I have recently had problems with searchengine redirects, homepage redirects and notice a lot of pop up advertising on websites where there used to be no ads. I am fairly sure that it has something to do with Chrome extensions although when I open Chrome extensions, I don't see anything that I didn't add myself.
I have run Malwarebytes Premium and managed to get my search engine back to google but still notice a lot of pop up ads and also get a lot of Malwarebytes Premium notifications of blocked attempts for chrome to access certain attempts which, by name, all seem to do with spamming and advertising. I normally use Chrome browser. I run Win 10
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017
Ran by Boss (administrator) on DESKTOP-L3LOVP3 (02-05-2017 10:41:36)
Running from C:\Users\Boss\Desktop\Cleaning
Loaded Profiles: Boss (Available Profiles: Boss)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TENCENT) C:\Program Files (x86)\Tencent\WeChat\WeChat.exe
() C:\Program Files (x86)\Tencent\WeChat\WeChatWeb.exe
(Spotify Ltd) C:\Users\Boss\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Boss\AppData\Roaming\Spotify\Spotify.exe
(iSkysoft) C:\Program Files (x86)\iSkysoft\iMusic\iMusicService.exe
(Spotify Ltd) C:\Users\Boss\AppData\Roaming\Spotify\Spotify.exe
(Seagate) C:\Program Files (x86)\Seagate\Sdrive\Sdrive.exe
(Spotify Ltd) C:\Users\Boss\AppData\Roaming\Spotify\Spotify.exe
(LINE Corporation) C:\Users\Boss\AppData\Local\LINE\bin\current\LINE.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(LINE Corp) C:\Users\Boss\AppData\Local\LINE\bin\current\LinePlayer\LinePlayer.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-20] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528 2015-02-01] (Zbshareware Lab)
HKLM-x32\...\Run: [ACSW18EN] => C:\Program Files (x86)\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe [1470224 2014-09-18] (ACD Systems)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28344536 2017-04-27] (Dropbox, Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (iSkySoft)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [ACDSeeCommander18] => C:\Program Files (x86)\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe [1968136 2014-10-01] ()
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [GoogleChromeAutoLaunch_E5670BDA6DED723847B903C5CED5605F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1111896 2017-03-29] (Google Inc.)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [Wechat] => C:\Program Files (x86)\Tencent\WeChat\WeChat.exe [7769792 2016-12-06] (TENCENT)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [Spotify Web Helper] => C:\Users\Boss\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [Spotify] => C:\Users\Boss\AppData\Roaming\Spotify\Spotify.exe [7064176 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [iMusicService] => C:\Program Files (x86)\iSkysoft\iMusic\iMusicService.exe [16384 2016-10-15] (iSkysoft)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [Sdrive startup] => C:\Program Files (x86)\Seagate\Sdrive\Sdrive.exe [1991456 2016-04-26] (Seagate)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [LINE] => C:\Users\Boss\AppData\Local\LINE\bin\LineLauncher.exe [617840 2017-04-13] (LINE Corporation)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Run: [GoogleChromeAutoLaunch_E4CE65D15B2D5F282D2B3F17EC6A3C72] => "C:\Program Files (x86)\Everbean\Application\chrome.exe" --no-startup-window /prefetch:5
IFEO\DisplaySwitch.exe: [Debugger]
IFEO\taskmgr.exe: [Debugger]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-04-27] (Dropbox, Inc.)
GroupPolicy: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{3b5c717c-8f56-4684-8221-19d5332d495b}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-04-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-04-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-28] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-04-28] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF DefaultProfile: wpetjdsa.default
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Firefox\Firefox\Profiles\wpetjdsa.default [2017-04-26]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-04-11]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-28] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> file:///Users/Mac/Documents/Personal%20Homepage/Personal%20Homepage4.html
CHR StartupUrls: Default -> "file:///D:/My%20D%20Documents/Personal%20Homepage/Personal%20Homepage4.html","hxxps://www.facebook.com/home.php","hxxps://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F%3Fshva%3D1%26ui%3Dhtml%26zy%3Dl&bsv=llya694le36z&ss=1&scc=1<mpl=default<mplcache=2&from=login#inbox","hxxp://twitter.com/","hxxps://plus.google.com/","hxxp://th.hao123.com/?tn=bbl_hp_hao123_th&babsrc=HP_ss&mntrId=98220019214778AF","hxxp://www.linkzb.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default [2017-05-02]
CHR Extension: (Google Slides) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-24]
CHR Extension: (Entanglement Web App) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2017-02-27]
CHR Extension: (Google Docs) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-24]
CHR Extension: (Google Drive) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2017-02-27]
CHR Extension: (Free Proxy to Unblock any sites
Touch VPN) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2017-04-26]
CHR Extension: (YouTube) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-24]
CHR Extension: (Weebly - Website Builder) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb [2017-02-27]
CHR Extension: (Dropbox for Gmail) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2017-02-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-12]
CHR Extension: (Google Calendar) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-02-27]
CHR Extension: (Google Sheets) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-24]
CHR Extension: (Google Docs Offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-24]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-04-19]
CHR Extension: (Remove Donald Trump from Facebook) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhokbihnhhfghkbmihlgfcoafhkghdej [2017-02-27]
CHR Extension: (Knok
Family Travel) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehdddmijbgofffjjmhkodckmnombhmf [2017-02-27]
CHR Extension: (Dropbox) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2017-02-27]
CHR Extension: (WordPress.com) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2017-02-27]
CHR Extension: (Evernote Web) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2017-02-27]
CHR Extension: (Poppit!) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-02-27]
CHR Extension: (Boomerang for Gmail) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2017-02-27]
CHR Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2017-04-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Browsec VPN - Privacy and Security Online) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2017-04-20]
CHR Extension: (Gmail) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-24]
CHR Extension: (Chrome Media Router) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-12]
CHR Extension: (Streak CRM for Gmail) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2017-04-26]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4121570393-846188343-1694475573-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Everbean\Application\chrome.exe <==== ATTENTION
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-04-19] (Microsoft Corporation)
R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536 2016-11-02] (Intel Corporation)
