This topic is locked
Hi everyone. i know very little on this subject so i will try to describe what is happening.1. the machine runs very slow.2. i use google chrome and the last tab closed will be the first tab opened.3.if a password is used and that tab closed and then reopened it will be like it was never closed.4. it can take several minutes to get to a web site. please find below frst log. Thank you for helping.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
Ran by Johnny (administrator) on JOHNNY-PC (15-02-2017 19:41:14)
Running from C:\Users\Johnny\Desktop
Loaded Profiles: Johnny (Available Profiles: Johnny & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Kinetic Jump Software, LLC) C:\Program Files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Allmyapps) C:\Users\Johnny\AppData\Roaming\Allmyapps\Allmyapps.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2017-01-16] (AVAST Software)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-11-05] (TOSHIBA CORPORATION.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1057840 2017-02-02] ()
HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\Run: [Allmyapps] => C:\Users\Johnny\AppData\Roaming\Allmyapps\Allmyapps.exe [6782328 2014-02-20] (Allmyapps)
HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\Run: [Allmyapps Update] => C:\Users\Johnny\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [317304 2014-02-20] (Allmyapps)
HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-01-23] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
AppInit_DLLs: c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-01-16] (AVAST Software)
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{8e23a53b-b33a-46b1-8e88-956b077b02a1}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d123c037-cf19-487a-a03a-c2f622572c69}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-341713979-2683877852-2757265087-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-341713979-2683877852-2757265087-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: topdeall -> {479BB518-CE65-F750-177B-EE5A92D47E59} -> C:\ProgramData\topdeall\C_GuM.x64.dll => No File
BHO: ShoppEruMoaSteru -> {9144C879-0561-1CFC-5239-BEAED17C74DE} -> C:\ProgramData\ShoppEruMoaSteru\Lg.x64.dll => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FireFox:
========
FF ProfilePath: C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\9leutqkn.default [2017-02-15]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9leutqkn.default -> Conduit Search
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\9leutqkn.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9leutqkn.default -> Conduit Search
FF Keyword.URL: Mozilla\Firefox\Profiles\9leutqkn.default -> hxxp://www.bing.com/search?FORM=U008DF&PC=U008&q=
FF Extension: (KinggCoupon) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\9leutqkn.default\Extensions\[email protected] [2014-03-17] [not signed]
FF Extension: (PNGConnveRT) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\9leutqkn.default\Extensions\[email protected] [2014-02-04] [not signed]
FF Extension: (topdeall) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\9leutqkn.default\Extensions\[email protected] [2014-02-13] [not signed]
FF SearchPlugin: C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\9leutqkn.default\searchplugins\bingp.xml [2014-01-13]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017-01-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2017-01-16]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-16] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\!vitruvian-autoenable.js [2014-01-13] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\vitruvian-autoenable.cfg [2014-01-13] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPD1DE92E4-508D-40A3-B314-DE03A7EECD00&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default [2017-02-15]
CHR Extension: (Color Wave) - C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnpfgjdhpopghfmomjmedpgecgjifcc [2015-08-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\Johnny\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-12]
CHR HKLM\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2015-10-01]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx [2015-10-01]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-06-17]
CHR HKLM-x32\...\Chrome\Extension: [aaaaahaeginbdcckocjkhbciadcafnep] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahaeginbdcckocjkhbciadcafnep.crx [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaahlfahldnilidgnlikdckbfehhca.crx [2015-10-01]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2016-06-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2017-01-16] (AVAST Software)
R2 KjsUpdateService2; C:\Program Files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe [12800 2012-04-18] (Kinetic Jump Software, LLC) [File not signed]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1318128 2017-02-02] (Overwolf LTD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2017-01-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2017-01-16] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2017-01-16] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2017-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2017-01-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2017-01-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2017-01-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2017-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2017-01-16] (AVAST Software)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2015-12-31] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-15 19:41 - 2017-02-15 19:41 - 00000000 ___DC C:\Users\Johnny\Desktop\FRST-OlderVersion
2017-02-15 03:34 - 2017-02-15 03:35 - 00030010 ____C C:\Users\Johnny\Desktop\Addition.txt
2017-02-15 03:33 - 2017-02-15 19:41 - 00014346 ____C C:\Users\Johnny\Desktop\FRST.txt
2017-02-15 03:32 - 2017-02-15 03:32 - 00001018 ____C C:\Users\Johnny\Downloads\FRST64 - Shortcut.lnk
2017-02-15 03:12 - 2017-02-15 03:13 - 00030012 ____C C:\Users\Johnny\Downloads\Addition.txt
2017-02-15 03:11 - 2017-02-15 03:13 - 00093169 ____C C:\Users\Johnny\Downloads\FRST.txt
2017-02-15 03:10 - 2017-02-15 19:41 - 00000000 ___DC C:\FRST
2017-02-15 03:09 - 2017-02-15 19:41 - 02422272 ____C (Farbar) C:\Users\Johnny\Desktop\FRST64.exe
2017-02-15 03:03 - 2017-02-15 03:03 - 00016656 ____C C:\Users\Johnny\Documents\JOHNNY-PC.speccy
2017-02-15 03:02 - 2017-02-15 03:02 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-15 03:02 - 2017-02-15 03:02 - 00000863 ____C C:\Users\Public\Desktop\CCleaner.lnk
2017-02-15 03:02 - 2017-02-15 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-15 03:01 - 2017-02-15 03:02 - 00000000 ____D C:\Program Files\CCleaner
2017-02-15 03:01 - 2017-02-15 03:01 - 00000837 ____C C:\Users\Public\Desktop\Speccy.lnk
2017-02-15 03:01 - 2017-02-15 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-02-15 03:01 - 2017-02-15 03:01 - 00000000 ____D C:\Program Files\Speccy
2017-02-15 02:59 - 2017-02-15 03:01 - 06293184 ____C (Piriform Ltd) C:\Users\Johnny\Downloads\spsetup130.exe
2017-02-14 19:20 - 2016-12-21 00:43 - 04130440 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-14 19:20 - 2016-12-21 00:43 - 01454504 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-14 19:20 - 2016-12-21 00:42 - 01988560 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-14 19:20 - 2016-12-21 00:42 - 01702392 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-14 19:20 - 2016-12-21 00:42 - 01300600 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-14 19:20 - 2016-12-21 00:06 - 06285312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-14 19:20 - 2016-12-20 23:53 - 04474368 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-14 19:20 - 2016-12-20 23:51 - 05611008 ____C (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-14 19:20 - 2016-12-20 22:09 - 00263472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-14 19:20 - 2016-12-20 21:22 - 01883648 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-14 19:20 - 2016-12-13 22:41 - 01235296 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-14 19:20 - 2016-12-13 21:48 - 01631232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-14 19:20 - 2016-12-13 21:44 - 00114688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-14 19:20 - 2016-12-13 21:38 - 17188864 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-14 19:20 - 2016-12-13 21:23 - 03134976 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-14 19:20 - 2016-12-09 03:42 - 01637728 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-14 19:20 - 2016-12-09 03:42 - 00137568 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-14 19:20 - 2016-12-09 03:29 - 02681200 ____C C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-14 19:20 - 2016-12-09 03:20 - 02677544 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-14 19:20 - 2016-12-09 03:18 - 01100128 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-14 19:20 - 2016-12-09 03:18 - 00989024 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-14 19:20 - 2016-12-09 03:18 - 00947552 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-14 19:20 - 2016-12-09 03:18 - 00811872 ____C (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-14 19:20 - 2016-12-09 03:01 - 00861024 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-14 19:20 - 2016-12-09 02:56 - 00959112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-14 19:20 - 2016-12-09 02:52 - 01415752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-14 19:20 - 2016-12-09 02:33 - 03777536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-14 19:20 - 2016-12-09 02:18 - 02138112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-14 19:20 - 2016-12-09 01:54 - 00483840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-14 19:20 - 2016-11-11 03:02 - 02828376 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-14 19:20 - 2016-11-11 03:01 - 00637400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-14 