Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

malware stopped all process of antivirus protection [Solved]

Started by jmailf2 , Apr 14 2018 12:28 PM

  • This topic is locked This topic is locked

#1
jmailf2
Posted 14 April 2018 - 12:28 PM

jmailf2

    Member

  • Member
  • PipPip
  • 21 posts

I can usually remove any malware using Malwarebytes but this time I am having issues. it has stopped all antivirus protection on the computer and when I run any type of malware removal tool, they all start but stop in the process saying that an error occurred and need to close. I also see that when I open the task manager there are over 40 instances of Crueler and Filip. don't know what that is though.

I cannot boot into safe mode on this computer now either. 

 

I have an Alienware x51 r3 gaming computer with windows 10 installed on it.

 

need help removing whatever I have on this tower.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by admin (administrator) on JULIANALIENWARE (14-04-2018 13:35:15)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(TOSHIBA CORPORATION) C:\Windows\System32\nvbpxulsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe
(MSI) C:\Program Files\Alienware\OC Controls\ClockGen\MSIClockService.exe
(Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(MSI) C:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\IntelCpHDCPSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(MSI) C:\Program Files\Alienware\OC Controls\MSIControlService.exe
(MSI) C:\Program Files\Alienware\OC Controls\SMBus\MSISMBService.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\IntelCpHeciSvc.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(MSI) C:\Program Files\Alienware\OC Controls\ClockGen\CPU_Frequency\CPU_Frequency.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\anodes\filip.exe
() C:\Program Files (x86)\Attract\filip.exe
() C:\Program Files (x86)\Attract\Crueler.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki123014.inf_amd64_8fcab72aa9e3875f\igfxEM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Attract\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Attract\filip.exe
() C:\Program Files (x86)\anodes\filip.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\anodes\filip.exe
() C:\Program Files (x86)\Attract\Crueler.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\anodes\filip.exe
() C:\Program Files (x86)\Attract\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\anodes\filip.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Attract\Crueler.exe
() C:\Program Files (x86)\redefining\chiral.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\anodes\filip.exe
(CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
() C:\Program Files (x86)\anodes\filip.exe
() C:\Program Files (x86)\Attract\Crueler.exe
() C:\Users\admin\AppData\Local\usiebkd\usiebkd.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(Plex) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Dell) C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Dell) C:\Program Files\Alienware\Dell Foundation Services\DFS.Common.Agent.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Users\admin\AppData\Local\Crueler.exe
() C:\Users\admin\AppData\Local\filip.exe
() C:\Users\admin\AppData\Local\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Users\admin\AppData\Local\filip.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Users\admin\AppData\Local\usiebkd\cwrsghl.exe
() C:\Users\admin\AppData\Local\usiebkd\cwrsghl.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
() C:\Users\admin\AppData\Local\usiebkd\cwrsghl.exe
() C:\Users\admin\AppData\Local\wmcagent\wmcagent.exe
() C:\Users\admin\AppData\Local\wmcagent\wmcagent.exe
() C:\Users\admin\AppData\Local\wmcagent\wmcagent.exe
() C:\Users\admin\AppData\Local\usiebkd\cwrsghl.exe
() C:\Program Files (x86)\Perceptions\Crueler.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8498392 2015-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [35576 2015-09-15] (Alienware)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795704 2015-08-07] (NVIDIA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [291056 2018-04-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [recreate] => C:\Program Files (x86)\Perceptions\Crueler.exe [85504 2018-04-13] ()
HKLM\...\Run: [recreateturrets] => C:\Program Files (x86)\anodes\filip.exe [85504 2018-04-13] ()
HKLM\...\Run: [recreaterecreate] => C:\Program Files (x86)\Attract\Crueler.exe [85504 2018-04-13] ()
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [OC Controls] => C:\Program Files\Alienware\OC Controls\StartCommandCenter.exe [801744 2015-02-09] (MSI)
HKLM-x32\...\Run: [magnificent] => C:\Program Files (x86)\Perceptions\Crueler.exe [85504 2018-04-13] ()
HKLM-x32\...\Run: [magnificentcomparing] => C:\Program Files (x86)\anodes\filip.exe [85504 2018-04-13] ()
HKLM-x32\...\Run: [magnificentmagnificent] => C:\Program Files (x86)\Attract\Crueler.exe [85504 2018-04-13] ()
HKLM-x32\...\RunOnce: [Cagulima] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\admin\AppData\Local\minio\Paloma.dat"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [17785320 2018-04-06] (Plex, Inc.)
