Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017 Ran by Oleg (administrator) on AJENEZA (09-05-2017 01:13:53) Running from C:\Users\Oleg\Desktop Loaded Profiles: Oleg (Available Profiles: Oleg) Platform: Windows 10 Home Single Language Version 1607 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_1.8.0.0_x64__8wekyb3d8bbwe\Microsoft.StickyNotes.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Opera Software) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401888 2016-11-30] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-02] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-01-15] (cyberlink) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.) HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-08-28] (ASUS) HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2014-01-30] (ABBYY Production LLC.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2016-06-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-06-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-891329421-3597823457-1790088782-1002\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) HKU\S-1-5-21-891329421-3597823457-1790088782-1002\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [28084424 2017-03-14] (Microsoft Corporation) HKU\S-1-5-21-891329421-3597823457-1790088782-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.) HKU\S-1-5-21-891329421-3597823457-1790088782-1002\...\Policies\Explorer: [] HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Oleg\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Oleg\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Oleg\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Oleg\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Oleg\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Oleg\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncShell.dll [2017-01-27] (Microsoft Corporation) Startup: C:\Users\Oleg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series.lnk [2017-05-08] ShortcutTarget: Monitor Ink Alerts - HP Deskjet 5520 series.lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-891329421-3597823457-1790088782-1002] => 91.121.46.183:4444 Hosts: Hosts file not detected in the default directory Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{03149af1-c46e-4ba7-8624-7b105d733238}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{d3f7dceb-5225-495c-91d9-524ba751475e}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-891329421-3597823457-1790088782-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131340484755580270&GUID=FD6457CB-7DEF-495B-A050-3CE171A4EF52 SearchScopes: HKU\S-1-5-21-891329421-3597823457-1790088782-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 SearchScopes: HKU\S-1-5-21-891329421-3597823457-1790088782-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627 BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-03-14] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-04-25] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-29] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-06-23] (Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-29] (Microsoft Corporation) Edge: ====== Edge Session Restore: HKU\S-1-5-21-891329421-3597823457-1790088782-1002 -> is enabled. Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [2017-05-02] FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-11-26] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-02-18] FF HKU\S-1-5-21-891329421-3597823457-1790088782-1002\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Oleg\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Stream Web Extension) - C:\Users\Oleg\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2017-01-31] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-25] (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-24] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-04-25] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-13] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-13] () FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\11.0.1.5597552\npmathplugin.dll [2016-09-21] (Wolfram Research, Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-06-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems) FF Plugin HKU\S-1-5-21-891329421-3597823457-1790088782-1002: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\Oleg\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies) FF Plugin HKU\S-1-5-21-891329421-3597823457-1790088782-1002: @acestream.net/acestreamplugin,version=3.1.12.1 -> C:\Users\Oleg\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation) Chrome: ======= CHR HKU\S-1-5-21-891329421-3597823457-1790088782-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-891329421-3597823457-1790088782-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Скачать Музыку ВКонтакте) - C:\Users\Oleg\AppData\Roaming\Opera Software\Opera Stable\Extensions\cffbbjapppeecmibpeloapkdmcgjonmh [2017-05-08] OPR Extension: (Youtube To MP3) - C:\Users\Oleg\AppData\Roaming\Opera Software\Opera Stable\Extensions\iabbccejglemdcneghjfnknohcojmhdh [2016-03-11] OPR Extension: (Download YouTube Videos as MP4) - C:\Users\Oleg\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2017-02-15] OPR Extension: (SaveFrom.net helper) - C:\Users\Oleg\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2017-04-07] OPR Extension: (Adblock Plus) - C:\Users\Oleg\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-03-23] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) S3 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-30] (ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2016-08-26] (Windows (R) Win 7 DDK provider) S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-04-21] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-01-16] (CyberLink) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-08] (Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.) R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-24] (Intel Corporation) R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [360736 2016-10-28] (IObit) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-24] (Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-04-26] (NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation) R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-02] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-04-10] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-04-10] (Electronic Arts) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender) S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] () R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [100392 2017-03-29] (Bitdefender) R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [100392 2017-03-29] (Bitdefender) R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [100392 2017-03-29] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation) R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender) R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender) R1 bdfwfpf; C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys [127312 2016-02-22] (BitDefender LLC) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-08] (Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-08] (Disc Soft Ltd) R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [342016 2016-12-13] (BitDefender S.R.L. Bucharest, ROMANIA) R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [182944 2016-10-29] (BitDefender