19:20 - 2016-11-11 03:00 - 00219488 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-14 19:20 - 2016-11-11 02:57 - 01473048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-14 19:20 - 2016-11-11 02:56 - 01062480 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-14 19:20 - 2016-11-11 02:56 - 00126568 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-14 19:20 - 2016-11-11 02:51 - 00454592 ____C (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-14 19:20 - 2016-11-11 02:16 - 00560128 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-14 19:20 - 2016-11-11 02:11 - 00870400 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-14 19:20 - 2016-11-11 02:07 - 01691136 ____C (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-14 19:20 - 2016-11-11 02:03 - 02287616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-14 19:20 - 2016-11-11 00:47 - 05722832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-14 19:20 - 2016-11-11 00:47 - 01430720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-14 19:20 - 2016-11-11 00:38 - 01263856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-14 19:20 - 2016-11-11 00:25 - 00117248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-14 19:20 - 2016-11-11 00:21 - 00332288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-14 19:20 - 2016-11-11 00:18 - 02333184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-14 19:20 - 2016-11-11 00:15 - 01357824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-14 19:20 - 2016-11-11 00:10 - 06109184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-14 19:20 - 2016-11-11 00:09 - 05380608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-14 19:20 - 2016-11-11 00:06 - 02362880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-14 19:20 - 2016-11-11 00:06 - 02109952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-14 19:20 - 2016-11-11 00:04 - 00715264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-14 19:19 - 2016-12-21 01:08 - 00245600 ____C (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-14 19:19 - 2016-12-21 01:08 - 00136032 ____C (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-14 19:19 - 2016-12-21 00:49 - 00328008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-14 19:19 - 2016-12-21 00:46 - 00624048 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-14 19:19 - 2016-12-21 00:43 - 01071736 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-14 19:19 - 2016-12-21 00:42 - 22224480 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-14 19:19 - 2016-12-21 00:41 - 01600632 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-14 19:19 - 2016-12-21 00:15 - 22563840 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-14 19:19 - 2016-12-21 00:08 - 00360448 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-14 19:19 - 2016-12-21 00:05 - 00425984 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-14 19:19 - 2016-12-21 00:05 - 00261632 ____C (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-14 19:19 - 2016-12-21 00:01 - 09131008 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-14 19:19 - 2016-12-20 23:59 - 01908224 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-14 19:19 - 2016-12-20 23:59 - 00883712 ____C (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-14 19:19 - 2016-12-20 23:58 - 23678464 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-14 19:19 - 2016-12-20 23:56 - 00936960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-14 19:19 - 2016-12-20 23:55 - 08129536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-14 19:19 - 2016-12-20 23:55 - 04749312 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-14 19:19 - 2016-12-20 23:53 - 06664192 ____C (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-14 19:19 - 2016-12-20 23:51 - 08075776 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-14 19:19 - 2016-12-20 23:50 - 01490432 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-14 19:19 - 2016-12-20 23:49 - 04149248 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-14 19:19 - 2016-12-20 23:47 - 01121280 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-14 19:19 - 2016-12-20 22:59 - 00218976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-14 19:19 - 2016-12-20 22:01 - 20969928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-14 19:19 - 2016-12-20 21:43 - 00285184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-14 19:19 - 2016-12-20 21:41 - 00253952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-14 19:19 - 2016-12-20 21:40 - 00557568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-14 19:19 - 2016-12-20 21:40 - 00180224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-14 19:19 - 2016-12-20 21:39 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-14 19:19 - 2016-12-20 21:38 - 00866816 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-14 19:19 - 2016-12-20 21:35 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-14 19:19 - 2016-12-20 21:34 - 07626752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-14 19:19 - 2016-12-20 21:33 - 19413504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-14 19:19 - 2016-12-20 21:32 - 19417600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-14 19:19 - 2016-12-20 21:30 - 05398016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-14 19:19 - 2016-12-20 21:30 - 01255936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-14 19:19 - 2016-12-20 21:26 - 01155072 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-14 19:19 - 2016-12-20 21:25 - 06474752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-14 19:19 - 2016-12-20 21:24 - 06044160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-14 19:19 - 2016-12-13 22:34 - 02482280 ____C (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-14 19:19 - 2016-12-13 22:23 - 00404832 ____C (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-14 19:19 - 2016-12-13 22:21 - 02206496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-14 19:19 - 2016-12-13 22:17 - 00319288 ____C (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-14 19:19 - 2016-12-13 22:14 - 01694712 ____C (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-14 19:19 - 2016-12-13 22:01 - 01557808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-14 19:19 - 2016-12-13 22:01 - 00382784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-14 19:19 - 2016-12-13 21:46 - 01631232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-14 19:19 - 2016-12-13 21:43 - 00201728 ____C (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-14 19:19 - 2016-12-13 21:42 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-14 19:19 - 2016-12-13 21:42 - 00208896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-14 19:19 - 2016-12-13 21:42 - 00167424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-14 19:19 - 2016-12-13 21:40 - 00193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-14 19:19 - 2016-12-13 21:38 - 13869056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-14 19:19 - 2016-12-13 21:38 - 00213504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-14 19:19 - 2016-12-13 21:37 - 00090112 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-14 19:19 - 2016-12-13 21:36 - 00539648 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-14 19:19 - 2016-12-13 21:36 - 00074752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-14 19:19 - 2016-12-13 21:35 - 00755712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-14 19:19 - 2016-12-13 21:35 - 00600576 ____C (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-14 19:19 - 2016-12-13 21:35 - 00553984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-14 19:19 - 2016-12-13 21:26 - 00932864 ____C (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-14 19:19 - 2016-12-13 21:26 - 00869888 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-14 19:19 - 2016-12-13 21:24 - 01005568 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-14 19:19 - 2016-12-13 21:24 - 00673792 ____C (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-14 19:19 - 2016-12-13 21:22 - 02317824 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-14 19:19 - 2016-12-13 21:22 - 01513472 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-14 19:19 - 2016-12-13 21:22 - 00391168 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-14 19:19 - 2016-12-09 03:28 - 00764392 ____C (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-14 19:19 - 2016-12-09 03:20 - 02189664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-14 19:19 - 2016-12-09 03:20 - 01738560 ____C (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-14 19:19 - 2016-12-09 03:20 - 00658784 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-14 19:19 - 2016-12-09 03:20 - 00402272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-14 19:19 - 2016-12-09 03:19 - 00168424 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-14 19:19 - 2016-12-09 03:18 - 02913144 ____C (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-14 19:19 - 2016-12-09 03:18 - 01267512 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-14 19:19 - 2016-12-09 03:11 - 02048496 ____C C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-14 19:19 - 2016-12-09 03:01 - 01503544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-14 19:19 - 2016-12-09 03:00 - 00106896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-14 19:19 - 2016-12-09 02:59 - 02166752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-14 19:19 - 2016-12-09 02:59 - 00846560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-14 19:19 - 2016-12-09 02:42 - 00227328 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-14 19:19 - 2016-12-09 02:41 - 00380928 ____C (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-14 19:19 - 2016-12-09 02:41 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-14 19:19 - 2016-12-09 02:37 - 00411136 ____C (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-14 19:19 - 2016-12-09 02:36 - 03059200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-14 