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe [9906864 2018-03-29] (Windscribe Limited)
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [Chromium] => c:\users\admin\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [dkstoj] => rundll32.exe "C:\Users\admin\AppData\Local\dkstoj.dll",dkstoj <==== ATTENTION
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [comparing] => C:\Program Files (x86)\Perceptions\Crueler.exe [85504 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [comparingmagnificent] => C:\Program Files (x86)\anodes\filip.exe [85504 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [comparingcomparing] => C:\Program Files (x86)\Attract\Crueler.exe [85504 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [turrets] => C:\Program Files (x86)\Perceptions\Crueler.exe [85504 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [turretsrecreate] => C:\Program Files (x86)\anodes\filip.exe [85504 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [turretsturrets] => C:\Program Files (x86)\Attract\Crueler.exe [85504 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [chiral] => C:\Program Files (x86)\redefining\chiral.exe [66836 2018-04-13] ()
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\...\Run: [acp] => C:\Program Files (x86)\Perceptions\Crueler.exe [85504 2018-04-13] ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\breakdown.lnk [2018-04-13]
ShortcutTarget: breakdown.lnk -> C:\Program Files (x86)\Perceptions\Crueler.exe ()
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\breakdownbreakdown.lnk [2018-04-13]
ShortcutTarget: breakdownbreakdown.lnk -> C:\Program Files (x86)\anodes\filip.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{25775266-20fb-4b27-871f-6541742b41ff}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{338740f5-3a21-49d4-a584-f88efcdf04a6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5e7984be-a9df-465f-9a04-31c456e0bc2c}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{99d83be1-02a5-4157-8d87-ee39f034a615}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{99d83be1-02a5-4157-8d87-ee39f034a615}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{9a15d283-a182-426a-9f70-0e4f862f9829}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{9a15d283-a182-426a-9f70-0e4f862f9829}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a41334c0-3a3d-11e8-bc36-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{A9B8D346-351F-44C0-A969-F507633CE772}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b9135649-b18b-4a8f-a380-fbe69d2abfa1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b9135649-b18b-4a8f-a380-fbe69d2abfa1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d9b9ac6a-44f1-4539-a5e4-3234f577f864}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f2422214-ee00-498a-84b3-f302634bb949}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{fac86997-7a97-4032-82d7-6eefce66be67}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-950022629-2792073568-2137371155-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
SearchScopes: HKU\S-1-5-21-950022629-2792073568-2137371155-1001 -> DefaultScope {CBAEE868-99E1-4A60-B3C3-E2D29543D7DA} URL =
SearchScopes: HKU\S-1-5-21-950022629-2792073568-2137371155-1001 -> {CBAEE868-99E1-4A60-B3C3-E2D29543D7DA} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-07-10] (Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2013-07-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-06] (NVIDIA Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://moviehangar.com/?s={searchTerms}
CHR DefaultSearchKeyword: Default -> moviehangar.com
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-04-14]
CHR Extension: (Slides) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-11]
CHR Extension: (Docs) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-11]
CHR Extension: (Google Drive) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-11]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-11]
CHR Extension: (Sheets) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-04-12]
CHR Extension: (Google Docs Offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-04-11]
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-04-11]
CHR Extension: (Insomnia REST Client) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmodihnfibbjdecbanmpmbmeffnmloel [2018-04-11]
CHR Extension: (Remove ads from Pirate Bay) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd [2018-04-11]
CHR Extension: (AVG SafePrice) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-04-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKLM\SYSTEM\CurrentControlSet\Services\uamokp <==== ATTENTION (Rootkit!)
R2 AlienFXWindowsService; C:\Program Files\Alienware\Command Center\AlienFXWindowsService.exe [36088 2015-09-15] (Alienware)
S2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [314688 2018-04-11] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\x64\aswidsagenta.exe [7653992 2018-04-11] (AVG Technologies CZ, s.r.o.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Alienware\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [36112 2015-07-02] (Alienware)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 IRMTService; c:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [181544 2015-04-30] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-01-06] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-03-19] (McAfee, Inc.)
R2 MSIClock_CC; C:\Program Files\Alienware\OC Controls\ClockGen\MSIClockService.exe [4012496 2015-06-30] (MSI)
S3 MSICOMM_CC; C:\Program Files\Alienware\OC Controls\MSICommService.exe [2122704 2015-06-30] (MSI)
S3 MSICPU_CC; C:\Program Files\Alienware\OC Controls\CPU\MSICPUService.exe [4173264 2015-06-30] (MSI)
R2 MSICTL_CC; C:\Program Files\Alienware\OC Controls\MSIControlService.exe [2008016 2015-06-01] (MSI)
S3 MSISaveLoad_CC; C:\Program Files\Alienware\OC Controls\MSISaveLoadService.exe [3964368 2015-02-09] (MSI)
R2 MSISMB_CC; C:\Program Files\Alienware\OC Controls\SMBus\MSISMBService.exe [2066384 2015-06-30] (MSI)
S3 MSIWMI_CC; C:\Program Files\Alienware\OC Controls\MSIWMIService.exe [188880 2015-08-24] (MSI)
R2 MSI_ODD_Service; c:\Program Files (x86)\MSI\ODD Monitor\ODD_Monitor.exe [84432 2014-12-23] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2212328 2018-04-06] (Plex, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 ThermalsWindowsService; C:\Program Files\Alienware\Command Center\ThermalsWindowsService.exe [36088 2015-09-15] (Alienware)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\NisSrv.exe [356152 2018-04-07] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MsMpEng.exe [106280 2018-04-07] (Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [466096 2018-03-29] (Windscribe Limited)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166064 2018-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [220600 2018-04-11] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192536 2018-04-11] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336848 2018-04-11] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [50776 2018-04-11] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139608 2018-04-12] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [103744 2018-04-11] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76760 2018-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1019088 2018-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [198368 2018-04-11] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [372920 2018-04-11] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76192 2018-03-19] ()
S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-07-08] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [24776 2014-01-23] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193768 2018-04-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-04-14] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-04-14] (Malwarebytes)
R1 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-14] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102112 2018-04-14] (Malwarebytes)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
S3 NTIOLib_Flash; C:\Users\admin\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [13368 2018-04-07] (MSI) <==== ATTENTION
R3 NTIOLib_MSICEN; C:\Program Files\Alienware\Command Center\NTIOLib_Thermals_X64.sys [13808 2015-02-04] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files\Alienware\OC Controls\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files\Alienware\OC Controls\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSIFrequency_CC; C:\Program Files\Alienware\OC Controls\ClockGen\CPU_Frequency\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files\Alienware\OC Controls\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
R3 NTIOLib_MSISMB_CC; C:\Program Files\Alienware\OC Controls\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-08-20] (Realtek )
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-02-01] (The OpenVPN Project)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-04-14] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-04-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288296 2018-04-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129568 2018-04-07] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-04-14] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-04-14] (Zemana Ltd.)