R2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [480224 2016-11-02] (Intel Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-27] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-27] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-04-27] (Dropbox, Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984 2016-11-02] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-01] (© pdfforge GmbH.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-11-21] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\iSkysoft\iMusic\DriverInstall.exe [122528 2016-10-15] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R0 gpt_loader; C:\WINDOWS\System32\DRIVERS\gpt_loader.sys [60752 2016-09-01] (Paragon Software Group)
S3 Hfsplus; C:\WINDOWS\System32\DRIVERS\hfsplus.sys [205136 2016-09-01] (Paragon Software Group)
R2 HfsplusRec; C:\WINDOWS\System32\DRIVERS\hfsplusrec.sys [15184 2016-09-01] (Paragon Software Group)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [11033056 2016-11-02] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-04-30] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-04-30] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-04-30] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-04-30] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-02] (Malwarebytes)
R0 mounthlp; C:\WINDOWS\System32\DRIVERS\mounthlp.sys [44880 2016-09-01] (Paragon Software Group)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R1 scbfs5; C:\WINDOWS\system32\drivers\scbfs5.sys [416440 2015-02-12] (Seagate Corporation)
R3 svpnpbus; C:\WINDOWS\System32\drivers\svpnpbus.sys [18616 2015-02-12] (Seagate Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-02 10:41 - 2017-05-02 10:41 - 00000000 ____D C:\FRST
2017-05-02 10:40 - 2017-05-02 10:41 - 00000000 ____D C:\Users\Boss\Desktop\Cleaning
2017-04-30 15:49 - 2017-04-30 15:49 - 00001567 _____ C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk
2017-04-30 13:15 - 2017-05-02 10:40 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-04-30 13:15 - 2017-04-30 13:24 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-04-30 13:15 - 2017-04-30 13:24 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-04-30 13:15 - 2017-04-30 13:24 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-04-30 13:15 - 2017-04-30 13:15 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-04-30 13:15 - 2017-04-30 13:15 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-04-30 13:15 - 2017-04-30 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-04-30 13:15 - 2017-04-30 13:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-04-30 13:15 - 2017-04-30 13:15 - 00000000 ____D C:\Program Files\Malwarebytes
2017-04-30 13:15 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-04-30 13:14 - 2017-04-30 13:15 - 60107896 _____ (Malwarebytes ) C:\Users\Boss\Desktop\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-04-30 13:00 - 2017-04-30 13:05 - 00000000 ____D C:\WINDOWS\Minidump
2017-04-28 12:27 - 2017-04-28 12:27 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-04-27 15:53 - 2017-04-27 15:53 - 00044757 _____ C:\Users\Boss\Desktop\Phulanna Apr 27, 2017.pdf
2017-04-27 15:26 - 2017-04-27 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-27 01:02 - 2017-04-27 01:02 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-04-26 18:41 - 2017-04-30 13:31 - 00000000 ____D C:\Users\Boss\AppData\Roaming\Elex-tech
2017-04-26 18:41 - 2017-04-26 18:41 - 00000000 ____D C:\WINDOWS\system32\log
2017-04-26 18:41 - 2017-04-26 18:41 - 00000000 ____D C:\Program Files (x86)\Elex-tech
2017-04-26 18:41 - 2016-05-19 13:42 - 00014040 _____ C:\WINDOWS\system32\Drivers\iSafeNetFilter.sys
2017-04-26 17:43 - 2017-04-26 17:43 - 00000129 _____ C:\Users\Boss\Desktop\Mail Merge Test.csv
2017-04-25 12:35 - 2017-04-25 12:35 - 04865624 _____ C:\Users\Boss\Desktop\H1-brochure-2016.pdf
2017-04-24 17:53 - 2017-04-24 17:53 - 00000000 _____ C:\autoexec.bat
2017-04-21 12:42 - 2017-04-21 12:42 - 00000000 _____ C:\WINDOWS\SysWOW64\33
2017-04-21 12:41 - 2017-04-30 13:12 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2017-04-21 12:41 - 2017-04-30 13:12 - 00000000 _____ C:\Users\Public\Documents\report.dat
2017-04-21 12:41 - 2017-04-26 20:43 - 00000000 ____D C:\Users\Boss\AppData\LocalLow\Mozilla
2017-04-21 12:41 - 2017-04-26 18:40 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-04-21 12:41 - 2017-04-21 12:41 - 00002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-04-21 12:41 - 2017-04-21 12:41 - 00001999 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-04-21 12:41 - 2017-04-21 12:41 - 00000000 ____D C:\Users\Boss\AppData\Roaming\Mozilla
2017-04-21 12:41 - 2017-04-21 12:41 - 00000000 ____D C:\Users\Boss\AppData\Roaming\Firefox
2017-04-21 12:41 - 2017-04-21 12:41 - 00000000 ____D C:\Users\Boss\AppData\Local\Firefox
2017-04-21 12:41 - 2017-04-21 12:41 - 00000000 ____D C:\Program Files (x86)\Firefox
2017-04-21 12:41 - 2017-04-21 12:41 - 00000000 _____ C:\WINDOWS\SysWOW64\11
2017-04-18 10:55 - 2017-04-18 10:54 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHS
2017-04-18 10:55 - 2017-04-18 10:54 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHS
2017-04-18 10:54 - 2016-07-15 19:29 - 02963968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0804.dll
2017-04-18 10:54 - 2016-07-15 19:29 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0804.dll
2017-04-18 10:54 - 2016-07-15 19:25 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2017-04-18 10:54 - 2016-07-15 19:17 - 03430912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll
2017-04-18 10:54 - 2016-07-15 18:39 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll
2017-04-18 10:54 - 2016-07-15 18:36 - 03361792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0804.dll
2017-04-13 11:22 - 2017-04-13 11:22 - 00040275 _____ C:\Users\Boss\Desktop\Electronic ticket receipt, April 10 for MR MICHAEL BEHRENS.pdf
2017-04-12 12:41 - 2017-03-28 14:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 12:41 - 2017-03-28 14:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 12:41 - 2017-03-28 13:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 12:41 - 2017-03-28 13:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 12:41 - 2017-03-28 13:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 12:41 - 2017-03-28 13:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 12:41 - 2017-03-28 13:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 12:41 - 2017-03-28 13:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 12:41 - 2017-03-28 13:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 12:41 - 2017-03-28 13:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 12:41 - 2017-03-28 13:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 12:41 - 2017-03-28 13:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 12:41 - 2017-03-28 13:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 12:41 - 2017-03-28 13:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 12:41 - 2017-03-28 13:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 12:41 - 2017-03-28 13:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 12:41 - 2017-03-28 13:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 12:41 - 2017-03-28 13:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 12:41 - 2017-03-28 13:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 12:41 - 2017-03-28 13:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 12:41 - 2017-03-28 13:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 12:41 - 2017-03-28 13:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 12:41 - 2017-03-28 13:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 12:41 - 2017-03-28 13:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 12:41 - 2017-03-28 12:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 12:41 - 2017-03-28 12:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 12:41 - 2017-03-28 12:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 12:41 - 2017-03-28 12:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 12:41 - 2017-03-28 12:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 12:41 - 2017-03-28 12:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 12:41 - 2017-03-28 12:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 12:41 - 2017-03-28 12:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 12:41 - 2017-03-28 12:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 12:41 - 2017-03-28 12:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 12:41 - 2017-03-28 12:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 12:41 - 2017-03-28 12:41 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-04-12 12:41 - 2017-03-28 12:41 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-04-12 12:41 - 2017-03-28 12:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 12:41 - 2017-03-28 12:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 12:41 - 2017-03-28 12:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 12:41 - 2017-03-28 12:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 12:41 - 2017-03-28 12:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 12:41 - 2017-03-28 12:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 12:41 - 2017-03-28 12:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 12:41 - 2017-03-28 12:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 12:41 - 2017-03-28 12:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 12:41 - 2017-03-28 12:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 12:41 - 2017-03-28 12:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 12:41 - 2017-03-28 12:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 12:41 - 2017-03-28 12:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 12:41 - 2017-03-28 12:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 12:41 - 2017-03-28 12:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 12:41 - 2017-03-28 12:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 12:41 - 2017-03-28 12:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 12:41 - 2017-03-28 12:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 12:41 - 2017-03-28 12:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 12:41 - 2017-03-28 12:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 12:41 - 2017-03-28 12:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 12:41 - 2017-03-28 12:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 12:41 - 2017-03-28 12:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 12:41 - 2017-03-28 12:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 12:41 - 2017-03-28 12:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 12:41 - 2017-03-28 12:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 12:41 - 2017-03-28 12:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 12:41 - 2017-03-28 12:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 12:41 - 2017-03-28 12:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 12:41 - 2017-03-28 12:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 12:41 - 2017-03-28 12:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 12:41 - 2017-03-28 12:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 12:41 - 2017-03-28 12:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 12:41 - 2017-03-28 12:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 12:41 - 2017-03-28 12:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 12:41 - 2017-03-28 12:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 12:41 - 2017-03-28 12:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 12:41 - 2017-03-28 12:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 12:41 - 2017-03-28 12:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 12:41 - 2017-03-28 12:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 12:41 - 2017-03-28 12:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 12:41 - 2017-03-28 12:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 12:41 - 2017-03-28 12:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 12:41 - 2017-03-28 12:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 12:41 - 2017-03-28 12:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 12:41 - 2017-03-28 12:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 12:41 - 2017-03-28 12:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 12:41 - 2017-03-28 12:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 12:41 - 2017-03-28 12:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 12:41 - 2017-03-28 12:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 12:41 - 2017-03-28 12:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 12:41 - 2017-03-28 12:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 12:41 - 2017-03-28 12:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 12:41 - 2017-03-28 12:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 12:41 - 2017-03-28 12:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 12:41 - 2017-03-28 12:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 12:41 - 2017-03-28 12:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 12:41 - 2017-03-28 12:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 12:41 - 2017-03-28 12:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 12:41 - 2017-03-28 12:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 12:41 - 2017-03-28 12:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 12:41 - 2017-03-28 12:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 12:41 - 2017-03-28 12:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 12:41 - 2017-03-28 12:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 12:41 - 2017-03-28 12:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 12:41 - 2017-03-28 12:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 12:41 - 2017-03-28 12:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 12:41 - 2017-03-28 12:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 12:41 - 2017-03-28 12:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 12:41 - 2017-03-28 12:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 12:41 - 2017-03-28 12:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 12:41 - 2017-03-28 12:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 12:41 - 2017-03-28 12:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 12:41 - 2017-03-28 12:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 12:41 - 2017-03-28 12:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 12:41 - 2017-03-28 12:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 12:41 - 2017-03-28 12:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 12:41 - 2017-03-28 12:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 12:41 - 2017-03-28 12:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 12:41 - 2017-03-28 12:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 12:41 - 2017-03-28 12:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 12:41 - 2017-03-28 12:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 12:41 - 2017-03-28 12:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 12:41 - 2017-03-28 12:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 12:41 - 2017-03-28 12:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 12:41 - 2017-03-28 12:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 12:41 - 2017-03-28 12:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 12:41 - 