19:19 - 2016-12-09 02:36 - 00410112 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-14 19:19 - 2016-12-09 02:34 - 00288768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-14 19:19 - 2016-12-09 02:31 - 03689984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-14 19:19 - 2016-12-09 02:31 - 00313856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-14 19:19 - 2016-12-09 02:25 - 00376832 ____C (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-14 19:19 - 2016-12-09 02:21 - 04746752 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-14 19:19 - 2016-12-09 02:20 - 00730624 ____C (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-14 19:19 - 2016-12-09 02:18 - 03666432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-14 19:19 - 2016-12-09 02:18 - 00165376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-14 19:19 - 2016-12-09 02:16 - 00353280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-14 19:19 - 2016-12-09 02:15 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-14 19:19 - 2016-12-09 02:15 - 00092672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-14 19:19 - 2016-12-09 02:15 - 00068096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-14 19:19 - 2016-11-11 03:15 - 00101216 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-14 19:19 - 2016-11-11 03:14 - 00603488 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-14 19:19 - 2016-11-11 03:13 - 02213760 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-14 19:19 - 2016-11-11 03:13 - 01886344 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-14 19:19 - 2016-11-11 03:13 - 00352096 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-14 19:19 - 2016-11-11 03:12 - 00128352 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-14 19:19 - 2016-11-11 03:08 - 00142176 ____C (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-14 19:19 - 2016-11-11 03:03 - 01069720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-14 19:19 - 2016-11-11 03:00 - 00223584 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-14 19:19 - 2016-11-11 02:59 - 00433504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-14 19:19 - 2016-11-11 02:56 - 04673304 ____C (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-14 19:19 - 2016-11-11 02:56 - 00187520 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-14 19:19 - 2016-11-11 02:55 - 00882680 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-14 19:19 - 2016-11-11 02:55 - 00743224 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-14 19:19 - 2016-11-11 02:27 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-14 19:19 - 2016-11-11 02:26 - 00258560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-14 19:19 - 2016-11-11 02:26 - 00034816 ____C (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-14 19:19 - 2016-11-11 02:25 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-14 19:19 - 2016-11-11 02:25 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-14 19:19 - 2016-11-11 02:24 - 00170496 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-14 19:19 - 2016-11-11 02:24 - 00122880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-14 19:19 - 2016-11-11 02:24 - 00110080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-14 19:19 - 2016-11-11 02:24 - 00098304 ____C (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-14 19:19 - 2016-11-11 02:23 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-14 19:19 - 2016-11-11 02:22 - 00489472 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-14 19:19 - 2016-11-11 02:21 - 00690688 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-14 19:19 - 2016-11-11 02:21 - 00587776 ____C (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-14 19:19 - 2016-11-11 02:20 - 00657920 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-14 19:19 - 2016-11-11 02:20 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-14 19:19 - 2016-11-11 02:19 - 00620544 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-14 19:19 - 2016-11-11 02:19 - 00495104 ____C (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-14 19:19 - 2016-11-11 02:19 - 00198144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-14 19:19 - 2016-11-11 02:18 - 02084352 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-14 19:19 - 2016-11-11 02:18 - 00278016 ____C (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-14 19:19 - 2016-11-11 02:16 - 02716672 ____C (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-14 19:19 - 2016-11-11 02:16 - 01477632 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-14 19:19 - 2016-11-11 02:16 - 00161792 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-14 19:19 - 2016-11-11 02:15 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-14 19:19 - 2016-11-11 02:14 - 02104320 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-14 19:19 - 2016-11-11 02:14 - 00615424 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-14 19:19 - 2016-11-11 02:14 - 00178176 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-14 19:19 - 2016-11-11 02:11 - 00096256 ____C (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-14 19:19 - 2016-11-11 02:09 - 00164352 ____C (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-14 19:19 - 2016-11-11 02:06 - 03400192 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-14 19:19 - 2016-11-11 02:06 - 00650752 ____C (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-14 19:19 - 2016-11-11 02:05 - 04136448 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-14 19:19 - 2016-11-11 02:05 - 01779712 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-14 19:19 - 2016-11-11 02:04 - 02800128 ____C (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-14 19:19 - 2016-11-11 02:04 - 01709056 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-14 19:19 - 2016-11-11 02:04 - 01359360 ____C (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-14 19:19 - 2016-11-11 02:04 - 00909312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-14 19:19 - 2016-11-11 02:03 - 02669056 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-14 19:19 - 2016-11-11 02:03 - 00842240 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-14 19:19 - 2016-11-11 02:03 - 00632320 ____C (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-14 19:19 - 2016-11-11 02:03 - 00283648 ____C (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-14 19:19 - 2016-11-11 01:01 - 01969912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-14 19:19 - 2016-11-11 01:00 - 01706488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-14 19:19 - 2016-11-11 00:49 - 00869848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-14 19:19 - 2016-11-11 00:49 - 00248480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-14 19:19 - 2016-11-11 00:42 - 00152416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-14 19:19 - 2016-11-11 00:41 - 04311736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-14 19:19 - 2016-11-11 00:25 - 00071168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-14 19:19 - 2016-11-11 00:24 - 00138240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-14 19:19 - 2016-11-11 00:19 - 00298496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-14 19:19 - 2016-11-11 00:19 - 00284672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-14 19:19 - 2016-11-11 00:19 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-14 19:19 - 2016-11-11 00:18 - 01336320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-14 19:19 - 2016-11-11 00:18 - 00318464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-14 19:19 - 2016-11-11 00:17 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-14 19:19 - 2016-11-11 00:16 - 00253952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-14 19:19 - 2016-11-11 00:15 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-14 19:19 - 2016-11-11 00:14 - 00395264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-14 19:19 - 2016-11-11 00:12 - 00259584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-14 19:19 - 2016-11-11 00:06 - 00400384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-14 19:19 - 2016-11-11 00:05 - 03370496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-14 19:19 - 2016-11-11 00:04 - 02682880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-14 19:19 - 2016-11-11 00:04 - 00912896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-14 19:19 - 2016-11-11 00:03 - 02484736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-14 19:19 - 2016-11-11 00:03 - 01576448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-14 19:19 - 2016-11-11 00:03 - 01556480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-14 19:19 - 2016-11-11 00:03 - 00772608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-14 19:19 - 2016-11-11 00:03 - 00760832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-14 19:19 - 2016-11-11 00:03 - 00565248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-14 19:19 - 2016-11-11 00:02 - 00711680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-14 19:18 - 2016-12-21 01:04 - 07816032 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-14 19:18 - 2016-12-21 00:45 - 00153952 ____C (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-02-14 19:18 - 2016-12-21 00:43 - 00092512 ____C (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-14 19:18 - 2016-12-21 00:42 - 00241504 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-14 19:18 - 2016-12-21 00:14 - 00043008 ____C (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-14 19:18 - 2016-12-21 00:09 - 00368640 ____C (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-14 19:18 - 2016-12-21 00:09 - 00363520 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-14 19:18 - 2016-12-21 00:08 - 00418304 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-14 19:18 - 2016-12-21 00:08 - 00289792 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-14 19:18 - 2016-12-21 00:08 - 00211968 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-14 19:18 - 2016-12-21 00:07 - 00748544 ____C (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-14 19:18 - 2016-12-21 00:06 - 00310784 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-14 19:18 - 2016-12-21 00:06 - 00260608 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-14 19:18 - 2016-12-21 00:06 - 00147456 ____C (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-14 19:18 - 2016-12-21 00:05 - 00049152 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-14 19:18 - 2016-12-21 00:00 - 00440320 ____C (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-14 19:18 - 2016-12-20 23:57 - 00462336 ____C (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-14 19:18 - 2016-12-20 23:56 - 00947712 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-14 19:18 - 2016-12-20 23:54 - 05511680 ____C (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-14 19:18 - 2016-12-20 23:51 - 02275840 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-14 19:18 - 2016-12-20 23:49 - 02691072 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-14 19:18 - 2016-12-20 23:49 - 01062912 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-14 19:18 - 2016-12-20 22:03 - 00136544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-02-14 19:18 - 2016-12-20 22:02 - 03892864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-14 19:18 - 2016-12-20 22:02 - 01852720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-14 19:18 - 2016-12-20 22:02 - 01360464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-14 19:18 - 2016-12-20 22:02 - 01277344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-14 19:18 - 2016-12-20 22:02 - 01201872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-14 19:18 - 2016-12-20 22:02 - 00980832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-14 19:18 - 2016-12-20 21:46 - 00034304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-14 19:18 - 2016-12-20 21:41 - 00231936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-14 19:18 - 2016-12-20 21:40 - 00318976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-14 19:18 - 2016-12-20 21:40 - 00237056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-14 19:18 - 2016-12-20 21:39 - 01300480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-14 19:18 - 2016-12-20 21:35 - 04612608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-14 19:18 - 2016-12-20 21:27 - 00640000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-14 19:18 - 2016-12-20 21:25 - 07469056 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-14 19:18 - 2016-12-20 21:24 - 05061120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-14 19:18 - 2016-12-20 21:24 - 00886272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-14 19:18 - 2016-12-20 21:22 - 00860672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-14 19:18 - 2016-12-13 22:41 - 00590960 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-14 19:18 - 2016-12-13 22:33 - 01356864 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-14 19:18 - 2016-12-13 22:19 - 00584544 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-14 19:18 - 2016-12-13 22:18 - 00715104 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-14 19:18 - 2016-12-13 22:14 - 00418952 ____C (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-14 19:18 - 2016-12-13 22:14 - 00089416 ____C (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-14 19:18 - 2016-12-13 22:06 - 00509792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-14 19:18 - 2016-12-13 22:01 - 00076984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-14 19:18 - 2016-12-13 21:46 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-14 19:18 - 2016-12-13 21:45 - 00147968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-14 19:18 - 2016-12-13 21:42 - 00352768 ____C (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-14 19:18 - 2016-12-13 21:41 - 00223744 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-14 19:18 - 2016-12-13 21:40 - 00324096 ____C (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-14 19:18 - 2016-12-13 21:40 - 00266752 ____C (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-14 19:18 - 2016-12-13 21:40 - 00231424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-14 19:18 - 2016-12-13 21:39 - 00837632 ____C (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-14 19:18 - 2016-12-13 21:39 - 00290816 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-14 19:18 - 2016-12-13 21:39 - 00257024 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-14 19:18 - 2016-12-13 21:38 - 00295424 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-14 19:18 - 2016-12-13 21:36 - 01002496 ____C (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-14 19:18 - 2016-12-13 21:35 - 00712192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-14 19:18 - 2016-12-13 21:32 - 00497152 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-14 19:18 - 2016-12-13 21:25 - 02009600 ____C (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-14 19:18 - 2016-12-13 21:23 - 01231872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-14 19:18 - 2016-12-13 21:22 - 02998272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-14 19:18 - 2016-12-13 21:22 - 02748416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-14 19:18 - 2016-12-13 21:22 - 00707584 ____C (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-14 19:18 - 2016-12-13 21:21 - 03616768 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-14 19:18 - 2016-12-09 03:30 - 00377184 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-14 19:18 - 2016-12-09 03:27 - 00172528 ____C (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-14 19:18 - 2016-12-09 03:19 - 01293152 ____C (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-14 19:18 - 2016-12-09 03:15 - 08168000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-14 19:18 - 2016-12-09 03:14 - 01274712 ____C (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-14 19:18 - 2016-12-09 03:10 - 01572768 ____C (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-14 19:18 - 2016-12-09 03:10 - 01461200 ____C (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-14 19:18 - 2016-12-09 03:01 - 02323728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-14 19:18 - 2016-12-09 02:57 - 06668040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-14 19:18 - 2016-12-09 02:52 - 01435896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-14 19:18 - 2016-12-09 02:33 - 01589760 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-14 19:18 - 2016-12-09 02:32 - 00635904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-14 19:18 - 2016-12-09 02:28 - 03306496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-14 19:18 - 2016-12-09 02:28 - 01004544 ____C (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-14 19:18 - 2016-12-09 02:27 - 13084160 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-14 19:18 - 2016-12-09 02:27 - 05114368 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-14 19:18 - 2016-12-09 02:27 - 00981504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-14 19:18 - 2016-12-09 02:23 - 12177920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-14 19:18 - 2016-12-09 02:22 - 02820096 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-14 19:18 - 2016-12-09 02:21 - 00716800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-14 19:18 - 2016-12-09 02:20 - 03198464 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-14 19:18 - 2016-12-09 02:20 - 00187392 ____C (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-14 19:18 - 2016-12-09 02:20 - 00172544 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-14 19:18 - 2016-12-09 02:17 - 00566784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-14 19:18 - 2016-11-11 03:14 - 02186896 ____C (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-14 19:18 - 2016-11-11 03:03 - 00266544 ____C (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-14 19:18 - 2016-11-11 03:02 - 00360040 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-14 19:18 - 2016-11-11 03:01 - 07219672 ____C (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-14 19:18 - 2016-11-11 03:01 - 01859264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-14 19:18 - 2016-11-11 02:56 - 00424616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-14 19:18 - 2016-11-11 02:56 - 00163752 ____C (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-14 19:18 - 2016-11-11 02:54 - 01418312 ____C (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-14 19:18 - 2016-11-11 02:31 - 00366080 ____C (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-14 19:18 - 2016-11-11 02:27 - 00068096 ____C (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-14 19:18 - 2016-11-11 02:26 - 00163840 ____C (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-14 19:18 - 2016-11-11 02:26 - 00109056 ____C (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-14 19:18 - 2016-11-11 02:25 - 00185344 ____C (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-14 19:18 - 2016-11-11 02:25 - 00147968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-14 19:18 - 2016-11-11 02:25 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-14 19:18 - 2016-11-11 02:24 - 00159744 ____C (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-14 19:18 - 2016-11-11 02:24 - 00158720 ____C (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-14 19:18 - 2016-11-11 02:24 - 00136192 ____C (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-14 19:18 - 2016-11-11 02:24 - 00107520 ____C (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-14 19:18 - 2016-11-11 02:23 - 00567296 ____C (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-14 19:18 - 2016-11-11 02:23 - 00409088 ____C (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-14 19:18 - 2016-11-11 02:23 - 00041472 ____C (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-14 19:18 - 2016-11-11 02:22 - 00143360 ____C (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-14 19:18 - 2016-11-11 02:21 - 00379392 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00641024 