S4 acoue; System32\drivers\sbmkpndo.sys [X]
R3 xaehkn; system32\drivers\ehknru.sys [X]
S3 xxxbbb; system32\drivers\rrruuu.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-14 13:27 - 2018-04-14 13:27 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2018-04-14 12:42 - 2018-04-14 12:42 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-04-14 12:41 - 2018-04-14 12:41 - 000000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-04-14 12:41 - 2018-04-14 12:41 - 000000000 ____D C:\ProgramData\RogueKiller
2018-04-14 12:41 - 2018-04-14 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-04-14 12:41 - 2018-04-14 12:41 - 000000000 ____D C:\Program Files\RogueKiller
2018-04-14 12:40 - 2018-04-14 12:40 - 036606712 _____ (Adlice Software ) C:\Users\admin\Desktop\RogueKiller_setup.exe
2018-04-14 10:36 - 2018-04-14 10:36 - 000000000 ____D C:\Users\admin\AppData\Local\wmrbphs
2018-04-14 10:31 - 2018-04-14 10:31 - 000142672 ____N C:\WINDOWS\system32\Drivers\cwcmptwz.sys
2018-04-14 10:17 - 2018-04-14 13:38 - 000409179 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-04-14 10:17 - 2018-04-14 12:42 - 000481002 _____ C:\WINDOWS\ZAM.krnl.trace
2018-04-14 10:17 - 2018-04-14 10:17 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-04-14 10:17 - 2018-04-14 10:17 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-04-14 10:17 - 2018-04-14 10:17 - 000001219 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-04-14 10:17 - 2018-04-14 10:17 - 000000000 ____D C:\Users\admin\AppData\Local\Zemana
2018-04-14 10:17 - 2018-04-14 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-04-14 10:17 - 2018-04-14 10:17 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-04-14 10:08 - 2018-04-14 10:08 - 000000000 ____D C:\Users\admin\AppData\Local\werpchu
2018-04-14 10:06 - 2018-04-14 10:13 - 001398116 _____ C:\WINDOWS\Minidump\041418-37671-01.dmp
2018-04-14 10:06 - 2018-04-14 10:06 - 892868081 _____ C:\WINDOWS\MEMORY.DMP
2018-04-14 10:06 - 2018-04-14 10:06 - 000000000 ____D C:\WINDOWS\Minidump
2018-04-14 10:03 - 2018-04-14 10:03 - 000000000 ____D C:\Users\admin\AppData\Local\lscegmt
2018-04-14 09:58 - 2018-04-14 09:58 - 000000000 ____D C:\Users\admin\AppData\Local\svhxunz
2018-04-14 09:53 - 2018-04-14 09:53 - 000000000 ____D C:\Users\admin\AppData\Local\mskbpcg
2018-04-14 09:33 - 2018-04-14 09:33 - 000000000 ____D C:\Users\admin\AppData\Local\nvkdmih
2018-04-14 03:24 - 2018-04-14 03:24 - 000000000 ____D C:\Users\admin\AppData\Local\sndilev
2018-04-14 02:58 - 2018-04-14 02:58 - 007387624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\admin\Downloads\avg_antivirus_free_setup (1).exe
2018-04-14 02:54 - 2018-04-14 02:54 - 000000000 ____D C:\Users\admin\AppData\Local\nikdpwg
2018-04-14 02:52 - 2018-04-14 10:32 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-04-14 02:47 - 2018-04-14 02:47 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-14 02:47 - 2018-04-14 02:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-14 02:47 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-14 02:27 - 2018-04-14 02:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-14 02:27 - 2018-04-14 02:47 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-04-14 02:27 - 2018-04-14 02:27 - 000000000 ____D C:\Users\admin\AppData\Local\cghupdo
2018-04-14 02:18 - 2018-04-14 02:18 - 000000000 ____D C:\Users\admin\AppData\Local\raahliu
2018-04-14 02:07 - 2018-04-14 02:07 - 195958672 _____ (Sophos Limited) C:\Users\admin\Desktop\Sophos Virus Removal Tool.exe
2018-04-14 02:05 - 2018-04-14 02:05 - 007256272 _____ (Malwarebytes) C:\Users\admin\Downloads\AdwCleaner.exe
2018-04-14 01:58 - 2018-04-14 01:58 - 000000000 ____D C:\Users\admin\AppData\Local\svmakln
2018-04-14 01:50 - 2018-04-14 01:50 - 000001406 _____ C:\Users\admin\Desktop\fixlist.txt.40g4t90.partial
2018-04-14 01:50 - 2018-04-14 01:50 - 000000000 _____ C:\Users\admin\Desktop\fixlist.txt
2018-04-14 01:44 - 2018-04-14 01:44 - 000000000 ____D C:\Users\admin\Documents\Custom Office Templates
2018-04-14 00:50 - 2018-04-14 01:02 - 000039216 _____ C:\Users\admin\Desktop\Addition.txt
2018-04-14 00:49 - 2018-04-14 13:38 - 000041064 _____ C:\Users\admin\Desktop\FRST.txt
2018-04-14 00:49 - 2018-04-14 13:35 - 000000000 ____D C:\FRST
2018-04-14 00:48 - 2018-04-14 00:48 - 002403328 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2018-04-14 00:40 - 2018-04-14 13:03 - 000026844 _____ C:\Users\admin\Desktop\Rkill.txt
2018-04-14 00:08 - 2018-04-14 00:08 - 000000000 ____D C:\Users\admin\AppData\Local\mssoukr
2018-04-14 00:04 - 2018-04-14 00:05 - 000000000 ____D C:\AdwCleaner
2018-04-14 00:02 - 2018-04-14 00:04 - 007256272 _____ (Malwarebytes) C:\Users\admin\Downloads\adwcleaner_7.1.0.0.exe
2018-04-14 00:01 - 2018-04-14 00:01 - 000001406 _____ C:\Users\admin\Desktop\fixlist.txt.51kp71k.partial
2018-04-13 23:59 - 2018-04-13 23:59 - 000001406 _____ C:\Users\admin\Downloads\676d19dd-6b0d-4bb3-acf2-5bdde82fe4da.tmp
2018-04-13 23:56 - 2018-04-13 23:56 - 000000000 ____D C:\Users\admin\AppData\Local\vdslwom
2018-04-13 23:29 - 2018-04-13 23:29 - 000000000 ____D C:\Users\admin\AppData\Local\sbexngd
2018-04-13 23:22 - 2012-11-16 18:15 - 001754528 _____ (Bleeping Computer, LLC) C:\Users\admin\Desktop\rkill.com