LLC) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-11-27] (REALiX(tm)) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-07] (Malwarebytes) S2 multikey; C:\WINDOWS\system32\DRIVERS\multikey.sys [67584 2015-01-14] (Chingachguk & Denger2k (Elite & SP edition)) [File not signed] S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_ea8522bfcc1f1aa8\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-04-26] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-30] (Windows (R) Win 7 DDK provider) S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-08-20] (Realsil Semiconductor Corporation) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-03-10] (Synaptics Incorporated) R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S0 BTATH_BUS; System32\drivers\btath_bus.sys [X] S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-09 01:13 - 2017-05-09 01:14 - 00036949 _____ C:\Users\Oleg\Desktop\FRST.txt 2017-05-09 01:13 - 2017-05-09 01:13 - 00000000 ____D C:\FRST 2017-05-09 01:11 - 2017-05-09 01:13 - 02429440 _____ (Farbar) C:\Users\Oleg\Desktop\FRST64.exe 2017-05-07 14:51 - 2017-05-07 15:23 - 00000000 ____D C:\Users\Oleg\Desktop\Who am i 2017-05-06 15:14 - 2017-05-06 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Robot Structural Analysis Professional 2017 2017-05-06 15:03 - 2017-05-06 15:03 - 00000000 ____D C:\Users\Oleg\Downloads\AUTODESK.ROBOT.STRUCTURAL.ANALYSIS.PROFESSIONAL.2017.MULTi10.WIN64 2017-05-04 21:38 - 2017-05-02 01:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2017-05-04 21:38 - 2017-05-02 01:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2017-05-03 00:32 - 2017-05-03 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-05-01 17:49 - 2017-05-01 17:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2017-04-29 19:22 - 2017-04-29 19:22 - 00000000 ____D C:\Program Files\Common Files\DESIGNER 2017-04-28 17:33 - 2017-04-28 22:52 - 1467817253 _____ C:\Users\Oleg\Downloads\Dark.Shadows.2012.FRENCH.SUBFORCED.BRRip.x264.AC3-FUNKY .mkv 2017-04-28 17:16 - 2017-04-28 17:16 - 08366459 _____ C:\Users\Oleg\Desktop\Ковалев В. Мечты и цели (Азбука дистрибьютора).pdf 2017-04-26 15:08 - 2017-05-02 23:18 - 00047032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys 2017-04-26 15:08 - 2017-04-20 04:59 - 01988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438189.dll 2017-04-26 15:08 - 2017-04-20 04:59 - 01589880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438189.dll 2017-04-22 18:06 - 2017-04-22 18:08 - 00000000 ____D C:\Users\Oleg\AppData\Roaming\bigoLive 2017-04-22 18:06 - 2017-04-22 18:06 - 00001130 _____ C:\Users\Public\Desktop\BigoLiveConnector.lnk 2017-04-22 18:06 - 2017-04-22 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bigo LIVE 2017-04-22 18:05 - 2017-04-22 18:06 - 00000000 ____D C:\Program Files (x86)\Bigo LIVE 2017-04-19 17:24 - 2017-04-19 17:24 - 39658392 _____ (IObit ) C:\Users\Oleg\Downloads\advanced-systemcare-setup.exe 2017-04-17 23:14 - 2017-04-17 23:15 - 00000000 ____D C:\Users\Oleg\Desktop\Zolo 2017-04-15 03:28 - 2017-04-15 03:29 - 00526108 _____ C:\WINDOWS\Minidump\041517-34781-01.dmp 2017-04-14 12:21 - 2017-05-08 13:29 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2017-04-13 22:18 - 2017-04-13 22:18 - 00003632 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher 2017-04-13 21:47 - 2017-03-28 09:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2017-04-13 21:47 - 2017-03-28 09:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-04-13 21:47 - 2017-03-28 09:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-04-13 21:47 - 2017-03-28 09:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-04-13 21:47 - 2017-03-28 09:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-13 21:47 - 2017-03-28 09:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-04-13 21:47 - 2017-03-28 09:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-04-13 21:47 - 2017-03-28 09:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-04-13 21:47 - 2017-03-28 09:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-04-13 21:47 - 2017-03-28 09:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-04-13 21:47 - 2017-03-28 09:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-04-13 21:47 - 2017-03-28 08:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-13 21:47 - 2017-03-28 08:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-04-13 21:47 - 2017-03-28 08:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-04-13 21:47 - 2017-03-28 08:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2017-04-13 21:47 - 2017-03-28 08:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-04-13 21:47 - 2017-03-28 08:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-04-13 21:47 - 2017-03-28 08:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-04-13 21:47 - 2017-03-28 08:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-04-13 21:47 - 2017-03-28 08:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-04-13 21:47 - 2017-03-28 08:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2017-04-13 21:47 - 2017-03-28 08:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-04-13 21:47 - 2017-03-28 08:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-04-13 21:47 - 2017-03-28 08:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-04-13 21:47 - 2017-03-28 08:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-04-13 21:47 - 2017-03-28 08:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2017-04-13 21:47 - 2017-03-28 08:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-04-13 21:47 - 2017-03-28 08:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll 2017-04-13 21:47 - 2017-03-28 08:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-04-13 21:47 - 2017-03-28 08:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-04-13 21:47 - 2017-03-28 08:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-04-13 21:47 - 2017-03-28 08:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll 2017-04-13 21:47 - 2017-03-28 08:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-04-13 21:47 - 2017-03-28 08:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-04-13 21:47 - 2017-03-28 08:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-04-13 21:47 - 2017-03-28 08:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-04-13 21:47 - 2017-03-28 08:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-04-13 21:47 - 2017-03-28 08:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-04-13 21:47 - 2017-03-28 08:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-04-13 21:47 - 2017-03-28 08:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-04-13 21:47 - 2017-03-28 08:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-04-13 21:47 - 2017-03-28 08:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-04-13 21:47 - 2017-03-28 08:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-04-13 21:47 - 2017-03-28 08:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-04-13 21:47 - 2017-03-28 08:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-04-13 21:47 - 2017-03-28 08:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-04-13 21:47 - 2017-03-28 08:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-04-13 21:47 - 2017-03-28 08:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll 2017-04-13 21:47 - 2017-03-28 08:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-04-13 21:47 - 2017-03-28 08:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-04-13 21:47 - 2017-03-28 08:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-04-13 