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00574464 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00446976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00407552 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00381952 ____C (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00339456 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00176128 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-14 19:18 - 2016-11-11 02:20 - 00115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-14 19:18 - 2016-11-11 02:19 - 00411648 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-14 19:18 - 2016-11-11 02:19 - 00389632 ____C (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-14 19:18 - 2016-11-11 02:19 - 00388096 ____C (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-14 19:18 - 2016-11-11 02:19 - 00366080 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-14 19:18 - 2016-11-11 02:19 - 00320000 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-14 19:18 - 2016-11-11 02:19 - 00285696 ____C (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-14 19:18 - 2016-11-11 02:17 - 00068096 ____C (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-14 19:18 - 2016-11-11 02:16 - 00184832 ____C (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-14 19:18 - 2016-11-11 02:16 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-14 19:18 - 2016-11-11 02:14 - 07654400 ____C (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-14 19:18 - 2016-11-11 02:13 - 07812096 ____C (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-14 19:18 - 2016-11-11 02:13 - 00396800 ____C (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-14 19:18 - 2016-11-11 02:12 - 00870912 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-14 19:18 - 2016-11-11 02:09 - 01366016 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-14 19:18 - 2016-11-11 02:08 - 00539136 ____C (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-14 19:18 - 2016-11-11 02:07 - 03441152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-14 19:18 - 2016-11-11 02:07 - 02953216 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-14 19:18 - 2016-11-11 02:07 - 02510848 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-14 19:18 - 2016-11-11 02:07 - 00991232 ____C (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-14 19:18 - 2016-11-11 02:07 - 00347648 ____C (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-14 19:18 - 2016-11-11 02:06 - 00960000 ____C (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-14 19:18 - 2016-11-11 02:05 - 02852864 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-14 19:18 - 2016-11-11 02:05 - 01031680 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-14 19:18 - 2016-11-11 02:04 - 02611200 ____C (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-14 19:18 - 2016-11-11 02:04 - 00691712 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-14 19:18 - 2016-11-11 02:04 - 00455168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-14 19:18 - 2016-11-11 02:04 - 00389632 ____C (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-14 19:18 - 2016-11-11 02:03 - 04708864 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-14 19:18 - 2016-11-11 02:03 - 00905216 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-14 19:18 - 2016-11-11 02:02 - 03542016 ____C (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-14 19:18 - 2016-11-11 02:02 - 01726976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-14 19:18 - 2016-11-11 00:59 - 01572768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-14 19:18 - 2016-11-11 00:54 - 00122208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-14 19:18 - 2016-11-11 00:48 - 02277248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-14 19:18 - 2016-11-11 00:47 - 00527880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-14 19:18 - 2016-11-11 00:42 - 01123912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-14 19:18 - 2016-11-11 00:42 - 00952416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-14 19:18 - 2016-11-11 00:42 - 00374448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-14 19:18 - 2016-11-11 00:42 - 00091936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-14 19:18 - 2016-11-11 00:41 - 00157536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-14 19:18 - 2016-11-11 00:24 - 00519168 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-14 19:18 - 2016-11-11 00:24 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-14 19:18 - 2016-11-11 00:24 - 00047104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-14 19:18 - 2016-11-11 00:23 - 00140288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-14 19:18 - 2016-11-11 00:23 - 00094208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-14 19:18 - 2016-11-11 00:22 - 00505856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-14 19:18 - 2016-11-11 00:22 - 00122880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-14 19:18 - 2016-11-11 00:21 - 00091648 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-14 19:18 - 2016-11-11 00:20 - 00306176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-14 19:18 - 2016-11-11 00:19 - 01755136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-14 19:18 - 2016-11-11 00:19 - 00506880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-14 19:18 - 2016-11-11 00:19 - 00364544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-14 19:18 - 2016-11-11 00:19 - 00114176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-14 19:18 - 2016-11-11 00:15 - 00348672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-14 19:18 - 2016-11-11 00:15 - 00285696 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-14 19:18 - 2016-11-11 00:10 - 00746496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-14 19:18 - 2016-11-11 00:09 - 00545280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-14 19:18 - 2016-11-11 00:08 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-14 19:18 - 2016-11-11 00:06 - 00359936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-14 19:18 - 2016-11-11 00:05 - 04423680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-14 19:18 - 2016-11-11 00:04 - 01992704 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-14 19:18 - 2016-11-11 00:04 - 01595392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-14 19:18 - 2016-11-11 00:04 - 00358912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-14 19:18 - 2016-11-11 00:03 - 02256384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-14 19:17 - 2016-12-21 00:37 - 00455520 ____C (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-14 19:17 - 2016-12-21 00:13 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-14 19:17 - 2016-12-21 00:12 - 00083968 ____C (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-14 19:17 - 2016-12-21 00:10 - 00234496 ____C (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-14 19:17 - 2016-12-21 00:08 - 01292288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-14 19:17 - 2016-12-21 00:08 - 00349184 ____C (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-14 19:17 - 2016-12-20 23:53 - 01692672 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-14 19:17 - 2016-12-20 21:24 - 03733504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-14 19:17 - 2016-12-13 22:18 - 00335712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-14 19:17 - 2016-12-13 22:08 - 00341344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-14 19:17 - 2016-12-13 21:40 - 00104448 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-14 19:17 - 2016-12-13 21:32 - 00806400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-14 19:17 - 2016-12-09 03:34 - 01051112 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-14 19:17 - 2016-12-09 03:34 - 00894096 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-14 19:17 - 2016-12-09 03:33 - 01354320 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-14 19:17 - 2016-12-09 03:33 - 01173496 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-14 19:17 - 2016-12-09 02:51 - 00117240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-14 19:17 - 2016-12-09 02:45 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-14 19:17 - 2016-12-09 02:19 - 00433664 ____C (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-14 19:17 - 2016-12-09 02:19 - 00261120 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-14 19:17 - 2016-12-09 02:19 - 00119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-14 19:17 - 2016-12-09 02:19 - 00085504 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-14 19:17 - 2016-11-11 03:15 - 00198856 ____C (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-14 19:17 - 2016-11-11 02:28 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-14 19:17 - 2016-11-11 02:26 - 00042496 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-14 19:17 - 2016-11-11 02:25 - 00151040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-14 19:17 - 2016-11-11 02:25 - 00089600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-14 19:17 - 2016-11-11 02:22 - 00082944 ____C (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-14 19:17 - 2016-11-11 02:21 - 00313856 ____C (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-14 19:17 - 2016-11-11 02:17 - 01220096 ____C (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-14 19:17 - 2016-11-11 02:15 - 00282624 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-14 19:17 - 2016-11-11 02:15 - 00159232 ____C (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-14 19:17 - 2016-11-11 02:14 - 00713216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-14 19:17 - 2016-11-11 02:13 - 00306176 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-14 19:17 - 2016-11-11 02:07 - 01060864 ____C (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-14 19:17 - 2016-11-11 02:02 - 00936448 ____C (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-14 19:17 - 2016-11-11 01:01 - 00167848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-14 19:17 - 2016-11-11 00:27 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-14 19:17 - 2016-11-11 00:26 - 00030720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-14 19:17 - 2016-11-11 00:18 - 01196544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-14 19:17 - 2016-11-11 00:18 - 00431616 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-14 19:17 - 2016-11-11 00:18 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 19:17 - 2016-11-11 00:17 - 00333312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-14 19:17 - 2016-11-11 00:06 - 01228288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-14 18:19 - 2016-12-21 00:08 - 00142848 ____C (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-14 18:19 - 2016-12-20 21:44 - 00120320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-12 10:56 - 2017-02-12 10:56 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-02-12 10:44 - 2017-02-12 10:46 - 00000000 ____D C:\Users\Johnny\AppData\Local\ConnectedDevicesPlatform