2018-04-13 23:12 - 2018-04-13 23:12 - 000000000 ____D C:\Users\admin\AppData\Local\seiwlgt
2018-04-13 22:58 - 2018-04-13 22:58 - 000000000 ____D C:\Users\admin\AppData\Local\avhbzwe
2018-04-13 22:37 - 2018-04-14 10:32 - 000102112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-04-13 22:37 - 2018-04-14 10:32 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-04-13 22:37 - 2018-04-14 02:48 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-13 22:37 - 2018-04-14 02:48 - 000193768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-04-13 22:37 - 2018-04-13 22:37 - 000000000 ____D C:\ProgramData\MB2Migration
2018-04-13 22:37 - 2018-04-13 22:37 - 000000000 ____D C:\Program Files\Malwarebytes
2018-04-13 22:35 - 2015-01-14 00:50 - 017292760 _____ (Malwarebytes Corporation ) C:\Users\admin\Desktop\mbam-setup-2.0.2.1012.exe
2018-04-13 22:26 - 2018-04-14 13:05 - 000000000 ____D C:\Users\admin\AppData\Local\codbsxe
2018-04-13 22:26 - 2018-04-13 22:27 - 000000000 ____D C:\Users\admin\AppData\Local\wmcagent
2018-04-13 22:23 - 2018-04-14 13:36 - 000000000 ____D C:\Users\admin\AppData\Local\usiebkd
2018-04-13 22:23 - 2018-04-13 22:23 - 000000000 ____D C:\Users\admin\AppData\Local\ranpxgt
2018-04-13 22:22 - 2018-04-14 10:31 - 002888704 _____ (TOSHIBA CORPORATION) C:\WINDOWS\system32\nvbpxulsvc.exe
2018-04-13 22:22 - 2018-04-13 23:39 - 000000000 ____D C:\Program Files (x86)\RtMIDrh1Ffeg Updater
2018-04-13 22:22 - 2018-04-13 22:47 - 000000000 ____D C:\Program Files (x86)\RtMIDrh1Ffeg
2018-04-13 22:22 - 2018-04-13 22:22 - 000021602 _____ C:\WINDOWS\System32\Tasks\RtMIDrh1Ffeg
2018-04-13 22:22 - 2018-04-13 22:22 - 000003984 _____ C:\WINDOWS\System32\Tasks\virtual isbell kitz
2018-04-13 22:22 - 2018-04-13 22:22 - 000003976 _____ C:\WINDOWS\System32\Tasks\arrangement goleta
2018-04-13 22:22 - 2018-04-13 22:22 - 000003964 _____ C:\WINDOWS\System32\Tasks\grammies-unready
2018-04-13 22:22 - 2018-04-13 22:22 - 000003962 _____ C:\WINDOWS\System32\Tasks\cheapen_cathleen
2018-04-13 22:22 - 2018-04-13 22:22 - 000003952 _____ C:\WINDOWS\System32\Tasks\payees_puerta
2018-04-13 22:22 - 2018-04-13 22:22 - 000003936 _____ C:\WINDOWS\System32\Tasks\refurbish
2018-04-13 22:22 - 2018-04-13 22:22 - 000003878 _____ C:\WINDOWS\System32\Tasks\Savirtual isbell kitzvirtual isbell kitz
2018-04-13 22:22 - 2018-04-13 22:22 - 000003870 _____ C:\WINDOWS\System32\Tasks\Saarrangement goletaarrangement goleta
2018-04-13 22:22 - 2018-04-13 22:22 - 000003852 _____ C:\WINDOWS\System32\Tasks\Sagrammies-unreadygrammies-unready
2018-04-13 22:22 - 2018-04-13 22:22 - 000003850 _____ C:\WINDOWS\System32\Tasks\Sacheapen_cathleencheapen_cathleen
2018-04-13 22:22 - 2018-04-13 22:22 - 000003834 _____ C:\WINDOWS\System32\Tasks\Sapayees_puertapayees_puerta
2018-04-13 22:22 - 2018-04-13 22:22 - 000003810 _____ C:\WINDOWS\System32\Tasks\Sarefurbishrefurbish
2018-04-13 22:22 - 2018-04-13 22:22 - 000000012 _____ C:\WINDOWS\b67751320
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ___HD C:\Program Files (x86)\redefining
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ___HD C:\Program Files (x86)\Attract
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ____D C:\WINDOWS\SysWOW64\wehtunk
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ____D C:\WINDOWS\system32\wehtunk
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ____D C:\Users\admin\AppData\Roaming\et
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ____D C:\Program Files (x86)\Perceptions
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ____D C:\Program Files (x86)\imperfect
2018-04-13 22:22 - 2018-04-13 22:22 - 000000000 ____D C:\Program Files (x86)\anodes
2018-04-13 22:21 - 2018-04-13 23:02 - 000000000 ____D C:\Users\admin\AppData\Roaming\AGData
2018-04-13 22:21 - 2018-04-13 22:21 - 000194048 _____ C:\Users\admin\AppData\Local\plsxc.dll
2018-04-13 22:21 - 2018-04-13 22:21 - 000043520 _____ C:\Users\admin\AppData\Local\dkstoj.dll
2018-04-13 22:21 - 2018-04-13 22:21 - 000003072 _____ C:\Users\admin\AppData\Local\setup_NeoNetPlasma.exe
2018-04-13 22:19 - 2018-04-13 22:20 - 000000000 ____D C:\Users\admin\Documents\Chameleon files
2018-04-13 22:19 - 2018-04-13 22:19 - 000844288 _____ C:\WINDOWS\xglwxautqgnlrdmy.dll
2018-04-13 22:16 - 2018-04-13 23:02 - 000000000 ____D C:\WINDOWS\AutoKMS
2018-04-13 22:16 - 2018-04-13 22:16 - 000003808 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-04-13 21:54 - 2018-04-13 22:12 - 1027105760 _____ C:\Users\admin\Downloads\Lost.in.Space.2018.S01E03.720p.WEBRip.x264-STRiFE[eztv].mkv
2018-04-13 21:44 - 2018-04-13 21:45 - 273295236 _____ C:\Users\admin\Downloads\Empire.2015.S04E12.HDTV.x264-SVA[eztv].mkv
2018-04-13 21:28 - 2018-04-13 22:12 - 000000000 ____D C:\Completed Downloads
2018-04-13 21:18 - 2018-04-13 21:18 - 000000000 ____D C:\Users\admin\AppData\Local\DuckieTV-Standalone
2018-04-13 21:17 - 2018-04-14 00:34 - 000000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2018-04-13 21:15 - 2018-04-13 21:15 - 066661673 _____ C:\Users\admin\Downloads\DuckieTV-1.1.5-windows-x64.zip
2018-04-13 21:13 - 2018-04-13 21:13 - 002951024 _____ (BitTorrent Inc.) C:\Users\admin\Downloads\uTorrent.exe
2018-04-13 20:11 - 2018-04-13 20:11 - 000085504 _____ C:\WINDOWS\circled.exe
2018-04-13 20:11 - 2018-04-13 20:11 - 000085504 _____ C:\Users\admin\AppData\Local\filip.exe