21:47 - 2017-03-28 08:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-04-13 21:47 - 2017-03-28 08:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-04-13 21:47 - 2017-03-28 08:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-04-13 21:47 - 2017-03-28 08:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-04-13 21:47 - 2017-03-28 08:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-04-13 21:47 - 2017-03-28 08:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-04-13 21:47 - 2017-03-28 08:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-04-13 21:47 - 2017-03-28 08:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-04-13 21:47 - 2017-03-28 08:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll 2017-04-13 21:47 - 2017-03-28 08:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-04-13 21:47 - 2017-03-28 08:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-04-13 21:47 - 2017-03-28 08:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-04-13 21:47 - 2017-03-28 08:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-04-13 21:47 - 2017-03-28 08:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-04-13 21:47 - 2017-03-28 08:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-04-13 21:47 - 2017-03-28 08:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-04-13 21:47 - 2017-03-28 08:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-04-13 21:47 - 2017-03-28 08:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-04-13 21:47 - 2017-03-28 08:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-04-13 21:47 - 2017-03-28 08:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-04-13 21:47 - 2017-03-28 08:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-04-13 21:47 - 2017-03-28 08:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-04-13 21:47 - 2017-03-28 08:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-04-13 21:47 - 2017-03-28 08:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2017-04-13 21:47 - 2017-03-28 08:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-13 21:47 - 2017-03-28 08:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-04-13 21:47 - 2017-03-28 08:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-04-13 21:47 - 2017-03-28 08:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-04-13 21:47 - 2017-03-28 08:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-04-13 21:47 - 2017-03-28 08:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-04-13 21:47 - 2017-03-28 08:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-04-13 21:47 - 2017-03-28 08:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2017-04-13 21:47 - 2017-03-28 08:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-04-13 21:47 - 2017-03-28 08:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-04-13 21:47 - 2017-03-28 08:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-04-13 21:47 - 2017-03-28 08:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-04-13 21:47 - 2017-03-28 08:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-04-13 21:47 - 2017-03-28 08:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-04-13 21:47 - 2017-03-28 08:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-04-13 21:47 - 2017-03-28 08:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-13 21:47 - 2017-03-28 08:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-04-13 21:47 - 2017-03-28 08:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-04-13 21:47 - 2017-03-28 08:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-04-13 21:47 - 2017-03-28 08:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-04-13 21:47 - 2017-03-28 08:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-04-13 21:47 - 2017-03-28 08:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-04-13 21:47 - 2017-03-28 08:15 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe 2017-04-13 21:47 - 2017-03-28 08:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-04-13 21:47 - 2017-03-28 08:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-04-13 21:47 - 2017-03-28 08:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-04-13 21:47 - 2017-03-28 08:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-04-13 21:47 - 2017-03-28 08:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-04-13 21:47 - 2017-03-28 08:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-04-13 21:47 - 2017-03-28 08:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-04-13 21:47 - 2017-03-28 08:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-04-13 21:47 - 2017-03-28 08:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-04-13 21:47 - 2017-03-28 08:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-04-13 21:47 - 2017-03-28 08:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-04-13 21:47 - 2017-03-28 08:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-04-13 21:47 - 2017-03-28 08:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-04-13 21:47 - 2017-03-28 08:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-04-13 21:47 - 2017-03-28 08:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-04-13 21:47 - 2017-03-28 08:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-04-13 21:47 - 2017-03-28 08:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-04-13 21:47 - 2017-03-28 08:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-04-13 21:47 - 2017-03-28 08:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-04-13 21:47 - 2017-03-28 08:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-04-13 21:47 - 2017-03-28 08:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-04-13 21:47 - 2017-03-28 08:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll 2017-04-13 21:46 - 2017-03-28 10:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-04-13 21:46 - 2017-03-28 10:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-13 21:46 - 2017-03-28 09:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-04-13 21:46 - 2017-03-28 09:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-04-13 21:46 - 2017-03-28 09:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-04-13 21:46 - 2017-03-28 09:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-04-13 21:46 - 2017-03-28 09:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-04-13 21:46 - 2017-03-28 08:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-13 21:46 - 2017-03-28 08:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-04-13 21:46 - 2017-03-28 08:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-04-13 21:46 - 2017-03-28 08:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-13 21:46 - 2017-03-28 08:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-04-13 21:46 - 2017-03-28 08:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-04-13 21:46 - 2017-03-28 08:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-04-13 21:46 - 2017-03-28 08:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-04-13 21:46 - 2017-03-28 08:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-04-13 21:46 - 2017-03-28 08:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-04-13 21:46 - 2017-03-28 08:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-04-13 21:46 - 2017-03-28 08:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-04-13 21:46 - 2017-03-28 08:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-04-13 21:46 - 2017-03-28 08:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-04-13 21:46 - 2017-03-28 08:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-04-13 