2017-02-12 10:44 - 2017-02-12 10:44 - 00000020 ___SH C:\Users\Johnny\ntuser.ini
2017-01-22 05:04 - 2017-01-22 04:37 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-22 04:59 - 2017-01-22 04:59 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\Program Files\MSBuild
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-01-22 04:57 - 2017-01-22 04:57 - 00000000 ____D C:\inetpub
2017-01-22 04:57 - 2017-01-22 04:15 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-22 04:56 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-01-22 04:56 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-01-22 04:56 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-01-22 04:56 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-01-22 04:56 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-01-22 04:56 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default\My Documents
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2017-01-22 04:37 - 2017-01-22 04:37 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2017-01-22 04:35 - 2017-01-22 04:36 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-01-22 04:35 - 2017-01-22 04:36 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-01-22 04:34 - 2017-02-15 18:08 - 00003804 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-01-22 04:34 - 2017-02-12 19:54 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-22 04:34 - 2017-01-27 14:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-01-22 04:34 - 2017-01-22 04:34 - 00003356 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1484735935
2017-01-22 04:34 - 2017-01-22 04:34 - 00003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-22 04:34 - 2017-01-22 04:34 - 00003244 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2EC4D74F-8F07-40F6-B144-B31C980849C9}
2017-01-22 04:34 - 2017-01-22 04:34 - 00003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-22 04:34 - 2017-01-22 04:34 - 00002806 _____ C:\WINDOWS\System32\Tasks\AllmyappsUpdateTask
2017-01-22 04:34 - 2017-01-22 04:34 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-22 04:34 - 2017-01-22 04:34 - 00002700 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2017-01-22 04:34 - 2017-01-22 04:34 - 00002294 _____ C:\WINDOWS\System32\Tasks\{CEFB83C8-0474-4FB4-9E72-701FC15914E5}
2017-01-22 04:34 - 2017-01-22 04:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-01-22 04:18 - 2017-01-22 04:18 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-01-22 04:18 - 2017-01-22 04:18 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2017-01-22 04:18 - 2017-01-22 04:18 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2017-01-22 04:18 - 2017-01-22 04:18 - 00000000 ____D C:\Users\Default\AppData\Local\Overwolf
2017-01-22 04:18 - 2017-01-22 04:18 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2017-01-22 04:18 - 2017-01-22 04:18 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2017-01-22 04:18 - 2017-01-22 04:18 - 00000000 ____D C:\Users\Default User\AppData\Local\Overwolf
2017-01-22 04:14 - 2017-01-22 04:20 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-01-22 04:14 - 2017-01-22 04:14 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-01-22 04:12 - 2017-02-15 02:57 - 00000000 ____D C:\Users\Johnny
2017-01-22 04:12 - 2017-02-12 10:56 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\Johnny\My Documents
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\Johnny\Documents\My Videos
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\Johnny\Documents\My Pictures
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\Johnny\Documents\My Music
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\DefaultAppPool\My Documents
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Videos
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Pictures
2017-01-22 04:12 - 2017-01-22 04:12 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\My Music
2017-01-22 04:11 - 2017-01-22 04:11 - 00987656 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-01-22 04:07 - 2017-01-22 04:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-01-22 04:07 - 2017-01-22 04:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-01-22 04:07 - 2017-01-22 04:07 - 00000000 ____D C:\Program Files\Synaptics
2017-01-18 03:39 - 2017-01-19 03:54 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-01-18 03:39 - 2017-01-18 03:39 - 00001088 ____C C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-01-16 14:49 - 2017-01-16 14:49 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-01-16 14:47 - 2017-01-16 14:44 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-01-16 14:46 - 2017-01-16 14:46 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-01-16 14:45 - 2017-01-16 14:45 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2017-01-16 09:08 - 2017-01-16 09:07 - 21628640 ____C (Microsoft Corporation) C:\Users\Johnny\Downloads\OneDriveSetup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-15 18:42 - 2016-11-20 11:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-15 18:39 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-15 18:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-15 18:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-15 18:08 - 2014-01-08 12:25 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-15 17:58 - 2014-02-08 19:21 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Allmyapps
2017-02-15 17:24 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-15 03:58 - 2014-01-12 21:30 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Skype
2017-02-15 02:58 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2017-02-15 02:57 - 2016-11-20 11:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-14 22:26 - 2016-11-20 11:47 - 01070296 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-14 22:22 - 2016-11-20 11:37 - 00208072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-14 22:22 - 2016-11-20 11:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-14 22:21 - 2016-07-15 23:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-14 22:19 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-14 22:19 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-14 22:19 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-14 22:19 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-14 22:19 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-14 19:31 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-14 18:26 - 2016-07-16 04:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-14 18:11 - 2016-03-13 18:48 - 00002405 _____ C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-14 18:11 - 2016-03-13 18:48 - 00000000 ___RD C:\Users\Johnny\OneDrive
2017-02-14 18:10 - 2014-01-27 16:53 - 00000000 ___DC C:\Users\Johnny\AppData\Local\Overwolf
2017-02-14 18:06 - 2014-02-04 08:37 - 00000258 __RSH C:\ProgramData\ntuser.pol
2017-02-14 17:56 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-12 11:12 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-12 11:04 - 2014-02-04 08:37 - 00000000 ___DC C:\Users\Johnny\AppData\Local\Packages
2017-02-12 10:54 - 2014-01-27 16:58 - 00000000 ___DC C:\Program Files (x86)\Overwolf
2017-02-12 10:53 - 2014-03-13 09:31 - 00000000 __RDC C:\Program Files (x86)\Skype
2017-02-12 10:53 - 2014-01-12 21:29 - 00000000 ___DC C:\ProgramData\Skype
2017-02-06 13:06 - 2014-01-08 13:38 - 00002272 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-23 04:48 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-01-22 05:04 - 2016-07-16 04:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-01-22 04:57 - 2016-11-20 11:11 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-01-22 04:57 - 2016-11-20 11:11 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-01-22 04:57 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-01-22 04:57 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-01-22 04:57 - 2016-07-16 04:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-01-22 04:57 - 2016-07-16 04:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-01-22 04:57 - 2016-07-16 04:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-01-22 04:57 - 2016-07-16 04:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-01-22 04:57 - 2016-07-16 04:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-01-22 04:57 - 2016-07-16 04:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-01-22 04:57 - 2016-07-16 04:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-01-22 04:57 - 2016-07-16 04:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-01-22 04:57 - 2016-07-16 04:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-01-22 04:57 - 2016-07-16 04:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-01-22 04:57 - 2016-07-16 04:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-01-22 04:57 - 2016-07-16 04:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-01-22 04:57 - 2016-07-16 04:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-01-22 04:57 - 2016-07-16 04:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-01-22 04:57 - 2016-07-16 04:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-01-22 04:57 - 2016-07-16 04:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-01-22 04:57 - 2016-07-16 04:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-01-22 04:37 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-22 04:35 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Registration