2017-03-28 12:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 12:41 - 2017-03-28 12:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 12:41 - 2017-03-28 12:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 12:41 - 2017-03-28 12:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 12:41 - 2017-03-28 12:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 12:41 - 2017-03-28 12:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 12:41 - 2017-03-28 12:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 12:41 - 2017-03-28 12:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 12:41 - 2017-03-28 12:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 12:41 - 2017-03-28 12:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 12:41 - 2017-03-28 12:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 12:41 - 2017-03-28 12:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 12:41 - 2017-03-28 12:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 12:41 - 2017-03-28 12:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 12:41 - 2017-03-28 12:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 12:41 - 2017-03-28 11:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 12:41 - 2017-03-16 11:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 12:40 - 2017-03-28 13:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 12:40 - 2017-03-28 13:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 12:40 - 2017-03-28 13:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 12:40 - 2017-03-28 13:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 12:40 - 2017-03-28 13:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 12:40 - 2017-03-28 13:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 12:40 - 2017-03-28 13:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 12:40 - 2017-03-28 13:26 - 00754528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-04-12 12:40 - 2017-03-28 13:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 12:40 - 2017-03-28 13:26 - 00573280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-04-12 12:40 - 2017-03-28 13:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 12:40 - 2017-03-28 13:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 12:40 - 2017-03-28 13:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 12:40 - 2017-03-28 13:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 12:40 - 2017-03-28 13:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 12:40 - 2017-03-28 13:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 12:40 - 2017-03-28 13:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 12:40 - 2017-03-28 13:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 12:40 - 2017-03-28 13:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 12:40 - 2017-03-28 13:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 12:40 - 2017-03-28 13:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 12:40 - 2017-03-28 13:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 12:40 - 2017-03-28 13:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 12:40 - 2017-03-28 13:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 12:40 - 2017-03-28 13:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 12:40 - 2017-03-28 13:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 12:40 - 2017-03-28 13:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 12:40 - 2017-03-28 13:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 12:40 - 2017-03-28 13:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 12:40 - 2017-03-28 13:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 12:40 - 2017-03-28 13:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 12:40 - 2017-03-28 13:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 12:40 - 2017-03-28 12:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 12:40 - 2017-03-28 12:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 12:40 - 2017-03-28 12:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 12:40 - 2017-03-28 12:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 12:40 - 2017-03-28 12:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 12:40 - 2017-03-28 12:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 12:40 - 2017-03-28 12:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 12:40 - 2017-03-28 12:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 12:40 - 2017-03-28 12:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 12:40 - 2017-03-28 12:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 12:40 - 2017-03-28 12:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 12:40 - 2017-03-28 12:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 12:40 - 2017-03-28 12:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 12:40 - 2017-03-28 12:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 12:40 - 2017-03-28 12:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 12:40 - 2017-03-28 12:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 12:40 - 2017-03-28 12:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 12:40 - 2017-03-28 12:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 12:40 - 2017-03-28 12:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 12:40 - 2017-03-28 12:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 12:40 - 2017-03-28 12:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 12:40 - 2017-03-28 12:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 12:40 - 2017-03-28 12:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 12:40 - 2017-03-28 12:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 12:40 - 2017-03-28 12:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 12:40 - 2017-03-28 12:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 12:40 - 2017-03-28 12:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 12:40 - 2017-03-28 12:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 12:40 - 2017-03-28 12:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 12:40 - 2017-03-28 12:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 12:40 - 2017-03-28 12:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 12:40 - 2017-03-28 12:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 12:40 - 2017-03-28 12:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 12:40 - 2017-03-28 12:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 12:40 - 2017-03-28 12:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 12:40 - 2017-03-28 12:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 12:40 - 2017-03-28 12:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 12:40 - 2017-03-28 12:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 12:40 - 2017-03-28 12:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 12:40 - 2017-03-28 12:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 12:40 - 2017-03-28 12:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 12:40 - 2017-03-28 12:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 12:40 - 2017-03-28 12:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 12:40 - 2017-03-28 12:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 12:40 - 2017-03-28 12:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 12:40 - 2017-03-28 12:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 12:40 - 2017-03-28 12:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 12:40 - 2017-03-28 12:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 12:40 - 2017-03-28 12:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 12:40 - 2017-03-28 12:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 12:40 - 2017-03-28 12:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 12:40 - 2017-03-28 12:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 