21:46 - 2017-03-28 08:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-04-13 21:46 - 2017-03-28 08:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-04-13 21:46 - 2017-03-28 08:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-04-13 21:46 - 2017-03-28 08:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-04-13 21:46 - 2017-03-28 08:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-04-13 21:46 - 2017-03-28 08:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-04-13 21:46 - 2017-03-28 08:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-04-13 21:46 - 2017-03-28 08:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-04-13 21:46 - 2017-03-28 08:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-04-13 21:46 - 2017-03-28 08:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-04-13 21:46 - 2017-03-28 08:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2017-04-13 21:46 - 2017-03-28 08:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2017-04-13 21:46 - 2017-03-28 08:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-04-13 21:46 - 2017-03-28 08:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-04-13 21:46 - 2017-03-28 08:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2017-04-13 21:46 - 2017-03-28 08:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-04-13 21:46 - 2017-03-28 08:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-04-13 21:46 - 2017-03-28 08:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-04-13 21:46 - 2017-03-28 08:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-04-13 21:46 - 2017-03-28 08:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-04-13 21:46 - 2017-03-28 08:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-04-13 21:46 - 2017-03-28 08:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-13 21:46 - 2017-03-28 07:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-04-13 21:46 - 2017-03-16 07:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll 2017-04-13 21:42 - 2017-03-28 09:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-04-13 21:42 - 2017-03-28 08:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-04-13 21:42 - 2017-03-28 08:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-04-13 21:42 - 2017-03-28 08:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-04-13 21:42 - 2017-03-28 08:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-04-13 21:42 - 2017-03-28 08:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-04-13 21:42 - 2017-03-28 08:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-04-13 21:42 - 2017-03-28 08:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-04-13 21:42 - 2017-03-28 08:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-04-13 21:42 - 2017-03-28 08:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2017-04-13 21:42 - 2017-03-28 08:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-04-13 21:42 - 2017-03-28 08:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-04-13 21:42 - 2017-03-28 08:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-04-13 21:41 - 2017-03-28 09:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2017-04-13 21:41 - 2017-03-28 09:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-13 21:41 - 2017-03-28 09:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-04-13 21:41 - 2017-03-28 09:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2017-04-13 21:41 - 2017-03-28 09:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-04-13 21:41 - 2017-03-28 09:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-04-13 21:41 - 2017-03-28 09:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-13 21:41 - 2017-03-28 09:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-04-13 21:41 - 2017-03-28 09:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-04-13 21:41 - 2017-03-28 09:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-04-13 21:41 - 2017-03-28 09:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-04-13 21:41 - 2017-03-28 09:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll 2017-04-13 21:41 - 2017-03-28 09:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-04-13 21:41 - 2017-03-28 09:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-04-13 21:41 - 2017-03-28 09:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-04-13 21:41 - 2017-03-28 09:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-04-13 21:41 - 2017-03-28 08:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-04-13 21:41 - 2017-03-28 08:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-04-13 21:41 - 2017-03-28 08:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-04-13 21:41 - 2017-03-28 08:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2017-04-13 21:41 - 2017-03-28 08:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-04-13 21:41 - 2017-03-28 08:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-04-13 21:41 - 2017-03-28 08:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-04-13 21:41 - 2017-03-28 08:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll 2017-04-13 21:41 - 2017-03-28 08:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-04-13 21:41 - 2017-03-28 08:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-04-13 21:41 - 2017-03-28 08:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-04-13 21:41 - 2017-03-28 08:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-04-13 21:41 - 2017-03-28 08:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-04-13 21:41 - 2017-03-28 08:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-04-13 21:41 - 2017-03-28 08:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll 2017-04-13 21:41 - 2017-03-28 08:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-04-13 21:41 - 2017-03-28 08:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2017-04-13 21:41 - 2017-03-28 08:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-04-13 21:41 - 2017-03-28 08:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-04-13 21:41 - 2017-03-28 08:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-04-13 21:41 - 2017-03-28 08:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-04-13 21:41 - 2017-03-28 08:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-04-13 21:41 - 2017-03-28 08:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-04-13 21:41 - 2017-03-28 08:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2017-04-13 21:41 - 2017-03-28 08:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-04-13 21:41 - 2017-03-28 08:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-04-13 21:41 - 2017-03-28 08:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-04-13 21:41 - 2017-03-28 08:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-04-13 21:41 - 2017-03-28 08:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-04-13 21:41 - 2017-03-28 08:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-04-13 21:41 - 2017-03-28 08:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-04-13 21:41 - 2017-03-28 08:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-04-13 21:41 - 2017-03-28 08:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-04-13 21:41 - 2017-03-28 08:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-04-13 21:41 - 2017-03-28 08:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2017-04-13 21:41 - 2017-03-28 08:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2017-04-13 21:41 - 2017-03-28 08:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-04-13 21:41 - 2017-03-28 