-14 17:36 - 2017-03-04 02:34 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dggpext.dll 2017-03-14 17:36 - 2017-03-04 02:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-03-14 17:36 - 2017-03-04 02:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2017-03-14 17:36 - 2017-03-04 02:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll 2017-03-14 17:36 - 2017-03-04 02:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2017-03-14 17:36 - 2017-03-04 02:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll 2017-03-14 17:36 - 2017-03-04 02:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-03-14 17:36 - 2017-03-04 02:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-03-14 17:36 - 2017-03-04 02:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll 2017-03-14 17:36 - 2017-03-04 02:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2017-03-14 17:36 - 2017-03-04 02:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2017-03-14 17:36 - 2017-03-04 02:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2017-03-14 17:36 - 2017-03-04 02:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-03-14 17:36 - 2017-03-04 02:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-03-14 17:36 - 2017-03-04 02:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2017-03-14 17:36 - 2017-03-04 02:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-03-14 17:36 - 2017-03-04 02:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll 2017-03-14 17:36 - 2017-03-04 02:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-03-14 17:36 - 2017-03-04 02:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2017-03-14 17:36 - 2017-03-04 02:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-03-14 17:36 - 2017-03-04 02:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2017-03-14 17:36 - 2017-03-04 02:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-03-14 17:36 - 2017-03-04 02:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll 2017-03-14 17:36 - 2017-03-04 02:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2017-03-14 17:36 - 2017-03-04 02:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-03-14 17:36 - 2017-03-04 02:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-03-14 17:36 - 2017-03-04 02:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2017-03-14 17:36 - 2017-03-04 02:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-03-14 17:36 - 2017-03-04 02:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-03-14 17:36 - 2017-03-04 02:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-03-14 17:36 - 2017-03-04 02:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll 2017-03-14 17:36 - 2017-03-04 02:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2017-03-14 17:36 - 2017-03-04 02:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-03-14 17:36 - 2017-03-04 02:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2017-03-14 17:36 - 2017-03-04 02:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2017-03-14 17:36 - 2017-03-04 02:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-03-14 17:36 - 2017-03-04 02:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-03-14 17:36 - 2017-03-04 02:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-03-14 17:36 - 2017-03-04 02:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2017-03-14 17:36 - 2017-03-04 02:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-03-14 17:36 - 2017-03-04 02:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-03-14 17:36 - 2017-03-04 02:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2017-03-14 17:36 - 2017-03-04 02:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-03-14 17:36 - 2017-03-04 02:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-03-14 17:36 - 2017-03-04 02:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll 2017-03-14 17:36 - 2017-03-04 02:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-03-14 17:36 - 2017-03-04 02:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-03-14 17:36 - 2017-03-04 02:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-03-14 17:36 - 2017-03-04 02:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-03-14 17:36 - 2017-03-04 02:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-03-14 17:36 - 2017-03-04 02:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2017-03-14 17:36 - 2017-03-04 02:16 