12:40 - 2017-03-28 12:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 12:40 - 2017-03-28 12:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 12:40 - 2017-03-28 12:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 12:40 - 2017-03-28 12:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 12:40 - 2017-03-28 12:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 12:40 - 2017-03-28 12:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 12:40 - 2017-03-28 12:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 12:40 - 2017-03-28 12:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 12:40 - 2017-03-28 12:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 12:40 - 2017-03-28 12:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 12:40 - 2017-03-28 12:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 12:40 - 2017-03-28 12:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 12:40 - 2017-03-28 12:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 12:40 - 2017-03-28 12:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 12:40 - 2017-03-28 12:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 12:40 - 2017-03-28 12:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 12:40 - 2017-03-28 12:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 12:40 - 2017-03-28 12:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 12:40 - 2017-03-28 12:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 12:40 - 2017-03-28 12:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 12:40 - 2017-03-28 12:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 12:40 - 2017-03-28 12:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 12:40 - 2017-03-28 12:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-04-12 12:40 - 2017-03-28 12:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 12:40 - 2017-03-28 12:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 12:40 - 2017-03-28 12:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 12:40 - 2017-03-28 12:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 12:40 - 2017-03-28 12:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 12:40 - 2017-03-28 12:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 12:40 - 2017-03-28 12:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 12:40 - 2017-03-28 12:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 12:40 - 2017-03-28 12:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 12:40 - 2017-03-28 12:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 12:40 - 2017-03-28 12:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 12:40 - 2017-03-28 12:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 12:40 - 2017-03-28 12:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 12:40 - 2017-03-28 12:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 12:40 - 2017-03-28 12:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 12:40 - 2017-03-28 12:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 12:40 - 2017-03-28 12:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 12:40 - 2017-03-28 12:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 12:40 - 2017-03-28 12:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 12:40 - 2017-03-28 12:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 12:40 - 2017-03-28 12:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 12:40 - 2017-03-28 12:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 12:40 - 2017-03-28 12:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 12:40 - 2017-03-28 12:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 12:40 - 2017-03-28 12:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 12:40 - 2017-03-28 12:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 12:40 - 2017-03-28 12:04 - 00119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2017-04-12 12:40 - 2017-03-18 23:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 12:40 - 2017-03-18 23:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 12:40 - 2017-03-16 11:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 11:09 - 2017-04-20 18:10 - 00000000 ____D C:\Users\Boss\Desktop\For Khun Ice Website
2017-04-11 20:25 - 2017-04-11 20:25 - 00003630 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-L3LOVP3-Boss
2017-04-11 20:11 - 2017-04-11 20:11 - 00000000 ____D C:\Users\Public\Documents\Adobe
2017-04-11 20:11 - 2017-04-11 20:11 - 00000000 ____D C:\Users\Boss\Documents\Adobe
2017-04-11 20:11 - 2017-04-11 20:11 - 00000000 ____D C:\Users\Boss\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2017-04-11 20:09 - 2017-04-11 20:09 - 00001029 _____ C:\Users\Boss\Desktop\Adobe Lightroom.lnk
2017-04-11 20:09 - 2017-04-11 20:09 - 00001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2017-04-11 20:08 - 2017-04-11 20:08 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-11 20:07 - 2017-04-11 20:07 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-04-11 20:07 - 2017-04-11 20:07 - 00001603 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2017-04-11 19:06 - 2017-04-11 19:06 - 00004578 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2017-04-11 19:06 - 2017-04-11 19:06 - 00000000 ____D C:\Users\Boss\Documents\Hosts backup
2017-04-11 18:58 - 2017-04-05 01:26 - 01852370 _____ C:\Users\Boss\Desktop\Fah Lanna Spa Profile 2016.pdf
2017-04-11 18:35 - 2017-04-11 18:35 - 00000000 ____D C:\Users\Boss\Desktop\Adobe
2017-04-11 16:56 - 2017-04-11 17:08 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-04-11 16:56 - 2017-04-11 17:08 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-04-11 16:56 - 2017-04-11 16:56 - 00002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2017-04-11 16:46 - 2017-04-11 16:48 - 00000000 ____D C:\Users\Boss\Desktop\Adobe Acrobat XI
2017-04-11 13:49 - 2017-04-11 16:53 - 00000000 ____D C:\Users\Boss\Desktop\Adobe Acrobat
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-02 09:58 - 2017-02-27 18:43 - 00000000 ____D C:\Users\Boss\AppData\Roaming\Spotify
2017-05-02 09:53 - 2016-11-21 01:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-02 09:42 - 2017-02-25 06:55 - 00000000 ____D C:\Users\Boss\AppData\Local\Packages
2017-05-02 09:42 - 2016-07-16 18:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-02 09:42 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-02 09:42 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-02 09:42 - 2016-07-16 18:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-02 09:41 - 2017-02-26 13:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D8B1091-3236-49CE-8190-CF7B53A0AE03}
2017-05-02 09:40 - 2017-02-27 18:52 - 00000000 ____D C:\Users\Boss\AppData\Local\Adobe
2017-05-02 09:38 - 2017-02-27 18:44 - 00000000 ____D C:\Users\Boss\AppData\Local\Spotify
2017-05-02 09:38 - 2017-02-27 18:23 - 00000000 ____D C:\Users\Boss\Documents\WeChat Files
2017-05-02 09:38 - 2017-02-27 18:10 - 00000000 ___RD C:\Users\Boss\Dropbox
2017-05-02 09:37 - 2017-02-24 16:09 - 00000000 __SHD C:\Users\Boss\IntelGraphicsProfiles
2017-04-30 14:36 - 2017-02-26 09:08 - 00000000 ____D C:\Program Files (x86)\FormatFactory
2017-04-30 13:30 - 2016-11-21 01:51 - 01440252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-30 13:24 - 2016-11-21 01:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-30 13:23 - 2016-07-16 13:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-30 13:10 - 2017-03-06 12:04 - 00000000 ____D C:\Program Files\PDFCreator
2017-04-30 13:09 - 2017-02-26 03:45 - 00000000 ____D C:\Users\Boss
2017-04-30 13:09 - 2016-07-16 18:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-29 16:05 - 2017-02-26 03:48 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-29 16:05 - 2017-02-26 03:48 - 00003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-28 12:27 - 2017-02-25 07:03 - 00000000 ____D C:\Program Files\Microsoft Office