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-04-13 21:41 - 2017-03-28 08:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-04-13 21:41 - 2017-03-28 08:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-04-13 21:41 - 2017-03-28 08:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-04-13 21:41 - 2017-03-28 08:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-04-13 21:41 - 2017-03-28 08:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2017-04-13 21:41 - 2017-03-28 08:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-04-13 21:41 - 2017-03-28 08:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-04-13 21:41 - 2017-03-28 08:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-04-13 21:41 - 2017-03-28 08:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2017-04-13 21:41 - 2017-03-28 08:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-04-13 21:41 - 2017-03-28 08:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-04-13 21:41 - 2017-03-28 08:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll 2017-04-13 21:41 - 2017-03-28 08:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-04-13 21:41 - 2017-03-28 08:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-04-13 21:41 - 2017-03-28 08:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-04-13 21:41 - 2017-03-28 08:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-04-13 21:41 - 2017-03-28 08:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-04-13 21:41 - 2017-03-28 08:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-04-13 21:41 - 2017-03-28 08:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-04-13 21:41 - 2017-03-28 08:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-04-13 21:41 - 2017-03-28 08:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-04-13 21:41 - 2017-03-28 08:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-04-13 21:41 - 2017-03-28 08:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-04-13 21:41 - 2017-03-28 08:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-04-13 21:41 - 2017-03-28 08:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-04-13 21:41 - 2017-03-28 08:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-04-13 21:41 - 2017-03-28 08:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-04-13 21:41 - 2017-03-28 08:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-04-13 21:41 - 2017-03-28 08:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-04-13 21:41 - 2017-03-28 08:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-04-13 21:41 - 2017-03-28 08:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-04-13 21:41 - 2017-03-28 08:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-13 21:41 - 2017-03-28 08:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-04-13 21:41 - 2017-03-28 08:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-04-13 21:41 - 2017-03-28 08:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-04-13 21:41 - 2017-03-28 08:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-04-13 21:41 - 2017-03-28 08:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-04-13 21:41 - 2017-03-28 08:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-04-13 21:41 - 2017-03-28 08:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-04-13 21:41 - 2017-03-28 08:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-04-13 21:41 - 2017-03-28 08:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-04-13 21:41 - 2017-03-28 08:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-04-13 21:41 - 2017-03-28 08:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-04-13 21:41 - 2017-03-28 08:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-04-13 21:41 - 2017-03-28 08:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-04-13 21:41 - 2017-03-28 08:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-04-13 21:41 - 2017-03-28 08:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-04-13 21:41 - 2017-03-28 08:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-04-13 21:41 - 2017-03-28 08:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-04-13 21:41 - 2017-03-28 08:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-04-13 21:41 - 2017-03-28 08:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-04-13 21:41 - 2017-03-28 08:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-04-13 21:41 - 2017-03-28 08:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-04-13 21:41 - 2017-03-28 08:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-04-13 21:41 - 2017-03-28 08:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-04-13 21:40 - 2017-03-28 09:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-04-13 21:40 - 2017-03-28 09:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-04-13 21:40 - 2017-03-28 09:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-13 21:40 - 2017-03-28 09:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-04-13 21:40 - 2017-03-28 09:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-04-13 21:40 - 2017-03-28 09:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-04-13 21:40 - 2017-03-28 09:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-13 21:40 - 2017-03-28 09:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-04-13 21:40 - 2017-03-28 09:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-04-13 21:40 - 2017-03-28 09:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-04-13 21:40 - 2017-03-28 09:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-04-13 21:40 - 2017-03-28 09:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-04-13 21:40 - 2017-03-28 09:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-04-13 21:40 - 2017-03-28 09:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-04-13 21:40 - 2017-03-28 09:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-04-13 21:40 - 2017-03-28 09:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-04-13 21:40 - 2017-03-28 09:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-04-13 21:40 - 2017-03-28 09:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-04-13 21:40 - 2017-03-28 09:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-04-13 21:40 - 2017-03-28 09:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-13 21:40 - 2017-03-28 09:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-04-13 21:40 - 2017-03-28 09:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-04-13 21:40 - 2017-03-28 09:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-04-13 21:40 - 2017-03-28 09:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-04-13 21:40 - 2017-03-28 08:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-04-13 21:40 - 2017-03-28 08:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-04-13 21:40 - 2017-03-28 08:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-04-13 21:40 - 2017-03-28 08:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-04-13 21:40 - 2017-03-28 08:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-13 21:40 - 2017-03-28 08:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-04-13 21:40 - 2017-03-28 08:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-04-13 21:40 - 2017-03-28 08:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-04-13 21:40 - 2017-03-28 08:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-04-13 21:40 - 2017-03-28 08:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-04-13 21:40 - 2017-03-28 08:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-04-13 21:40 - 2017-03-28 08:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-04-13 21:40 - 2017-03-28 08:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-04-13 21:40 - 2017-03-28 08:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2017-04-13 21:40 - 2017-03-28 08:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-04-13 21:40 - 2017-03-28 08:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-04-13 21:40 - 2017-03-28 08:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-04-13 21:40 - 2017-03-28 08:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-04-13 21:40 - 2017-03-28 08:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-04-13 21:40 - 2017-03-28 08:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2017-04-13 21:40 - 2017-03-28 08:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-04-13 21:40 - 2017-03-28 08:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-04-13 21:40 - 2017-03-28 08:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2017-04-13 21:40 - 2017-03-28 08:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-04-13 21:40 - 2017-03-28 08:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-04-13 21:40 - 2017-03-28 08:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-04-13 21:40 - 2017-03-28 08:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-04-13 21:40 - 2017-03-28 08:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-04-13 21:40 - 2017-03-28 08:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-04-13 21:40 - 2017-03-28 08:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-04-13 21:40 - 2017-03-28 08:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-04-13 21:40 - 2017-03-28 08:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-04-13 21:40 - 2017-03-28 08:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-04-13 21:40 - 2017-03-28 08:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-04-13 21:40 - 2017-03-28 08:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-04-13 21:40 - 2017-03-28 08:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2017-04-13 21:40 - 2017-03-28 08:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-04-13 21:40 - 2017-03-28 08:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-04-13 21:40 - 2017-03-28 08:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-04-13 21:40 - 2017-03-28 08:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-04-13 21:40 - 2017-03-28 08:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-13 21:40 - 2017-03-28 08:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-04-13 21:40 - 2017-03-28 08:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-04-13 21:40 - 2017-03-28 08:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2017-04-13 21:40 - 2017-03-28 08:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-04-13 21:40 - 2017-03-28 08:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-04-13 21:40 - 2017-03-28 08:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-04-13 21:40 - 2017-03-28 08:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2017-04-13 21:40 - 2017-03-28 08:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-04-13 21:40 - 2017-03-28 08:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-13 21:40 - 2017-03-28 08:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2017-04-13 21:40 - 2017-03-28 08:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-04-13 21:40 - 2017-03-28 08:15 - 05850624 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe 2017-04-13 21:40 - 2017-03-28 08:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-04-13 21:40 - 2017-03-28 08:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-04-13 21:40 - 2017-03-28 08:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-04-13 21:40 - 2017-03-28 08:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-04-13 21:40 - 2017-03-28 08:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-04-13 21:40 - 2017-03-28 08:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-04-13 21:40 - 2017-03-28 08:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-04-13 21:40 - 2017-03-28 08:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-04-13 21:40 - 2017-03-28 08:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-04-13 21:40 - 2017-03-28 08:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-04-13 21:40 - 2017-03-28 08:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-04-13 21:40 - 2017-03-28 08:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-04-13 21:40 - 2017-03-28 08:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-04-13 21:40 - 2017-03-28 08:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-04-13 21:40 - 2017-03-28 08:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-04-13 21:40 - 2017-03-28 08:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-04-13 21:40 - 2017-03-28 08:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-04-13 21:40 - 2017-03-28 08:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-04-13 21:40 - 2017-03-28 08:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-04-13 21:40 - 2017-03-28 08:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2017-04-13 21:40 - 2017-03-28 08:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-13 21:40 - 2017-03-16 07:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll 2017-04-13 21:39 - 2017-03-28 09:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-04-13 21:39 - 2017-03-28 09:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-04-13 21:39 - 2017-03-28 09:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-04-13 21:39 - 2017-03-28 09:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-04-13 21:39 - 2017-03-28 09:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-04-13 21:39 - 2017-03-28 09:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-04-13 21:39 - 2017-03-28 09:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-04-13 21:39 - 2017-03-28 09:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-04-13 21:39 - 2017-03-28 09:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-04-13 21:39 - 2017-03-28 08:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2017-04-13 21:39 - 2017-03-28 08:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-04-13 21:39 - 2017-03-28 08:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys 2017-04-13 21:39 - 2017-03-28 08:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-04-13 21:39 - 2017-03-28 08:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-04-13 21:39 - 2017-03-28 08:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-04-13 21:39 - 2017-03-28 08:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-04-13 21:39 - 2017-03-28 08:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-04-13 21:39 - 2017-03-28 08:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-04-13 21:39 - 2017-03-28 08:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-04-13 21:39 - 2017-03-28 08:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-04-13 21:39 - 2017-03-28 08:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-04-13 21:39 - 2017-03-28 08:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-04-13 21:39 - 2017-03-28 08:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-04-13 21:39 - 2017-03-28 08:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-04-13 21:39 - 2017-03-28 08:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-04-13 21:39 - 2017-03-18 19:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-04-13 21:39 - 2017-03-18 19:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-04-13 09:39 - 2017-04-13 09:39 - 00627440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2017-04-13 09:39 - 2017-04-13 09:39 - 00264448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2017-04-13 09:39 - 2017-04-13 09:39 - 00242968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2017-04-13 09:39 - 2017-04-13 09:39 - 00073920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB72A.