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll 2017-03-14 17:36 - 2017-03-04 02:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-03-14 17:36 - 2017-03-04 02:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-03-14 17:36 - 2017-03-04 02:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2017-03-14 17:36 - 2017-03-04 02:15 - 01345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll 2017-03-14 17:36 - 2017-03-04 02:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2017-03-14 17:36 - 2017-03-04 02:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll 2017-03-14 17:36 - 2017-03-04 02:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll 2017-03-14 17:36 - 2017-03-04 02:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-03-14 17:36 - 2017-03-04 02:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-03-14 17:36 - 2017-03-04 02:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-03-14 17:36 - 2017-03-04 02:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-03-14 17:36 - 2017-03-04 02:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-03-14 17:36 - 2017-03-04 02:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2017-03-14 17:36 - 2017-03-04 02:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2017-03-14 17:36 - 2017-03-04 02:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2017-03-14 17:36 - 2017-03-04 02:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-03-14 17:36 - 2017-03-04 02:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-03-14 17:36 - 2017-03-04 02:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-03-14 17:36 - 2017-03-04 02:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-03-14 17:36 - 2017-03-04 02:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-03-14 17:36 - 2017-03-04 02:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2017-03-14 17:36 - 2017-03-04 02:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-03-14 17:36 - 2017-03-04 02:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-03-14 17:36 - 2017-03-04 02:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-03-14 17:36 - 2017-03-04 02:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-03-14 17:36 - 2017-03-04 02:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-03-14 17:36 - 2017-03-04 02:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-03-14 17:36 - 2017-03-04 02:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-03-14 17:36 - 2017-03-04 02:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-03-14 17:36 - 2017-03-04 02:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-03-14 17:36 - 2017-03-04 02:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-03-14 17:36 - 2017-03-04 02:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-03-14 17:36 - 2017-03-04 02:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-03-14 17:36 - 2017-03-04 02:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-03-14 17:36 - 2017-03-04 02:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-03-14 17:36 - 2017-03-04 02:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-03-14 17:36 - 2017-03-04 02:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2017-03-14 17:36 - 2017-03-04 02:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-03-14 17:35 - 2017-03-04 03:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-03-14 17:35 - 2017-03-04 03:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2017-03-14 17:35 - 2017-03-04 03:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2017-03-14 17:35 - 2017-03-04 03:27 - 02170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-03-14 17:35 - 2017-03-04 03:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-03-14 17:35 - 2017-03-04 03:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-03-14 17:35 - 2017-03-04 03:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-03-14 17:35 - 2017-03-04 03:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2017-03-14 17:35 - 2017-03-04 03:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-03-14 17:35 - 2017-03-04 03:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-03-14 17:35 - 2017-03-04 03:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-03-14 17:35 - 2017-03-04 03:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2017-03-14 17:35 - 2017-03-04 03:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2017-03-14 17:35 - 2017-03-04 03:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-03-14 17:35 - 2017-03-04 03:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2017-03-14 17:35 - 2017-03-04 03:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2017-03-14 17:35 - 2017-03-04 03:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2017-03-14 17:35 - 2017-03-04 03:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-03-14 17:35 - 2017-03-04 03:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-03-14 17:35 - 2017-03-04 03:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-03-14 17:35 - 2017-03-04 03:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2017-03-14 17:35 - 2017-03-04 03:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2017-03-14 17:35 - 2017-03-04 03:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-03-14 17:35 - 2017-03-04 03:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-03-14 17:35 - 2017-03-04 03:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-03-14 17:35 - 2017-03-04 03:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-03-14 17:35 - 2017-03-04 03:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-03-14 17:35 - 2017-03-04 03:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-03-14 17:35 - 2017-03-04 03:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-03-14 17:35 - 2017-03-04 03:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-03-14 17:35 - 2017-03-04 03:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2017-03-14 17:35 - 2017-03-04 03:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2017-03-14 17:35 - 2017-03-04 03:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2017-03-14 17:35 - 2017-03-04 03:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-03-14 17:35 - 2017-03-04 03:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-03-14 17:35 - 2017-03-04 03:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll 2017-03-14 17:35 - 2017-03-04 03:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-03-14 17:35 - 2017-03-04 03:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2017-03-14 17:35 - 2017-03-04 02:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-03-14 17:35 - 2017-03-04 02:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-03-14 17:35 - 2017-03-04 02:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-03-14 17:35 - 2017-03-04 02:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2017-03-14 17:35 - 2017-03-04 02:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2017-03-14 17:35 - 2017-03-04 02:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-03-14 17:35 - 2017-03-04 02:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll 2017-03-14 17:35 - 2017-03-04 02:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll 2017-03-14 17:35 - 2017-03-04 02:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-03-14 17:35 - 2017-03-04 02:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2017-03-14 17:35 - 2017-03-04 02:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-03-14 17:35 - 2017-03-04 02:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-03-14 17:35 - 2017-03-04 02:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll 2017-03-14 17:35 - 2017-03-04 02:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2017-03-14 17:35 - 2017-03-04 02:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-03-14 17:35 - 2017-03-04 02:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-03-14 17:35 - 2017-03-04 02:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2017-03-14 17:35 - 2017-03-04 02:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll 2017-03-14 17:35 - 2017-03-04 02:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll 2017-03-14 17:35 - 2017-03-04 02:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-03-14 17:35 - 2017-03-04 02:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-03-14 17:35 - 2017-03-04 02:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-03-14 17:35 - 2017-03-04 02:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll 2017-03-14 17:35 - 2017-03-04 02:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-03-14 17:35 - 2017-03-04 02:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-03-14 17:35 - 2017-03-04 02:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-03-14 17:35 - 2017-03-04 02:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-03-14 