2018-04-13 20:11 - 2018-04-13 20:11 - 000085504 _____ C:\Users\admin\AppData\Local\Crueler.exe
2018-04-13 00:33 - 2018-04-13 00:33 - 000000046 _____ C:\Users\admin\AppData\Roaming\WB.CFG
2018-04-12 19:51 - 2018-04-12 19:51 - 000052405 _____ C:\WINDOWS\uninstaller.dat
2018-04-12 00:41 - 2018-04-12 00:41 - 000071006 _____ C:\Users\admin\Downloads\The.Commuter.(2018).[BluRay].(1080p).[YTS.AM].torrent
2018-04-12 00:40 - 2018-04-12 00:40 - 000095392 _____ C:\Users\admin\Downloads\Maze Runner The Death Cure (2018) [WEBRip] [1080p] [YTS.AM].torrent
2018-04-12 00:34 - 2018-04-12 00:34 - 000002336 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2018-04-12 00:34 - 2018-04-12 00:34 - 000002328 _____ C:\Users\admin\Desktop\Chromium.lnk
2018-04-12 00:33 - 2018-04-12 05:33 - 000000000 ____D C:\ProgramData\{EB002E63-6142-A4A5-E784-3AE77DC6B129}
2018-04-12 00:33 - 2018-04-12 00:34 - 000000000 ____D C:\Users\admin\AppData\Local\chromium
2018-04-12 00:33 - 2018-04-12 00:33 - 000000000 ____D C:\WINDOWS\System32\Tasks\{5648D073-C517-1352-4AC3-6C8640B963A6}
2018-04-12 00:33 - 2018-04-12 00:33 - 000000000 ____D C:\Users\admin\AppData\Local\minio
2018-04-12 00:32 - 2018-04-13 22:56 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-04-12 00:32 - 2018-04-12 00:32 - 000001330 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk
2018-04-12 00:32 - 2018-04-12 00:32 - 000000000 ____D C:\ProgramData\McAfee
2018-04-12 00:30 - 2018-04-12 23:04 - 000000000 ____D C:\Users\admin\AppData\Roaming\BitComet
2018-04-12 00:19 - 2018-04-13 22:56 - 000000000 ____D C:\Program Files (x86)\Windscribe
2018-04-12 00:19 - 2018-04-12 00:19 - 015109272 _____ (Windscribe Limited ) C:\Users\admin\Downloads\Windscribe.exe
2018-04-12 00:19 - 2018-04-12 00:19 - 000001142 _____ C:\Users\Public\Desktop\Windscribe.lnk
2018-04-12 00:19 - 2018-04-12 00:19 - 000000000 ____D C:\Users\admin\AppData\Local\Windscribe
2018-04-12 00:19 - 2018-04-12 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windscribe
2018-04-12 00:19 - 2018-02-01 23:45 - 000054896 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tapwindscribe0901.sys
2018-04-12 00:12 - 2018-04-12 00:12 - 000000000 ___HD C:\$AV_AVG
2018-04-12 00:06 - 2018-04-12 00:06 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2018-04-12 00:00 - 2018-04-12 00:00 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2018-04-11 23:38 - 2018-04-11 23:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-04-11 23:37 - 2018-04-11 23:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-04-11 23:37 - 2018-04-11 23:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-04-11 23:37 - 2018-04-11 23:37 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-04-11 23:36 - 2018-04-11 23:37 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-04-11 23:36 - 2018-04-11 23:36 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-04-11 23:35 - 2018-04-11 23:36 - 000000000 ____D C:\Program Files\Microsoft Office
2018-04-11 23:35 - 2018-04-11 23:35 - 000000000 __RHD C:\MSOCache
2018-04-11 23:35 - 2018-04-11 23:35 - 000000000 ____D C:\Users\admin\AppData\Local\Microsoft Help
2018-04-11 23:35 - 2018-04-11 23:35 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-04-11 23:35 - 2018-04-11 23:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-04-11 23:06 - 2018-04-11 23:06 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2018-04-11 23:05 - 2018-04-11 23:05 - 000000000 ____D C:\Users\admin\AppData\Roaming\Google
2018-04-11 23:00 - 2018-04-11 23:00 - 000000000 ____D C:\Users\julian\AppData\Local\Plex Media Server
2018-04-11 23:00 - 2018-04-11 23:00 - 000000000 ____D C:\Users\julian
2018-04-11 22:55 - 2018-04-11 22:55 - 000000420 _____ C:\Users\admin\Desktop\This PC - Shortcut.lnk
2018-04-11 22:46 - 2018-04-11 21:28 - 000000396 _____ C:\Users\admin\Desktop\Plex Media Server.reg
2018-04-11 22:26 - 2018-04-11 22:26 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-04-11 22:21 - 2018-04-11 22:49 - 000000000 ____D C:\Users\admin\AppData\Local\Plex Media Server
2018-04-11 22:11 - 2018-04-11 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2018-04-11 22:10 - 2018-04-11 22:10 - 000000000 ____D C:\Program Files (x86)\Plex
2018-04-11 22:06 - 2018-04-11 22:07 - 001129816 _____ (Google Inc.) C:\Users\admin\Downloads\ChromeSetup.exe
2018-04-11 22:05 - 2018-04-14 03:00 - 000000000 ____D C:\Program Files (x86)\Google
2018-04-11 22:05 - 2018-04-11 23:13 - 000000000 ____D C:\Users\admin\AppData\Local\Google
2018-04-11 22:04 - 2018-04-12 00:33 - 000000000 ____D C:\avast! sandbox
2018-04-11 22:04 - 2018-04-11 22:04 - 000000000 ____D C:\Users\admin\AppData\Roaming\AVG
2018-04-11 22:04 - 2018-04-11 22:04 - 000000000 ____D C:\Users\admin\AppData\Local\CEF
2018-04-11 22:03 - 2018-04-11 22:04 - 000000000 ____D C:\Users\admin\AppData\Local\AVG
2018-04-11 22:03 - 2018-04-11 22:03 - 077006888 _____ (Plex, Inc.) C:\Users\admin\Desktop\Plex-Media-Server-1.12.3.4947-b9dbb6d8e.exe