2017-01-22 04:34 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-01-22 04:34 - 2015-10-30 00:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-01-22 04:27 - 2016-03-13 15:22 - 00022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-01-22 04:26 - 2016-07-16 04:47 - 00000000 __RSD C:\WINDOWS\Media
2017-01-22 04:26 - 2016-07-16 04:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-22 04:20 - 2016-07-15 23:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-01-22 04:20 - 2015-07-21 07:52 - 00000000 ___DC C:\WINDOWS\SysWOW64\vbox
2017-01-22 04:20 - 2015-07-21 07:52 - 00000000 ___DC C:\WINDOWS\system32\vbox
2017-01-22 04:20 - 2015-07-19 20:10 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-01-22 04:20 - 2015-05-14 13:03 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2017-01-22 04:20 - 2015-03-22 08:40 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2017-01-22 04:20 - 2015-03-22 08:21 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-01-22 04:20 - 2015-03-22 06:51 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-22 04:20 - 2014-12-13 09:51 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-01-22 04:20 - 2014-09-05 13:58 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-01-22 04:20 - 2014-03-30 18:27 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2017-01-22 04:20 - 2014-03-29 14:22 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x86)
2017-01-22 04:20 - 2014-03-29 14:19 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
2017-01-22 04:20 - 2014-03-27 18:34 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
2017-01-22 04:20 - 2014-03-22 19:54 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Update
2017-01-22 04:20 - 2014-02-08 19:22 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allmyapps
2017-01-22 04:20 - 2014-02-08 19:20 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Systweak Support Dock
2017-01-22 04:20 - 2014-01-27 16:58 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-01-22 04:20 - 2014-01-27 16:52 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-01-22 04:20 - 2014-01-27 16:50 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFix
2017-01-22 04:20 - 2014-01-13 03:04 - 00000000 ___DC C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2017-01-22 04:20 - 2014-01-10 11:31 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-01-22 04:18 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-22 04:18 - 2015-10-29 23:28 - 00000000 ____D C:\Users\Default.migrated
2017-01-22 04:16 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-01-22 04:16 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-01-22 04:16 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\IME
2017-01-22 04:16 - 2014-01-29 10:57 - 00000000 ___DC C:\WINDOWS\SysWOW64\SearchProtect
2017-01-22 04:16 - 2014-01-08 12:14 - 00000000 ___DC C:\WINDOWS\SysWOW64\sda
2017-01-22 04:15 - 2016-07-16 04:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-01-22 04:15 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\schemas
2017-01-22 04:15 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Resources
2017-01-22 04:15 - 2016-02-06 07:42 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-01-22 04:15 - 2014-09-05 13:56 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2017-01-22 04:15 - 2014-03-24 16:00 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Powerteq
2017-01-22 04:15 - 2014-03-04 21:41 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2017-01-22 04:14 - 2016-07-16 04:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-01-22 04:14 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-22 04:14 - 2009-07-13 22:32 - 00000000 ___DC C:\Program Files\Microsoft Games
2017-01-22 04:14 - 2009-07-13 20:20 - 00000000 __HDC C:\WINDOWS\system32\GroupPolicy
2017-01-21 12:03 - 2014-02-08 19:28 - 00000400 ____C C:\WINDOWS\Tasks\AllmyappsUpdateTask.job
2017-01-18 03:38 - 2014-01-10 11:31 - 00000000 ___DC C:\Program Files\Microsoft Silverlight
2017-01-18 03:38 - 2014-01-10 11:31 - 00000000 ___DC C:\Program Files (x86)\Microsoft Silverlight
2017-01-16 16:28 - 2014-01-07 23:18 - 00000000 ___DC C:\WINDOWS\system32\MRT
2017-01-16 16:24 - 2014-01-07 23:18 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-16 14:49 - 2014-01-08 13:36 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-01-16 14:49 - 2014-01-08 13:36 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-01-16 14:48 - 2014-01-08 13:36 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-01-16 14:46 - 2014-08-04 09:20 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-01-16 14:46 - 2014-01-08 13:36 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.148460334085910
2017-01-16 14:46 - 2014-01-08 13:36 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148460334356212
2017-01-16 14:46 - 2014-01-08 13:36 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-01-16 14:46 - 2014-01-08 13:36 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-01-16 14:46 - 2014-01-08 13:36 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-01-16 14:46 - 2014-01-08 13:36 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-01-16 14:46 - 2014-01-08 13:34 - 00000000 ___DC C:\ProgramData\AVAST Software
2017-01-16 14:44 - 2014-01-08 13:36 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.148460333426507
2017-01-16 14:43 - 2014-01-08 13:35 - 00000000 ___DC C:\Program Files\AVAST Software
==================== Files in the root of some directories =======
2014-01-27 17:50 - 2014-02-08 00:51 - 0000080 ____C () C:\Users\Johnny\AppData\Roaming\WB.CFG
2014-09-28 14:09 - 2014-09-28 14:09 - 0004608 ____C () C:\Users\Johnny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-24 16:04 - 2014-03-24 16:30 - 0038529 ____C () C:\ProgramData\Spark.log
Files to move or delete:
====================
C:\Users\Johnny\Symbols.cmd
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-14 18:42
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
Ran by Johnny (15-02-2017 19:42:26)
Running from C:\Users\Johnny\Desktop
Windows 10 Home Version 1607 (X64) (2017-01-22 11:37:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-341713979-2683877852-2757265087-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-341713979-2683877852-2757265087-503 - Limited - Disabled)
Guest (S-1-5-21-341713979-2683877852-2757265087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-341713979-2683877852-2757265087-1002 - Limited - Enabled)
Johnny (S-1-5-21-341713979-2683877852-2757265087-1000 - Administrator - Enabled) => C:\Users\Johnny
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Allmyapps (HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\Allmyapps) (Version: 2.0.0.24 - Allmyapps)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Curse Client (HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Debugging Tools for Windows (x86) (HKLM-x32\...\{D09605BE-5587-4B0C-86C8-69B5092CB80F}) (Version: 6.12.2.633 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft OneDrive (HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.102.213.0 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
RICOH R5U230 Media Driver ver.2.06.03.02 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.03.02 - RICOH)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C2806}) (Version: 12.40.6.15 - APN, LLC) <==== ATTENTION
Shopping App by Ask (HKLM-x32\...\{4F524A2D-5354-2D53-5045-A758B70C2300}) (Version: 12.35.0.285 - APN, LLC)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.103 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SmartPCFix 3.09 (HKLM-x32\...\SmartPCFix_is1) (Version: - smartpcfix.com, Inc.) <==== ATTENTION
Spark (HKLM-x32\...\{3F02365C-7E83-4F7C-93F0-04F6DF548962}) (Version: 1.0.0.0 - Powerteq)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
Systweak Support Dock (HKLM-x32\...\{266DBE1C-B640-46ee-9A6D-86F0A1E483B9}_is1) (Version: 1.1.100.15768 - Systweak Software) <==== ATTENTION
TeamSpeak 3 Client (HKU\S-1-5-21-341713979-2683877852-2757265087-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.7 - TOSHIBA Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {100504A8-60E5-4DBD-943C-90047DA2E201} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION
Task: {10C9FCCF-7551-415F-8166-85DDFCE2AF11} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {11E38167-2293-4A62-83CC-3BA8B903B73C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {1256A02B-C010-477C-B0F4-D263222FA24E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1763800F-A903-4C9E-BA67-A816A6CB8CC2} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {185991F2-85F3-4B8B-A164-81327E3DB60F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1B1F901E-CB2C-4185-B2F6-92AD4072503B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2017-01-16] (AVAST Software)
Task: {1D71C098-E01E-4AFE-9F8C-ED7DA7AD6CBA} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {26B84641-8A42-4D10-962A-DA8FF5268826} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {27FBA111-E88C-4BFF-BDE6-2D33E71AC17E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2C1AB72D-D992-4F33-99A5-0418FB099212} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {2C2AC6FB-8A06-444F-A4EC-258763070F9F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION
Task: {35A3F9F3-1DDC-439C-A3C6-20392C5EEB2B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3D080209-5350-4689-AB2B-5548F505C358} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {3EA97EA1-B492-45A1-A781-8EE9FFFD27AF} - System32\Tasks\AllmyappsUpdateTask => C:\Users\Johnny\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe [2014-02-20] (Allmyapps)