17:35 - 2017-03-04 02:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-03-14 17:35 - 2017-03-04 02:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll 2017-03-14 17:35 - 2017-03-04 02:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll 2017-03-14 17:35 - 2017-03-04 02:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll 2017-03-14 17:35 - 2017-03-04 02:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-03-14 17:35 - 2017-03-04 02:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-03-14 17:35 - 2017-03-04 02:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll 2017-03-14 17:35 - 2017-03-04 02:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-03-14 17:35 - 2017-03-04 02:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-03-14 17:35 - 2017-03-04 02:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-03-14 17:35 - 2017-03-04 02:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-03-14 17:35 - 2017-03-04 02:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-03-14 17:35 - 2017-03-04 02:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2017-03-14 17:35 - 2017-03-04 02:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-03-14 17:35 - 2017-03-04 02:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl 2017-03-14 17:35 - 2017-03-04 02:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-03-14 17:35 - 2017-03-04 02:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll 2017-03-14 17:35 - 2017-03-04 02:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2017-03-14 17:35 - 2017-03-04 02:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-03-14 17:35 - 2017-03-04 02:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-03-14 17:35 - 2017-03-04 02:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2017-03-14 17:35 - 2017-03-04 02:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2017-03-14 17:35 - 2017-03-04 02:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2017-03-14 17:35 - 2017-03-04 02:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll 2017-03-14 17:35 - 2017-03-04 02:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-03-14 17:35 - 2017-03-04 02:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2017-03-14 17:35 - 2017-03-04 02:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-03-14 17:35 - 2017-03-04 02:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-03-14 17:35 - 2017-03-04 02:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2017-03-14 17:35 - 2017-03-04 02:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2017-03-14 17:35 - 2017-03-04 02:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-03-14 17:35 - 2017-03-04 02:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-03-14 17:35 - 2017-03-04 02:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl 2017-03-14 17:35 - 2017-03-04 02:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2017-03-14 17:35 - 2017-03-04 02:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-03-14 17:35 - 2017-03-04 02:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-03-14 17:35 - 2017-03-04 02:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-03-14 17:35 - 2017-03-04 02:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2017-03-14 17:35 - 2017-03-04 02:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2017-03-14 17:35 - 2017-03-04 02:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-03-14 17:35 - 2017-03-04 02:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-03-14 17:35 - 2017-03-04 02:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe 2017-03-14 17:35 - 2017-03-04 02:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2017-03-14 17:35 - 2017-03-04 02:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe 2017-03-14 17:35 - 2017-03-04 02:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2017-03-14 17:35 - 2017-03-04 02:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2017-03-14 17:35 - 2017-03-04 02:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-03-14 17:35 - 2017-03-04 02:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2017-03-14 17:35 - 2017-03-04 02:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2017-03-14 17:35 - 2017-03-04 02:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-03-14 17:35 - 2017-03-04 02:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-03-14 17:35 - 