2018-04-11 22:03 - 2018-04-11 22:03 - 000003992 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-04-11 22:03 - 2018-04-11 22:03 - 000001892 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2018-04-11 22:03 - 2018-04-11 22:03 - 000001880 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-04-11 22:02 - 2018-04-12 14:03 - 000139608 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-04-11 22:02 - 2018-04-11 22:02 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-04-11 22:02 - 2018-04-11 22:02 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-04-11 22:02 - 2018-04-11 22:01 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-04-11 22:02 - 2018-04-11 22:01 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-04-11 22:02 - 2018-04-11 22:01 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-04-11 22:02 - 2018-04-11 22:01 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-04-11 22:02 - 2018-04-11 22:01 - 000166064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2018-04-11 22:02 - 2018-04-11 22:01 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-04-11 22:00 - 2018-04-12 01:34 - 000000000 ____D C:\ProgramData\AVG
2018-04-11 22:00 - 2018-04-11 22:00 - 007387624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\admin\Downloads\avg_antivirus_free_setup.exe
2018-04-11 22:00 - 2018-04-11 22:00 - 000000000 ____D C:\Program Files\AVG
2018-04-11 21:59 - 2018-04-14 09:38 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{921E2680-2505-4E28-8C9A-0060618C79EC}
2018-04-11 21:59 - 2018-04-11 21:59 - 000003900 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-04-11 21:59 - 2018-04-11 21:59 - 000000000 ____D C:\Users\admin\AppData\Roaming\Macromedia
2018-04-09 20:58 - 2018-04-09 20:58 - 000000000 ____D C:\Users\admin\AppData\Local\DBG
2018-04-07 11:07 - 2018-04-07 11:09 - 000000242 _____ C:\Users\admin\Desktoplog.txt
2018-04-07 11:06 - 2018-04-07 11:06 - 000003738 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-04-07 11:05 - 2018-04-07 11:16 - 000000000 ____D C:\Users\admin\Documents\Dell Downloads
2018-04-07 11:05 - 2018-04-07 11:05 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Intel
2018-04-07 11:04 - 2018-04-07 11:05 - 028262024 _____ C:\Users\admin\Desktop\Alienware_X51_R3_1.2.11.exe
2018-04-07 11:03 - 2018-04-07 11:03 - 000000000 ____D C:\ProgramData\SupportAssist
2018-04-07 11:03 - 2018-04-07 11:03 - 000000000 ____D C:\ProgramData\Dell Inc
2018-04-07 10:48 - 2018-03-02 16:09 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-07 10:48 - 2018-03-02 16:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-07 09:43 - 2018-04-07 09:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-04-07 09:42 - 2018-04-07 09:42 - 000000000 ____D C:\Users\admin\AppData\Local\Comms
2018-04-07 09:42 - 2018-04-07 09:27 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-04-07 09:40 - 2018-04-14 11:04 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-07 09:40 - 2018-04-14 11:04 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-07 09:40 - 2018-04-11 22:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-07 09:34 - 2018-04-14 12:18 - 000000000 ____D C:\Program Files\Dell
2018-04-07 09:32 - 2018-03-01 22:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-04-07 09:32 - 2018-03-01 21:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-04-07 09:32 - 2018-03-01 02:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-07 09:32 - 2018-03-01 02:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-07 09:32 - 2018-03-01 02:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-07 09:32 - 2018-03-01 02:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-07 09:32 - 2018-03-01 02:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-07 09:32 - 2018-03-01 02:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-07 09:32 - 2018-03-01 02:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-07 09:32 - 2018-03-01 02:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-07 09:32 - 2018-03-01 02:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-07 09:32 - 2018-03-01 02:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-07 09:32 - 2018-03-01 02:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-04-07 09:32 - 2018-03-01 02:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-07 09:32 - 2018-03-01 02:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-04-07 09:32 - 2018-03-01 02:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-07 09:32 - 2018-03-01 02:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-04-07 09:32 - 2018-03-01 02:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-04-07 09:32 - 2018-03-01 02:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-04-07 09:32 - 2018-03-01 02:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-04-07 09:32 - 2018-03-01 02:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-04-07 09:32 - 2018-03-01 02:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-04-07 09:32 - 2018-03-01 02:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-04-07 09:32 - 2018-03-01 02:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-07 09:32 - 2018-03-01 02:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-07 09:32 - 2018-03-01 02:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-04-07 09:32 - 2018-03-01 02:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-07 09:32 - 2018-03-01 02:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-04-07 09:32 - 2018-03-01 02:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-04-07 09:32 - 2018-03-01 02:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-04-07 09:32 - 2018-03-01 02:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-04-07 09:32 - 2018-03-01 02:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-04-07 09:32 - 2018-03-01 01:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-07 09:32 - 2018-03-01 01:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-04-07 09:32 - 2018-03-01 01:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-04-07 09:32 - 2018-03-01 01:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-04-07 09:32 - 2018-03-01 01:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-07 09:32 - 2018-03-01 01:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-04-07 09:32 - 2018-03-01 01:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-04-07 09:32 - 2018-03-01 01:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-04-07 09:32 - 2018-03-01 01:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-04-07 09:32 - 2018-03-01 01:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-04-07 09:32 - 2018-03-01 01:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-04-07 09:32 - 2018-03-01 01:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-04-07 09:32 - 2018-03-01 01:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-04-07 09:32 - 2018-03-01 01:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-04-07 09:32 - 2018-03-01 01:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-07 09:32 - 2018-03-01 01:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-04-07 09:32 - 2018-03-01 01:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-04-07 09:32 - 2018-03-01 00:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-04-07 09:32 - 2018-03-01 00:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-04-07 09:32 - 2018-03-01 00:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-04-07 09:32 - 2018-03-01 00:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-04-07 09:32 - 2018-03-01 00:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-04-07 09:32 - 2018-03-01 00:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-04-07 09:32 - 2018-03-01 00:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-07 09:32 - 2018-03-01 00:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-04-07 09:32 - 2018-03-01 00:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-07 09:32 - 2018-03-01 00:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-07 09:32 - 2018-03-01 00:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-04-07 09:32 - 2018-03-01 00:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-04-07 09:32 - 2018-03-01 00:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-07 09:32 - 2018-03-01 00:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-07 09:32 - 2018-03-01 00:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-04-07 09:32 - 2018-03-01 00:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-04-07 09:32 - 2018-03-01 00:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-07 09:32 - 2018-03-01 00:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-07 09:32 - 2018-03-01 00:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-04-07 09:32 - 2018-03-01 00:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-04-07 09:32 - 2018-03-01 00:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-04-07 09:32 - 2018-03-01 00:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-04-07 09:32 - 2018-03-01 00:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-04-07 09:32 - 2018-03-01 00:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-07 09:32 - 2018-03-01 00:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-04-07 09:32 - 2018-03-01 00:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-04-07 09:32 - 2018-03-01 00:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-04-07 09:32 - 2018-03-01 00:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-07 09:32 - 2018-03-01 00:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-07 09:32 - 2018-03-01 00:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-04-07 09:32 - 2018-03-01 00:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-07 09:32 - 2018-03-01 00:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-04-07 09:32 - 2018-03-01 00:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-04-07 09:32 - 2018-03-01 00:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-04-07 09:32 - 2018-03-01 00:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-07 09:32 - 2018-03-01 00:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-07 09:32 - 2018-03-01 00:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-04-07 09:32 - 2018-03-01 00:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-07 09:32 - 2018-03-01 00:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-04-07 09:32 - 2018-03-01 00:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-04-07 09:32 - 2018-03-01 00:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-04-07 09:32 - 2018-03-01 00:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-04-07 09:32 - 2018-03-01 00:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-04-07 09:32 - 2018-03-01 00:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-04-07 09:32 - 2018-03-01 00:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-04-07 