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB711.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00027328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB717.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00021696 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB789.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00021184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB6CD.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB73F.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00020160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB6E6.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00019648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB78C.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00019648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB6F9.tmp 2017-04-13 09:39 - 2017-04-13 09:39 - 00019648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB6C7.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00438000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00391424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00332560 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00087280 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00083696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2017-04-13 09:37 - 2017-04-13 09:37 - 00071360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB72D.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00027328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB714.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB771.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB75B.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB774.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB75E.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00023744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB745.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00023744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB748.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00021696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB777.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00021184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB6E0.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB66D.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00020160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB742.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00020160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB69F.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00019648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB78F.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00019648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB6FC.tmp 2017-04-13 09:37 - 2017-04-13 09:37 - 00019648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB6CA.tmp 2017-04-13 08:54 - 2017-04-13 08:54 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB6FF.tmp 2017-04-13 08:54 - 2017-04-13 08:54 - 00023232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB6B2.tmp 2017-04-13 08:54 - 2017-04-13 08:54 - 00023224 _____ (Microsoft Corporation) C:\WINDOWS\system32\TBMB6B5.tmp 2017-04-13 08:54 - 2017-04-13 08:54 - 00020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TBMB6E3.tmp 2017-04-12 19:29 - 2017-03-28 06:32 - 00153536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2017-04-12 19:29 - 2017-03-28 06:32 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2017-04-11 19:49 - 2017-04-11 19:49 - 05063256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe 2017-04-11 00:10 - 2017-04-11 00:10 - 00000000 ____D C:\Users\Oleg\Downloads\Patriots.Day.2016.FRENCH.BRRip.XviD-AM84 2017-04-10 22:53 - 2017-04-10 23:10 - 3122950380 _____ C:\Users\Oleg\Downloads\The Magnificent Seven (2016) MULTI VFQ [1080p] Bluray x264-PopHD.mkv 2017-04-09 23:21 - 2017-04-09 23:21 - 00007605 _____ C:\Users\Oleg\AppData\Local\Resmon.ResmonCfg ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-09 01:05 - 2016-11-20 14:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-09 01:05 - 2015-11-27 16:27 - 00000000 ____D C:\Users\Oleg\AppData\Roaming\Skype 2017-05-09 00:27 - 2017-01-12 20:23 - 00000000 ____D C:\Program Files\Bitdefender Antivirus Free 2017-05-09 00:27 - 2017-01-12 20:20 - 00000000 ____D C:\Program Files\Bitdefender Agent 2017-05-08 13:33 - 2016-07-16 14:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-08 13:33 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-08 13:32 - 2016-12-25 12:50 - 00003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1 2017-05-08 13:32 - 2016-11-20 15:42 - 00003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2 2017-05-08 13:32 - 2016-11-20 15:02 - 00000000 ____D C:\ProgramData\NVIDIA 2017-05-08 13:32 - 2015-11-26 04:41 - 00000074 _____ C:\Users\Oleg\AppData\Roaming\sp_data.sys 2017-05-08 13:30 - 2016-11-20 15:42 - 00003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Oleg) 2017-05-08 13:28 - 2016-11-20 15:07 - 00000000 ____D C:\Users\Oleg 2017-05-08 13:25 - 2016-11-20 15:01 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-05-08 13:25 - 2016-04-02 16:44 - 00000000 __SHD C:\Users\Oleg\IntelGraphicsProfiles 2017-05-08 04:55 - 2015-12-21 03:11 - 00000000 ____D C:\ProgramData\Origin 2017-05-08 01:13 - 2016-07-16 09:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM 2017-05-08 00:43 - 2015-12-21 03:12 - 00000000 ____D C:\Users\Oleg\AppData\Roaming\Origin 2017-05-07 20:29 - 2015-11-27 04:38 - 00144720 _____ C:\Users\Oleg\AppData\Local\GDIPFONTCACHEV1.DAT 2017-05-07 20:27 - 2017-02-08 13:58 - 00000000 ____D C:\Users\Oleg\Desktop\IMIRYANGO 2017-05-07 20:27 - 2015-11-27 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2017-05-07 20:23 - 2015-11-27 00:32 - 00000000 ____D C:\Program Files\Autodesk 2017-05-07 20:12 - 2015-11-26 05:22 - 00000000 ____D C:\Users\Oleg\AppData\Local\CrashDumps 2017-05-07 17:11 - 2017-01-15 01:28 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-05-07 17:11 - 2016-04-02 16:31 - 00147728 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_38F51D56.sys 2017-05-07 17:09 - 2016-11-20 15:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-05-07 17:08 - 2016-07-16 09:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI 2017-05-07 14:38 - 2016-11-20 14:57 - 00496144 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-07 13:56 - 2017-01-12 17:32 - 00000000 ____D C:\Program Files (x86)\Weloied 2017-05-07 13:55 - 2017-01-12 17:32 - 00000000 ____D C:\Program Files (x86)\Arerjulynjak_ 2017-05-07 04:35 - 2015-11-26 23:01 - 00000000 ____D C:\Users\Oleg\AppData\Roaming\BitTorrent 2017-05-06 21:26 - 2017-01-26 23:39 - 00000000 ____D C:\Users\Oleg\AppData\Roaming\.ACEStream 2017-05-06 21:22 - 2017-01-26 23:44 - 00000000 ___HD C:\_acestream_cache_ 2017-05-06 15:33 - 2016-03-06 18:05 - 00000000 ____D C:\Autodesk 2017-05-06 15:26 - 2017-01-03 19:38 - 00000000 ____D C:\ProgramData\boost_interprocess 2017-05-06 15:15 - 2015-11-27 00:09 - 00000000 ____D C:\Users\Oleg\AppData\Roaming\Autodesk 2017-05-06 15:13 - 2015-11-27 00:32 