2017-03-04 02:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2017-03-14 17:35 - 2017-03-04 02:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-03-14 17:35 - 2017-03-04 02:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2017-03-14 17:35 - 2017-03-04 02:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2017-03-14 17:35 - 2017-03-04 02:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-03-14 17:35 - 2017-03-04 02:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-03-14 17:35 - 2017-03-04 02:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-03-14 17:35 - 2017-03-04 02:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2017-03-14 17:35 - 2017-03-04 02:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2017-03-14 17:35 - 2017-03-04 02:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll 2017-03-14 17:35 - 2017-03-04 02:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-03-14 17:35 - 2017-03-04 02:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe 2017-03-14 17:35 - 2017-03-04 02:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-03-14 17:35 - 2017-03-04 02:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2017-03-14 17:35 - 2017-03-04 02:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2017-03-14 17:35 - 2017-03-04 02:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-03-14 17:35 - 2017-03-04 02:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2017-03-14 17:35 - 2017-03-04 02:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-03-14 17:35 - 2017-03-04 02:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe 2017-03-14 17:35 - 2017-03-04 02:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2017-03-14 17:35 - 2017-03-04 02:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2017-03-14 17:35 - 2017-03-04 02:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-03-14 17:35 - 2017-03-04 02:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2017-03-14 17:35 - 2017-03-04 02:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-03-14 17:35 - 2017-03-04 02:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-03-14 17:35 - 2017-03-04 02:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll 2017-03-14 17:35 - 2017-03-04 02:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2017-03-14 17:35 - 2017-03-04 02:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2017-03-14 17:35 - 2017-03-04 02:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-03-14 17:35 - 2017-03-04 02:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2017-03-14 17:35 - 2017-03-04 02:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-03-14 17:35 - 2017-03-04 02:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-03-14 17:35 - 2017-03-04 02:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-03-14 17:35 - 2017-03-04 02:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2017-03-14 17:35 - 2017-03-04 02:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll 2017-03-14 17:35 - 2017-03-04 02:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2017-03-14 17:35 - 2017-03-04 02:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2017-03-14 17:35 - 2017-03-04 02:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-03-14 17:35 - 2017-03-04 02:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-03-14 17:35 - 2017-03-04 02:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-03-14 17:35 - 2017-03-04 02:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2017-03-14 17:35 - 2017-03-04 02:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2017-03-14 17:35 - 2017-03-04 02:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-03-14 17:35 - 2017-03-04 02:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-03-14 17:35 - 2017-03-04 02:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-03-14 17:35 - 2017-03-04 02:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2017-03-14 17:35 - 2016-07-15 22:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll 2017-03-14 17:35 - 2016-07-15 22:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll 2017-03-14 17:35 - 2016-07-15 22:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll 2017-03-14 17:34 - 2016-05-29 14:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe 2017-03-10 19:01 - 2017-03-10 19:01 - 00000000 ____D C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-03-09 14:12 - 