2017-04-28 12:27 - 2016-07-16 18:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-28 12:27 - 2016-07-16 18:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-04-27 15:26 - 2017-02-27 18:08 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-25 11:16 - 2017-02-25 07:02 - 00000000 ____D C:\Users\Boss\AppData\Roaming\AIMP3
2017-04-21 11:56 - 2016-11-21 01:40 - 06016448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-20 17:26 - 2017-03-19 13:32 - 00001456 _____ C:\Users\Boss\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-04-20 17:20 - 2017-03-07 19:25 - 00000132 _____ C:\Users\Boss\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-04-19 16:33 - 2017-02-28 16:53 - 00720896 _____ (Indigo Rose Corporation) C:\WINDOWS\iun6002.exe
2017-04-19 16:33 - 2017-02-28 16:53 - 00002020 _____ C:\Users\Boss\Desktop\Waree 5.0.lnk
2017-04-19 16:33 - 2017-02-28 16:53 - 00002020 _____ C:\Users\Boss\Desktop\Setup Waree.lnk
2017-04-19 16:33 - 2017-02-28 16:53 - 00000000 ____D C:\WINDOWS\msagent
2017-04-19 16:33 - 2017-02-28 16:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waree
2017-04-18 10:55 - 2016-11-21 01:12 - 00000000 ____D C:\WINDOWS\OCR
2017-04-16 10:35 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-14 14:33 - 2017-02-26 09:08 - 00000000 ____D C:\Users\Boss\AppData\Roaming\ScreenShot
2017-04-14 13:45 - 2017-02-25 07:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-14 13:44 - 2017-02-26 03:48 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-13 10:32 - 2016-11-21 01:54 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-12 18:21 - 2016-07-16 18:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-12 18:21 - 2016-07-16 13:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 14:53 - 2017-02-25 09:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 14:52 - 2017-02-25 09:19 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 14:10 - 2017-02-25 06:55 - 00000000 ____D C:\Users\Boss\AppData\Roaming\Adobe
2017-04-12 11:59 - 2017-02-25 06:57 - 00002360 _____ C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-12 11:59 - 2017-02-25 06:57 - 00000000 ___RD C:\Users\Boss\OneDrive
2017-04-12 09:56 - 2017-02-25 06:59 - 00000000 ____D C:\ProgramData\Adobe
2017-04-11 20:24 - 2017-02-25 07:01 - 00000000 ____D C:\Program Files\Adobe
2017-04-11 20:09 - 2017-03-03 11:50 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2017-04-11 16:44 - 2016-07-16 18:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-11 16:38 - 2017-02-25 07:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-04-11 12:09 - 2017-03-02 14:31 - 00000000 ____D C:\Users\Boss\AppData\Local\ElevatedDiagnostics
2017-04-11 12:02 - 2017-02-25 09:16 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-04-02 01:52 - 2016-07-16 18:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-02 01:52 - 2016-07-16 18:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2017-03-07 19:25 - 2017-04-20 17:20 - 0000132 _____ () C:\Users\Boss\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-03-06 10:43 - 2017-03-06 10:43 - 0000044 _____ () C:\Users\Boss\AppData\Roaming\WB.CFG
2017-03-19 13:32 - 2017-04-20 17:26 - 0001456 _____ () C:\Users\Boss\AppData\Local\Adobe Save for Web 13.0 Prefs
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-04-27 16:03
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2017
Ran by Boss (02-05-2017 10:42:02)
Running from C:\Users\Boss\Desktop\Cleaning
Windows 10 Pro Version 1607 (X64) (2017-02-25 20:49:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4121570393-846188343-1694475573-500 - Administrator - Disabled)
Boss (S-1-5-21-4121570393-846188343-1694475573-1001 - Administrator - Enabled) => C:\Users\Boss
DefaultAccount (S-1-5-21-4121570393-846188343-1694475573-503 - Limited - Disabled)
Guest (S-1-5-21-4121570393-846188343-1694475573-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
ACDSee 18 (HKLM\...\{6D0F6DF4-553E-43CD-AA95-69AB3644A8FF}) (Version: 18.0.0.226 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.9 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam)
Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Dropbox (HKLM-x32\...\Dropbox) (Version: 24.4.17 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iSkysoft iMusic(Version 2.0.1) (HKLM-x32\...\{04693854-F238-47D5-A030-81F640B921CB}_is1) (Version: 2.0.1 - iSkysoft)
iTunes (HKLM\...\{643531B8-09B1-4AEE-9FEE-8E0477957D25}) (Version: 12.6.0.95 - Apple Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
LINE (HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\LINE) (Version: 5.1.1.1422 - LINE Corporation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Manager (x32 Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - th-th (HKLM\...\ProPlusRetail - th-th) (Version: 16.0.7967.2139 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MySQL Connector/ODBC 5.1 (HKLM-x32\...\{29042B1C-0713-4575-B7CA-5C8E7B0899D4}) (Version: 5.1.6 - MySQL AB)
MySQL ODBC 3.51 Driver (HKLM-x32\...\MySQL ODBC 3.51 Driver) (Version: 03.51.04 - MySQL AB)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Paragon HFS+ for Windows™ 9.1 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.21.32007 - pdfforge GmbH)
PDF Architect 5 Create Module (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PicosmosTools 1.8.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.0.0 - Free Time)
Report (HKLM-x32\...\{55E6CE01-8789-4390-89C9-BF5A102423B1}) (Version: 1.0.0.0 - Thiti)
ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation)
Sdrive 2.5.9 (HKLM-x32\...\{74048A6E-4BAB-4F5F-8382-651C88F085B8}_is1) (Version: 2.5.9 - Seagate)
Spotify (HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
USB Disk Security (HKLM-x32\...\USB Disk Security_is1) (Version: - Zbshareware Lab)
Waree (HKLM-x32\...\Waree5.0 Build 11) (Version: - )
WeChat (HKLM-x32\...\WeChat) (Version: 2.3.0.93 - 腾讯科技(深圳)有限公司)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {19B7CF98-AA2F-42A9-B33A-37B29E0782FE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-27] (Dropbox, Inc.)
Task: {3B8017C7-16FB-44E8-9F21-5902712B518F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-24] (Google Inc.)
Task: {4EF32558-5101-4936-9F4C-1D7AAD7D4788} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {5F56DFEB-ADC5-4BD2-9E75-CB6E584C07F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-28] (Microsoft Corporation)
Task: {7E345905-9E0C-4308-B6A6-094E472BABAF} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic
Task: {96208546-7B57-4E6A-8BA8-0F77845C04DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-24] (Google Inc.)
Task: {AC4BD9ED-399F-4A22-873B-543EF27F5C61} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic
Task: {B18BEB8C-A529-4533-B916-7E7DE9144167} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {BFF0426B-F0EA-479E-88A5-433774D3BF41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {C5F46A30-57BD-484F-ABAE-FD7C90E82D30} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-19] (Microsoft Corporation)
Task: {CB3B5E2E-6309-4546-9C2F-89B77E2552B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-04-28] (Microsoft Corporation)