Task: {3EEF0E17-B975-48D5-B9B5-E637359100E0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {4118A6EE-99A4-4529-8AF9-0203AAAC4725} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {43E235DF-739A-4A99-BFF9-28C91187A8C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {43FE208C-E067-49D9-8CB7-1EEBF867B865} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {5BBBF1AA-B75F-45A5-8B40-F4547C46DDFA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {5EA08CD1-BDF0-4263-AE5C-0446A281AE3D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {613F3D00-F6FF-4DCD-B69F-FD6FD8499844} - \TidyNetwork Update -> No File <==== ATTENTION
Task: {61F8F805-0376-49B7-AB8A-3B70F9C183A2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6369623C-8310-43B6-B0F8-AC88E35277C7} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {659D9C62-F9D6-4A89-92E4-1A5ACDC99C80} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-02-02] (Overwolf LTD)
Task: {6691142A-C6C1-43E2-B836-BD2C761B0F11} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6BBE8549-98D3-4719-A75E-BDF5722A301C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6C8D769B-FF34-430D-90FF-8EF42E7B6179} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {72414D88-852C-4D54-99CA-57D410B4775C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8153231F-8BDC-4F57-958B-105E58E3B0E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)
Task: {839B8ACE-7DB1-4290-8D78-8F7F7EC08D8D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8690C975-68A6-4268-8343-2739680FBEBF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {89CE1580-D54E-492B-85FE-438F21BA0FAE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {94DF4E8C-EE1B-4207-9A93-4691A1F6CF3F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {A191C8DB-6CE7-4B0F-9A4B-7688CCEDD70A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A32C023F-568A-4873-837A-2B8AFC4BC303} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A571226A-C794-4050-934E-002632635ED5} - System32\Tasks\SafeZone scheduled Autoupdate 1484735935 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {AB79822A-58E2-43C0-9682-30C3F2823DC9} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION
Task: {B422B248-B0C8-4AF3-B77E-A936965BE101} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B42AC352-85B0-4405-A7CF-BC7DE3003825} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C3532A62-60C9-479A-A8C3-FE29F1EA8142} - System32\Tasks\{CEFB83C8-0474-4FB4-9E72-701FC15914E5} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12007
Task: {CBA1629D-E491-467F-8650-59095F2BAC06} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)
Task: {CF27DC6F-94AD-454A-A984-204EA09F281A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {D5C1A222-FB0E-4562-A5F7-B27F2724DDEC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D66FB8E4-4B2D-40D2-BBB9-D148E4B4F78F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DB32C486-6539-421E-9282-03E72AE19B3A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F19368D8-8075-404F-84D6-F86B2E89441A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F28502D0-D8ED-495F-8E63-6BD29C22AFB5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {F33BA975-DE0E-48F1-B6CC-8CA91E92B624} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F62B1B57-3C21-493B-988A-86F3CA9969A4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AllmyappsUpdateTask.job => C:\Users\Johnny\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 04:42 - 2016-07-16 04:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-14 19:20 - 2016-12-09 03:29 - 02681200 ____C () C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-14 19:20 - 2016-12-09 03:29 - 02681200 ____C () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-20 11:11 - 2016-11-20 11:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-14 19:19 - 2016-12-21 00:09 - 00474112 ____C () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-14 19:18 - 2016-12-20 23:54 - 09760768 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-14 19:18 - 2016-12-20 23:48 - 01401856 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-14 19:18 - 2016-12-20 23:48 - 00757248 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-14 19:18 - 2016-12-20 23:48 - 01033216 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-14 19:18 - 2016-12-20 23:48 - 02424320 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-14 19:18 - 2016-12-20 23:53 - 04853760 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-14 18:54 - 2017-02-14 19:07 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-14 18:54 - 2017-02-14 19:07 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-14 18:54 - 2017-02-14 19:07 - 42895872 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-14 18:54 - 2017-02-14 19:07 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\roottools.dll
2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-01-16 14:45 - 2017-01-16 14:45 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-16 14:45 - 2017-01-16 14:45 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-02-15 14:24 - 2017-02-15 14:24 - 05833216 _____ () C:\Program Files\AVAST Software\Avast\defs\17021505\algo.dll
2014-02-08 19:22 - 2014-02-20 11:57 - 00087040 _____ () C:\Users\Johnny\AppData\Roaming\Allmyapps\qjson.dll
2014-02-08 19:22 - 2014-02-20 11:57 - 00055808 _____ () C:\Users\Johnny\AppData\Roaming\Allmyapps\CrashRpt1301.dll
2017-01-16 14:46 - 2017-01-16 14:46 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-06 13:06 - 2017-02-01 02:01 - 01870168 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 13:06 - 2017-02-01 02:01 - 00085848 ____C () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ___AC C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-341713979-2683877852-2757265087-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Johnny\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E82C1EFA-CBC5-4B7F-B069-E6DC29324FF1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7797D900-B481-4F74-8B1D-9F9D95563340}] => (Allow) C:\Users\Johnny\AppData\Roaming\Allmyapps\Allmyapps.exe
FirewallRules: [{D1BC70E0-2E83-4687-BA5B-329C20E8F06B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{B60E2032-3012-4B88-8A31-173E07B3CDA5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{15A56DAD-9A5E-42B0-8668-D45A5D49A5F7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3F3DFD65-42F6-4A13-A8D7-6E5FBE2DD21F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{3EA9DD72-43CB-4303-824A-CA7D16F04E96}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/15/2017 03:02:33 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/12/2017 11:11:15 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/12/2017 11:11:15 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (02/12/2017 11:11:15 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (02/12/2017 11:11:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/12/2017 11:11:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/12/2017 11:11:14 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/12/2017 10:54:47 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (02/12/2017 10:54:43 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (02/12/2017 10:54:42 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
System errors:
=============
Error: (02/15/2017 02:57:32 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "JOHNNY-PC :0" could not be registered on the interface with IP address 192.168.1.77.
The computer with the IP address 192.168.1.112 did not allow the name to be claimed by
this computer.
Error: (02/15/2017 02:57:32 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "JOHNNY-PC :20" could not be registered on the interface with IP address 192.168.1.77.
The computer with the IP address 192.168.1.112 did not allow the name to be claimed by
this computer.
Error: (02/15/2017 02:57:32 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D123C037-CF19-487A-A03A-C2F622572C69} because another computer on the network has the same name. The server could not start.
Error: (02/15/2017 02:57:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (02/14/2017 10:22:33 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "JOHNNY-PC :20" could not be registered on the interface with IP address 192.168.1.77.
The computer with the IP address 192.168.1.112 did not allow the name to be claimed by
this computer.
Error: (02/14/2017 10:22:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "JOHNNY-PC :0" could not be registered on the interface with IP address 192.168.1.77.
The computer with the IP address 192.168.1.112 did not allow the name to be claimed by
this computer.
Error: (02/14/2017 10:22:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "JOHNNY-PC :0" could not be registered on the interface with IP address 192.168.1.77.
The computer with the IP address 192.168.1.112 did not allow the name to be claimed by
this computer.
Error: (02/14/2017 10:22:33 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D123C037-CF19-487A-A03A-C2F622572C69} because another computer on the network has the same name. The server could not start.
Error: (02/14/2017 10:22:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (02/14/2017 10:22:24 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "JOHNNY-PC :0" could not be registered on the interface with IP address 192.168.1.77.
The computer with the IP address 192.168.1.112 did not allow the name to be claimed by
this computer.
==================== Memory info ===========================
Processor: Intel® Core™ i3 CPU M 330 @ 2.13GHz
Percentage of memory in use: 50%
Total physical RAM: 3894.84 MB
Available physical RAM: 1913.42 MB
Total Virtual: 7862.84 MB
Available Virtual: 5781.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.17 GB) (Free:405.65 GB) NTFS
Drive d: (GET_SMART) (CDROM) (Total:7.22 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 038DAA32)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=499 MB) - (Type=27)
==================== End of Addition.txt ============================
Got it. Thanks for all your help Joe.Later 
Sign In
Create Account