2017-03-09 14:12 - 00018650 _____ C:\Users\lee\Downloads\W6_PP2_Data (1).tab 2017-03-09 12:08 - 2017-03-09 12:08 - 00000506 _____ C:\Users\lee\Downloads\W6_PP2_Predict_Class.tab 2017-03-09 11:44 - 2017-03-09 11:44 - 00018650 _____ C:\Users\lee\Downloads\W6_PP2_Data.tab 2017-03-09 11:06 - 2017-03-09 11:06 - 00000000 ____D C:\Users\lee\AppData\Roaming\Orange 2017-03-09 11:06 - 2017-03-09 11:06 - 00000000 ____D C:\Users\lee\AppData\Roaming\biolab.si 2017-03-09 10:57 - 2017-03-09 10:57 - 00001556 _____ C:\Users\Public\Desktop\Orange Canvas.lnk 2017-03-09 10:57 - 2017-03-09 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange3 2017-03-09 10:52 - 2017-03-09 11:06 - 00000000 ____D C:\Python34 2017-03-09 10:52 - 2017-03-09 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4 2017-03-09 10:47 - 2017-03-09 10:49 - 168241224 _____ C:\Users\lee\Downloads\Orange3-3.4.0.win32-py3.4-install.exe 2017-03-08 14:02 - 2017-03-08 14:02 - 00001122 _____ C:\Users\lee\Documents\GCMusic - Shortcut.lnk 2017-03-07 12:07 - 2017-03-07 12:08 - 00564649 _____ C:\Users\lee\Downloads\Step 3 - Description of decisions and tradeoffs.pdf 2017-03-07 12:00 - 2017-03-07 12:00 - 00704486 _____ C:\Users\lee\Downloads\7. Delivery reliablity (1).pdf 2017-03-07 11:57 - 2017-03-07 11:57 - 00704486 _____ C:\Users\lee\Downloads\7. Delivery reliablity.pdf 2017-03-07 09:51 - 2017-03-07 09:51 - 00880506 _____ C:\Users\lee\Downloads\SC4x_MySQL_MT_Verified.sql 2017-03-07 09:04 - 2017-03-07 09:04 - 00621308 _____ C:\Users\lee\Downloads\TinyCo_Data_worked.xlsx 2017-03-07 09:04 - 2017-03-07 09:04 - 00000165 ____H C:\Users\lee\Downloads\~$TinyCo_Data_worked.xlsx 2017-03-06 14:44 - 2017-03-06 14:44 - 01089043 _____ C:\Users\lee\Downloads\Sc4x_GA_screwy_db (1).sql 2017-03-06 13:30 - 2017-03-06 13:30 - 00004728 _____ C:\Users\lee\Downloads\GGEbcEazO1k.txt 2017-03-06 13:29 - 2017-03-06 13:30 - 00006010 _____ C:\Users\lee\Downloads\ybHWdAUARmA.txt 2017-03-06 13:29 - 2017-03-06 13:29 - 00007771 _____ C:\Users\lee\Downloads\MqIFTU04iM8.txt 2017-03-06 13:29 - 2017-03-06 13:29 - 00005173 _____ C:\Users\lee\Downloads\zkCpTk-Zots.txt 2017-03-06 13:28 - 2017-03-06 13:28 - 00009742 _____ C:\Users\lee\Downloads\7hma0akfN_c.txt 2017-03-06 13:28 - 2017-03-06 13:28 - 00006320 _____ C:\Users\lee\Downloads\tXnyQ14UPKY.txt 2017-03-06 13:27 - 2017-03-06 13:27 - 00005403 _____ C:\Users\lee\Downloads\NBuSYrSeBV0.txt 2017-03-06 13:27 - 2017-03-06 13:27 - 00003789 _____ C:\Users\lee\Downloads\tJR4i2qicy8.txt 2017-03-03 15:29 - 2017-03-03 15:30 - 00000000 ____D C:\Users\lee\Documents\Alice 2017-03-01 09:07 - 2017-03-01 09:07 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys 2017-02-28 10:07 - 2017-02-28 10:07 - 01089043 _____ C:\Users\lee\Downloads\Sc4x_GA_screwy_db.sql 2017-02-28 09:58 - 2017-02-28 09:58 - 00427320 _____ () C:\Users\lee\Downloads\setup (10).exe 2017-02-28 08:25 - 2017-02-28 08:25 - 00001351 _____ C:\Users\lee\Downloads\SC4x_W3_PP2 (4).sql 2017-02-27 16:41 - 2017-02-27 16:41 - 00008657 _____ C:\Users\lee\Downloads\SC4x_GA2_store_sales.sql 2017-02-27 08:31 - 2017-02-27 08:31 - 00001351 _____ C:\Users\lee\Downloads\SC4x_W3_PP2 (3).sql 2017-02-26 14:37 - 2017-02-26 14:37 - 00001351 _____ C:\Users\lee\Downloads\SC4x_W3_PP2 (2).sql 2017-02-26 13:31 - 2017-02-26 13:31 - 00001351 _____ C:\Users\lee\Downloads\SC4x_W3_PP2 (1).sql 2017-02-25 13:27 - 2017-02-25 13:27 - 00003926 _____ C:\Users\lee\Downloads\SC4x_W3_Recitation_MySQL (1).sql 2017-02-25 13:23 - 2017-02-25 13:23 - 00001351 _____ C:\Users\lee\Downloads\SC4x_W3_PP2.sql 2017-02-25 12:42 - 2017-02-25 12:42 - 00003926 _____ C:\Users\lee\Downloads\SC4x_W3_Recitation_MySQL.sql 2017-02-25 12:03 - 2017-02-25 12:03 - 00000000 ____D C:\Users\lee\AppData\Roaming\MySQL 2017-02-25 11:57 - 2017-02-25 11:58 - 00000000 ____D C:\Program Files\MySQL 2017-02-25 11:51 - 2017-02-25 11:53 - 405422080 _____ C:\Users\lee\Downloads\mysql-installer-community-5.7.17.0 (1).msi 2017-02-25 11:46 - 2017-02-25 12:02 - 00000000 ____D C:\ProgramData\MySQL 2017-02-25 11:46 - 2017-02-25 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL 2017-02-25 11:46 - 2017-02-25 11:46 - 00000000 ____D C:\WINDOWS\System32\Tasks\MySQL 2017-02-25 11:46 - 2017-02-25 11:46 - 00000000 ____D C:\Program Files (x86)\MySQL 2017-02-25 11:43 - 2017-02-25 11:44 - 405422080 _____ C:\Users\lee\Downloads\mysql-installer-community-5.7.17.0.msi 