Task: {D5A36894-BBCF-4FE5-A926-B86449BB005A} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-L3LOVP3-Boss => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {FE81E882-4E7F-4544-8F41-D976B656846E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-02-27] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-30 13:15 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-04-30 13:15 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 18:42 - 2016-07-16 18:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 12:40 - 2017-03-28 13:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 12:40 - 2017-03-28 13:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 12:40 - 2017-03-28 13:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-21 01:11 - 2016-11-21 01:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 11:26 - 2017-03-04 13:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 11:27 - 2017-03-04 13:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 11:27 - 2017-03-04 13:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 11:27 - 2017-03-04 13:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 12:40 - 2017-03-28 12:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 12:40 - 2017-03-28 12:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 12:40 - 2017-03-28 12:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-20 19:05 - 2017-03-20 19:05 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-20 19:05 - 2017-03-20 19:05 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-10-10 10:04 - 2016-10-10 10:04 - 00193128 _____ () C:\Program Files (x86)\Tencent\WeChat\WeChatWeb.exe
2017-04-11 12:03 - 2017-04-11 12:04 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-04-11 12:03 - 2017-04-11 12:04 - 22723584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-04-11 12:03 - 2017-04-11 12:04 - 00448512 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-04-11 12:03 - 2017-04-11 12:04 - 05427200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-02-25 10:24 - 2017-02-25 10:27 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-04-11 12:03 - 2017-04-11 12:04 - 00435712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-04-11 12:03 - 2017-04-11 12:04 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-02-25 10:24 - 2017-02-25 10:27 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.313.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-27 18:44 - 2017-04-28 12:26 - 08931008 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
2017-05-02 09:41 - 2017-05-02 09:42 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-02 09:41 - 2017-05-02 09:42 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-02 09:41 - 2017-05-02 09:42 - 43012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-02 09:41 - 2017-05-02 09:42 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-11 12:06 - 2017-03-29 15:47 - 02885464 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-11 12:06 - 2017-03-29 15:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
2016-10-24 14:28 - 2016-10-24 14:28 - 00132888 _____ () C:\Program Files (x86)\Tencent\WeChat\libgcc_s_dw2-1.dll
2016-10-10 10:04 - 2016-10-10 10:04 - 00381120 _____ () C:\Program Files (x86)\Tencent\WeChat\QbBridge.dll
2016-10-27 14:18 - 2016-10-27 14:18 - 41412800 _____ () C:\Program Files (x86)\Tencent\WeChat\qbcore.dll
2016-10-24 14:28 - 2016-10-24 14:28 - 01272424 _____ () C:\Program Files (x86)\Tencent\WeChat\libglesv2.dll
2016-10-10 10:04 - 2016-10-10 10:04 - 00090216 _____ () C:\Program Files (x86)\Tencent\WeChat\libegl.dll
2017-02-27 18:44 - 2017-04-19 12:03 - 67725936 _____ () C:\Users\Boss\AppData\Roaming\Spotify\libcef.dll
2017-02-27 18:44 - 2017-04-19 12:03 - 00110192 _____ () C:\Users\Boss\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-02-27 18:44 - 2017-04-19 12:03 - 01929840 _____ () C:\Users\Boss\AppData\Roaming\Spotify\libglesv2.dll
2017-02-27 18:44 - 2017-04-19 12:03 - 00087152 _____ () C:\Users\Boss\AppData\Roaming\Spotify\libegl.dll
2017-03-05 15:18 - 2016-04-26 10:26 - 01369600 _____ () C:\Program Files (x86)\Seagate\Sdrive\Hybrid.dll
2017-03-05 15:18 - 2016-04-26 10:24 - 00018944 _____ () C:\Program Files (x86)\Seagate\Sdrive\boost_system-vc-mt-1_47.dll
2017-03-05 15:18 - 2016-04-26 10:24 - 00208896 _____ () C:\Program Files (x86)\Seagate\Sdrive\nice.dll
2017-03-05 15:18 - 2016-04-26 10:24 - 00288256 _____ () C:\Program Files (x86)\Seagate\Sdrive\msgpack-rpc.dll
2017-03-05 15:18 - 2016-04-26 10:24 - 00071680 _____ () C:\Program Files (x86)\Seagate\Sdrive\boost_thread-vc-mt-1_47.dll
2017-03-05 15:18 - 2016-04-26 10:24 - 00024576 _____ () C:\Program Files (x86)\Seagate\Sdrive\msgpack.dll
2017-04-13 16:33 - 2017-04-13 16:33 - 04285816 _____ () C:\Users\Boss\AppData\Local\LINE\bin\current\ampkit_windows.dll
2017-04-13 16:33 - 2017-04-13 16:33 - 00130416 _____ () C:\Users\Boss\AppData\Local\LINE\bin\current\PlayerHelper.dll
2017-04-13 16:33 - 2017-04-11 17:59 - 15233896 _____ () C:\Users\Boss\AppData\Local\LINE\bin\current\opengl32sw.dll
2017-04-27 15:26 - 2017-04-27 00:59 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-02-27 18:09 - 2017-03-29 06:54 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-02-27 18:09 - 2017-03-29 06:54 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-02-27 18:09 - 2017-03-29 06:54 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-02-27 18:09 - 2017-03-29 06:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-27 18:09 - 2017-03-29 06:54 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-04-27 15:26 - 2017-03-29 06:54 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-04-27 15:26 - 2017-03-29 06:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-04-27 15:26 - 2017-03-29 06:54 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-02-27 18:09 - 2017-03-29 06:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-04-27 15:26 - 2017-03-29 06:54 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-04-27 15:26 - 2017-03-29 06:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-02-27 18:09 - 2017-03-29 06:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-02-27 18:09 - 2017-03-29 06:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-02-27 18:09 - 2017-03-29 06:56 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-04-27 15:26 - 2017-03-29 06:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-04-27 15:26 - 2017-04-27 01:02 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-04-27 15:26 - 2017-03-23 00:47 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-04-27 15:26 - 2017-04-27 01:02 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-27 18:09 - 2017-04-27 01:02 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-04-27 15:26 - 2017-03-29 07:00 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-04-27 15:26 - 2017-03-29 07:00 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-04-27 15:26 - 2017-04-27 01:02 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-02-27 18:09 - 2017-04-27 01:02 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-27 15:26 - 2017-04-27 01:02 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-04-13 16:33 - 2017-04-13 16:33 - 00874976 _____ () C:\Users\Boss\AppData\Local\LINE\bin\current\LinePlayer\LPEngine.dll
2017-03-02 16:15 - 2016-10-08 16:59 - 01506304 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2017-03-02 16:15 - 2016-07-21 10:54 - 00137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2012-03-09 16:26 - 2012-03-09 16:26 - 00100352 _____ () C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 14:24 - 2017-04-24 17:37 - 00003530 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 209.34.83.73:443
127.0.0.1 209.34.83.73:43
127.0.0.1 209.34.83.73
127.0.0.1 209.34.83.67:443
127.0.0.1 209.34.83.67:43
127.0.0.1 209.34.83.67
127.0.0.1 ood.opsource.net
127.0.0.1 199.7.52.190:80
127.0.0.1 199.7.52.190
127.0.0.1 OCSP.SPO1.VERISIGN.COM
127.0.0.1 199.7.54.72:80
127.0.0.1 199.7.54.72
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
There are 57 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "ACSW18EN"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\StartupApproved\Run: => "ACDSeeCommander18"