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2017-05-06 14:49 - 2017-03-25 22:55 - 00000000 ____D C:\Users\Oleg\AppData\LocalLow\BitTorrent 2017-05-05 19:39 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-05 19:39 - 2016-07-16 14:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-05-04 21:45 - 2016-04-02 16:34 - 01082458 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-04 21:42 - 2016-07-16 14:45 - 00000000 ____D C:\WINDOWS\INF 2017-05-04 21:42 - 2016-03-11 03:57 - 00000000 ____D C:\Program Files (x86)\VulkanRT 2017-05-04 21:42 - 2016-02-18 02:17 - 00000000 ____D C:\temp 2017-05-04 14:59 - 2015-11-26 05:28 - 00000000 ____D C:\ProgramData\ProductData 2017-05-04 12:33 - 2015-11-26 04:40 - 00000000 ____D C:\Users\Oleg\AppData\Local\Packages 2017-05-03 21:22 - 2015-12-21 03:10 - 00000000 ____D C:\Program Files (x86)\Origin 2017-05-03 00:33 - 2016-04-08 02:34 - 00000000 ____D C:\Program Files (x86)\Dropbox 2017-05-02 13:12 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-05-02 01:38 - 2017-04-07 22:36 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys 2017-05-02 01:38 - 2017-04-07 22:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat 2017-05-02 01:38 - 2016-08-17 21:14 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2017-05-02 01:38 - 2016-08-17 21:14 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb 2017-05-02 01:38 - 2016-03-22 06:52 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2017-05-01 23:52 - 2016-12-07 21:52 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2017-05-01 23:51 - 2016-11-20 15:02 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2017-05-01 23:51 - 2016-11-20 15:02 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2017-05-01 23:51 - 2016-11-20 15:02 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2017-05-01 23:51 - 2016-11-20 15:02 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2017-05-01 23:51 - 2016-11-20 15:02 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2017-05-01 23:51 - 2016-11-20 15:02 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2017-05-01 23:51 - 2016-11-20 15:02 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2017-04-30 20:37 - 2016-11-20 15:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2017-04-30 20:36 - 2017-04-07 22:36 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2017-04-07 22:36 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2017-04-07 22:36 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2017-04-07 22:36 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2017-04-07 22:36 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2017-04-07 22:36 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2017-04-07 22:36 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2017-04-30 20:36 - 2016-11-20 15:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2017-04-30 20:36 - 2016-11-20 15:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2017-04-30 03:03 - 2014-02-08 19:00 - 00000000 ____D C:\Program Files\DIFX 2017-04-29 21:06 - 2016-02-24 03:14 - 00000000 ____D C:\Program Files (x86)\Samsung 2017-04-29 19:22 - 2016-07-16 14:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-04-29 19:22 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2017-04-29 19:21 - 2015-11-26 22:56 - 00000000 ____D C:\Program Files\Microsoft Office 2017-04-26 08:40 - 2017-04-07 22:36 - 01882048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2017-04-26 08:40 - 2017-04-07 22:36 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2017-04-26 08:40 - 2017-04-07 22:36 - 01472960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2017-04-26 08:40 - 2017-04-07 22:36 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2017-04-26 08:40 - 2017-04-07 22:36 - 00121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll 2017-04-26 00:11 - 2016-11-20 15:02 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin 2017-04-19 17:32 - 2015-12-21 03:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2017-04-16 16:36 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\rescache 2017-04-15 03:28 - 2017-02-20 22:17 - 1512302476 _____ C:\WINDOWS\MEMORY.DMP 2017-04-15 03:28 - 2017-02-20 22:17 - 00000000 ____D C:\WINDOWS\Minidump 2017-04-14 17:04 - 2017-01-15 01:28 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys 2017-04-14 12:08 - 2015-11-26 22:19 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-14 12:08 - 2015-11-26 22:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\setup 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-14 02:57 - 2016-07-16 14:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-14 02:57 - 2016-07-16 09:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-04-13 22:28 - 2015-11-26 06:20 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-13 22:22 - 2015-11-26 06:20 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-04-13 22:21 - 2015-11-26 23:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2017-04-13 22:19 - 2015-11-26 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-13 22:17 - 2016-04-02 16:53 - 00000000 ____D C:\ProgramData\SetupTPDriver 2017-04-13 22:17 - 2013-05-02 02:46 - 00000000 ____D C:\Program Files (x86)\ASUS 2017-04-13 22:01 - 2012-07-26 08:26 - 00000199 _____ C:\WINDOWS\win.ini 2017-04-11 19:49 - 2016-11-20 15:42 - 00004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-04-11 19:49 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-04-11 19:49 - 2016-07-16 14:47 - 00000000 ____D C:\WINDOWS\system32\Macromed ==================== Files in the root of some directories ======= 2017-01-12 17:32 - 2017-01-12 17:32 - 0140288 _____ () C:\Users\Oleg\AppData\Roaming\Installer.dat 2015-11-26 04:41 - 2017-05-08 13:32 - 0000074 _____ () C:\Users\Oleg\AppData\Roaming\sp_data.sys 2017-04-09 23:21 - 2017-04-09 23:21 - 0007605 _____ () C:\Users\Oleg\AppData\Local\Resmon.ResmonCfg 2016-07-05 10:36 - 2016-07-05 10:36 - 0000000 _____ () C:\Users\Oleg\AppData\Local\{0279B0E1-0B9F-4413-AA94-5642666B9881} 2017-01-12 20:20 - 2017-01-12 20:20 - 0047095 _____ () C:\ProgramData\agent.1484241602.bdinstall.bin 2017-01-12 20:37 - 2017-01-12 20:37 - 0028743 _____ () C:\ProgramData\agent.1484242599.bdinstall.bin 2017-03-01 18:45 - 2017-03-01 18:45 - 0029969 _____ () C:\ProgramData\agent.update.1488383150.bdinstall.bin 2017-02-20 18:47 - 2017-02-20 18:47 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-11-20 15:02 - 2016-11-20 15:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-11-27 02:26 - 2015-11-27 02:26 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2013-05-02 02:45 - 2012-09-07 14:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd 2013-05-02 02:45 - 2009-07-22 13:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe 2013-05-02 02:45 - 2012-09-07 14:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS 2014-02-08 19:16 - 2014-02-08 19:16 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2014-02-08 19:12 - 2014-02-08 19:15 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2014-02-08 19:15 - 2014-02-08 19:16 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log 2014-02-08 19:11 - 2014-02-08 19:12 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log Some files in TEMP: ==================== 2017-05-06 15:16 - 2015-01-30 22:54 - 0060296 _____ (Autodesk, Inc.) C:\Users\Oleg\AppData\Local\Temp\AcDeltree.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <===== ATTENTION LastRegBack: 2017-04-22 20:52 ==================== End of FRST.txt ============================