2017-02-24 13:55 - 2017-02-24 13:55 - 00062021 _____ C:\Users\lee\Downloads\contacts.csv 2017-02-24 13:53 - 2017-02-24 13:53 - 02632981 _____ C:\Users\lee\Downloads\vcards_20170224_124904.vcf 2017-02-24 13:34 - 2017-02-24 13:34 - 00527702 _____ C:\Users\lee\Downloads\google.csv 2017-02-24 12:23 - 2017-02-24 12:23 - 00000066 _____ C:\Users\lee\Downloads\report.csv 2017-02-24 12:05 - 2017-02-24 12:05 - 00123852 _____ C:\Users\lee\Downloads\SearchExport.csv 2017-02-24 11:06 - 2017-02-24 11:06 - 00000228 _____ C:\Users\lee\Downloads\members_1_98_bounces_Feb_24_2017.csv 2017-02-24 11:00 - 2017-02-24 11:00 - 00005891 _____ C:\Users\lee\Downloads\members_PE_100_1067_bounces_Feb_24_2017.csv 2017-02-24 10:03 - 2017-02-24 10:03 - 01509230 _____ C:\Users\lee\Downloads\blacky.1.0.6.zip 2017-02-23 13:06 - 2017-02-23 13:06 - 00000792 _____ C:\Users\lee\Downloads\addtocalendar-69e3bc8eb59d2f932e1187b37771df60.ics 2017-02-23 11:43 - 2017-02-23 11:43 - 00032211 _____ C:\Users\lee\Downloads\members_export_52612c6960.zip 2017-02-21 17:25 - 2017-02-21 17:25 - 00171849 _____ C:\Users\lee\Documents\Donation Text.pdf 2017-02-16 14:04 - 2017-02-16 14:04 - 00478223 _____ C:\Users\lee\Downloads\US3920157.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-17 07:57 - 2016-02-07 09:23 - 00000000 ____D C:\FRST 2017-03-17 07:56 - 2016-11-27 18:19 - 00000000 ____D C:\WINDOWS\Minidump 2017-03-17 07:56 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2017-03-17 07:56 - 2016-07-16 07:45 - 00000000 ____D C:\WINDOWS\INF 2017-03-17 07:55 - 2013-07-11 10:11 - 00000000 ____D C:\Users\lee\Documents\Lee 2017-03-17 07:54 - 2012-12-10 14:12 - 00000000 ____D C:\Users\lee\Documents\Outlook Files 2017-03-17 07:52 - 2017-02-03 10:09 - 00000000 ____D C:\Program Files\CCleaner 2017-03-17 07:50 - 2016-09-16 15:12 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-03-17 07:50 - 2013-07-24 09:41 - 00000000 ____D C:\ProgramData\LogMeIn 2017-03-16 20:08 - 2016-12-20 10:50 - 00004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2017-03-16 20:08 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-03-16 20:08 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-03-16 19:47 - 2012-09-20 23:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2017-03-16 16:07 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-03-16 14:44 - 2016-07-16 07:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-15 22:48 - 2013-03-14 15:38 - 00000000 ___RD C:\Users\lee\Google Drive 2017-03-15 22:47 - 2016-09-16 15:19 - 00000000 ____D C:\Users\lee 2017-03-15 22:46 - 2014-06-12 17:39 - 00000000 __SHD C:\Users\lee\IntelGraphicsProfiles 2017-03-15 22:46 - 2013-11-25 06:23 - 00000000 ____D C:\Temp 2017-03-15 22:46 - 2012-11-11 21:13 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-03-15 20:28 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-03-15 20:28 - 2016-07-16 07:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-03-15 20:23 - 2016-01-16 13:03 - 01725674 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-03-15 20:17 - 2016-12-20 11:01 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-03-15 20:17 - 2014-01-21 15:45 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk 2017-03-15 20:16 - 2016-12-20 10:50 - 00000000 ____D C:\Program Files\TrueKey 2017-03-15 20:16 - 2016-09-16 15:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-03-15 20:16 - 2016-09-16 15:12 - 00290976 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-03-15 20:16 - 2016-07-15 09:41 - 00000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForlee.job 2017-03-15 20:16 - 2013-03-27 09:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-03-15 20:16 - 2013-03-27 09:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-03-15 20:15 - 2016-07-16 02:04 - 01572864 _____ C:\WINDOWS\system32\config\BBI 2017-03-15 20:12 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-03-15 20:12 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\setup 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-03-15 20:11 - 2016-07-16 07:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-03-15 10:39 - 2016-09-16 15:51 - 00003216 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForlee 2017-03-15 09:48 - 2013-07-24 11:01 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-03-15 09:37 - 2012-12-14 04:03 