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-4121570393-846188343-1694475573-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{530F4582-122B-4F1A-A0D0-08A60DB0017F}] => (Allow) C:\Users\Boss\AppData\Local\LINE\bin\5.0.0.1380\LineUpdater.exe
FirewallRules: [{F0AAC493-B623-42F8-8E76-F800D6BADA9D}] => (Allow) C:\Users\Boss\AppData\Local\LINE\bin\5.0.0.1380\LineUpdater.exe
FirewallRules: [{20F5D98A-C511-4C5C-810A-764366113610}] => (Allow) C:\Users\Boss\AppData\Local\LINE\bin\5.0.0.1380\LINE.exe
FirewallRules: [{9AFD3C07-E678-48C2-88B9-76FC5204F341}] => (Allow) C:\Users\Boss\AppData\Local\LINE\bin\5.0.0.1380\LINE.exe
FirewallRules: [{2693BB4E-7E93-45EF-86B3-5781B8FADBFC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D96D6084-BEFA-4375-BFDB-A5046FA6CC74}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{073021E8-A891-4E00-8759-F11096DB1659}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{6B6774DD-4E97-4E73-B732-2638E82A10D8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{FDC961CB-2365-4AEF-823D-C8EDE4443D29}] => (Allow) C:\Windows\
[email protected]
FirewallRules: [{EBEB58D7-F7D5-458B-AAAE-FAFA0456C179}] => (Allow) C:\Windows\
[email protected]
FirewallRules: [{E929F030-2C1C-4D62-9EF7-94A9C91E3B50}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{387E66DE-0C88-4779-B445-9BA52BE3A45C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{81DF80DE-9846-4ACE-A923-92FF93352821}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{590BA658-8219-4306-B899-C83E0F0BC83C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{45BDF2F9-1773-4EA3-9820-4A4113067329}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{A8104203-E234-49AC-900C-13977CE2A023}] => (Allow) C:\Program Files (x86)\Tencent\WeChat\WeChat.exe
FirewallRules: [{1B10802F-D792-4192-8999-B5463EB03DE2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FC788D91-B3E1-4B96-B015-33521FF4C8B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BEE0C309-69B6-4D84-883F-8E384472A987}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{90A08B1C-1D9F-499B-8106-E90314009D9E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E363FC1E-3A21-4102-B053-7CABDDA07E33}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [TCP Query User{B56AD51A-E5D6-4352-AEAE-F32E22BA1F62}C:\users\boss\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\boss\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7087FA56-E922-4B44-B9AF-84B430788100}C:\users\boss\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\boss\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BB103FC1-73CD-48AC-B77D-53A3C58F5095}C:\program files (x86)\seagate\sdrive\sdrive.exe] => (Allow) C:\program files (x86)\seagate\sdrive\sdrive.exe
FirewallRules: [UDP Query User{23334F68-67D7-4574-82C9-2F0110F17F3A}C:\program files (x86)\seagate\sdrive\sdrive.exe] => (Allow) C:\program files (x86)\seagate\sdrive\sdrive.exe
FirewallRules: [{ECD76FF3-240D-4013-93CD-95189DA596B3}] => (Allow) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{894548FD-E9B4-417C-BA6C-86391F14A8F6}] => (Allow) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{39F56876-2316-4138-9886-D37A8A0F7F53}] => (Allow) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{58383981-4C7A-446D-86ED-D3AFF2726218}] => (Allow) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{73D96B46-A4F8-4869-90E0-A7F4C45BED1C}] => (Allow) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7106EEDA-594B-494D-80C1-C039036B24A4}] => (Allow) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{80B0C2D6-ECC2-4575-A4B4-21C2791C472A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5A2370FA-E9B0-4F66-AA72-131F2E8ECC67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9B50C769-20D3-4794-9B1E-F093FCFDCE92}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{30B97922-B31F-4E38-86BE-9751028A761A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EE60DBC3-F9A1-4419-96EB-2EEBA31BF810}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B99504EF-8B62-4E94-8DAE-1B5919788A82}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F737E794-5D1F-448B-95E3-5E1964AF1074}] => (Block) %ProgramFiles% (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
FirewallRules: [{E1D179B0-4F1D-4867-B0D5-D6B96D48D86B}] => (Block) %ProgramFiles%\Adobe\Adobe Lightroom\lightroom.exe
FirewallRules: [{3C461B20-3C50-4CE9-96CD-30E541D2908A}] => (Allow) C:\Program Files (x86)\Everbean\Application\chrome.exe
FirewallRules: [{80EA031A-3C16-4037-883E-9C8FC27E4176}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe
FirewallRules: [{E5D47F3D-2FC8-4E59-8E11-234FC86F8648}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
19-04-2017 09:50:23 Scheduled Checkpoint
22-04-2017 13:35:24 Windows Update
02-05-2017 09:42:12 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Windows Office Locker since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service SSSvc since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service YAC Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Update Service(FirefoxU) since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary iSafeKrnlR3.
System Error:
The system cannot find the file specified.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary iSafeKrnlMon.
System Error:
The system cannot find the file specified.
.
Error: (05/02/2017 09:42:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary iSafeKrnl.
System Error:
The system cannot find the file specified.
.
Error: (04/30/2017 01:22:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iSafeSvc.exe, version: 6.10.493.30849, time stamp: 0x5840f8ac
Faulting module name: KERNELBASE.dll, version: 10.0.14393.1066, time stamp: 0x58d9f07f
Exception code: 0xc06d007e
Fault offset: 0x000da932
Faulting process id: 0x488
Faulting application start time: 0x01d2c179e5904a12
Faulting application path: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 57d19fee-7977-4dca-b938-603ed5636563
Faulting package full name:
Faulting package-relative application ID:
Error: (04/30/2017 01:09:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-L3LOVP3)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (05/02/2017 09:37:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L3LOVP3)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (04/30/2017 04:21:26 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2017-04-30 13:10:13.610
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-30 13:09:42.790
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-30 13:00:39.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-30 11:27:19.736
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-30 10:22:29.652
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-29 15:25:03.377
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-29 11:30:59.569
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-29 10:26:57.994
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-28 14:05:37.067
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2017-04-28 13:21:42.741
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 33%
Total physical RAM: 16075.39 MB
Available physical RAM: 10765.56 MB
Total Virtual: 18507.39 MB
Available Virtual: 11936.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:194.76 GB) (Free:107.86 GB) NTFS
Drive d: () (Fixed) (Total:270.45 GB) (Free:262.15 GB) NTFS
Drive e: (Sun Monk Ordination (2)) (CDROM) (Total:0.57 GB) (Free:0 GB) UDF
Drive s: (Sdrive) (Network) (Total:1 GB) (Free:1 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (Size: 1 GB) (Disk ID: A62CF085)
Partition 1: (Not Active) - (Size=1 GB) - (Type=0B)
==================== End of Addition.txt ============================