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-03-15 09:25 - 2013-03-27 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-14 09:52 - 2016-07-16 02:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM 2017-03-14 09:49 - 2016-01-27 07:14 - 01017624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2017-03-14 09:49 - 2016-01-27 07:14 - 00196376 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2017-03-14 09:49 - 2015-12-19 23:26 - 00509728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2017-03-14 09:49 - 2015-12-03 12:12 - 00136416 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys 2017-03-14 09:49 - 2015-12-03 01:38 - 00199392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys 2017-03-11 13:25 - 2014-11-08 11:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-03-11 13:01 - 2013-03-13 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Apps Migration 2017-03-10 19:01 - 2013-07-25 08:03 - 00000000 ____D C:\Users\lee\AppData\Roaming\Dropbox 2017-03-09 10:06 - 2013-08-28 15:21 - 00000000 ____D C:\Users\lee\Documents\ef 2017-03-08 19:17 - 2015-11-19 08:17 - 00000000 ____D C:\Program Files\Common Files\AV 2017-03-08 19:00 - 2017-01-11 13:57 - 00000654 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2636966743-1504812990-2223948466-1001.job 2017-03-08 19:00 - 2017-01-11 13:57 - 00000558 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2636966743-1504812990-2223948466-1001.job 2017-03-08 14:07 - 2016-12-18 18:17 - 00000000 ____D C:\Users\lee\Documents\New folder 2017-03-07 13:19 - 2017-01-11 13:57 - 00003796 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2636966743-1504812990-2223948466-1001 2017-03-07 13:19 - 2017-01-11 13:57 - 00003700 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2636966743-1504812990-2223948466-1001 2017-03-07 10:57 - 2017-02-08 12:51 - 00000000 ____D C:\Users\lee\AppData\Roaming\VisualParadigm 2017-03-06 17:14 - 2014-04-23 12:42 - 00000000 ____D C:\Users\lee\Documents\Cara 2017-03-06 09:47 - 2017-02-08 12:50 - 00000000 ____D C:\Program Files\Visual Paradigm CE 14.0 2017-03-04 15:42 - 2016-12-05 15:13 - 00000000 ____D C:\Users\lee\Documents\Panoram Windows 2017-03-04 03:09 - 2016-09-16 15:13 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-03-03 09:11 - 2013-06-06 08:25 - 00000000 ____D C:\Users\lee\Documents\401 silver creek lane 2017-02-28 12:02 - 2016-12-20 10:00 - 00000000 ___HD C:\ProgramData\SsiRecord 2017-02-28 09:58 - 2016-12-20 10:00 - 00000118 _____ C:\Users\lee\Desktop\Remote Proctor Now.url 2017-02-28 09:58 - 2016-12-20 10:00 - 00000000 ____D C:\ProgramData\SsiAuthenticate 2017-02-28 09:58 - 2016-12-20 09:59 - 00000000 ____D C:\Users\lee\AppData\Local\Deployment 2017-02-24 10:04 - 2016-09-26 10:22 - 00000000 ____D C:\Users\lee\Documents\Interactive Ingenuity 2017-02-24 10:01 - 2016-09-12 08:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-02-21 17:27 - 2012-11-16 16:08 - 00000000 ____D C:\Users\lee\AppData\Local\Microsoft Help 2017-02-21 17:13 - 2017-02-08 09:28 - 00000000 ____D C:\Users\lee\Documents\Margin of Safety 2017-02-21 17:13 - 2016-12-14 11:18 - 00000000 ____D C:\Users\lee\Documents\MIller Chemical 2017-02-21 12:47 - 2013-02-22 14:53 - 00000000 ____D C:\Users\lee\Documents\My Scans ==================== Files in the root of some directories ======= 2013-08-06 16:16 - 2013-08-06 16:16 - 0038433 _____ () C:\Users\lee\AppData\Roaming\Comma Separated Values (Windows).ADR 2013-02-12 14:26 - 2013-02-12 14:32 - 0038408 _____ () C:\Users\lee\AppData\Roaming\Microsoft Excel 97-2003.ADR 2013-08-26 19:26 - 2013-08-26 19:26 - 0000145 _____ () C:\Users\lee\AppData\Roaming\uninstall.bat 2016-01-30 14:15 - 2016-02-02 01:15 - 0000098 _____ () C:\Users\lee\AppData\Roaming\WB.CFG 2016-01-30 16:36 - 2016-01-30 16:36 - 0000091 _____ () C:\Users\lee\AppData\Local\fusioncache.dat 2017-01-17 10:22 - 2016-11-23 09:37 - 0000570 _____ () C:\Users\lee\AppData\Local\TroubleshooterConfig.json 2015-10-05 20:25 - 2015-10-05 20:25 - 0000000 _____ () C:\Users\lee\AppData\Local\{4ED946E1-4672-46B5-BC08-4D579B01ED51} 2013-02-22 11:53 - 2016-07-15 11:18 - 0027520 _____ () C:\ProgramData\hpzinstall.log Files to move or delete: ==================== C:\Users\lee\g2ax_customer_downloadhelper_win32_x86.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-09 17:22 ==================== End of FRST.txt ============================