09:32 - 2018-03-01 00:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-04-07 09:32 - 2018-03-01 00:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-04-07 09:32 - 2018-02-21 21:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-07 09:32 - 2018-02-21 21:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-07 09:32 - 2018-02-21 21:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-04-07 09:32 - 2018-02-21 21:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-04-07 09:32 - 2018-02-21 21:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-07 09:32 - 2018-02-21 21:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-07 09:32 - 2018-02-21 21:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-04-07 09:32 - 2018-02-21 20:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-04-07 09:32 - 2018-02-21 20:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-04-07 09:32 - 2018-02-21 20:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-04-07 09:32 - 2018-02-21 20:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-04-07 09:32 - 2018-02-21 19:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-04-07 09:32 - 2018-02-21 19:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-04-07 09:32 - 2018-02-21 19:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-04-07 09:32 - 2018-02-10 01:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-07 09:32 - 2018-02-10 01:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-04-07 09:32 - 2018-02-10 01:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-04-07 09:32 - 2018-02-10 01:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-04-07 09:32 - 2018-02-10 01:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-04-07 09:32 - 2018-02-10 01:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-04-07 09:32 - 2018-02-10 01:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-04-07 09:32 - 2018-02-10 01:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-04-07 09:32 - 2018-02-10 01:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-07 09:32 - 2018-02-10 01:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-07 09:32 - 2018-02-10 01:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-04-07 09:32 - 2018-02-10 01:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-04-07 09:32 - 2018-02-10 01:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-04-07 09:32 - 2018-02-10 01:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-04-07 09:32 - 2018-02-10 01:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-04-07 09:32 - 2018-02-10 01:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-04-07 09:32 - 2018-02-10 01:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-04-07 09:32 - 2018-02-10 01:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-04-07 09:32 - 2018-02-10 01:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-04-07 09:32 - 2018-02-10 01:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-04-07 09:32 - 2018-02-10 01:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-07 09:32 - 2018-02-10 01:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-04-07 09:32 - 2018-02-10 01:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-04-07 09:32 - 2018-02-10 01:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-04-07 09:32 - 2018-02-10 01:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-04-07 09:32 - 2018-02-10 01:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-04-07 09:32 - 2018-02-10 01:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-04-07 09:32 - 2018-02-10 01:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-04-07 09:32 - 2018-02-10 01:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-04-07 09:32 - 2018-02-10 01:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-04-07 09:32 - 2018-02-10 01:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-04-07 09:32 - 2018-02-10 01:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-04-07 09:32 - 2018-02-10 01:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-04-07 09:32 - 2018-02-10 01:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-04-07 09:32 - 2018-02-10 01:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-04-07 09:32 - 2018-02-10 01:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-04-07 09:32 - 2018-02-10 01:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-04-07 09:32 - 2018-02-10 01:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-04-07 09:32 - 2018-02-10 01:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-04-07 09:32 - 2018-02-10 01:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-04-07 09:32 - 2018-02-10 01:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-04-07 09:32 - 2018-02-10 01:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-04-07 09:32 - 2018-02-10 01:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-04-07 09:32 - 2018-02-10 01:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-04-07 09:32 - 2018-02-10 01:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-04-07 09:32 - 2018-02-10 01:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-04-07 09:32 - 2018-02-10 01:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-04-07 09:32 - 2018-02-10 01:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-04-07 09:32 - 2018-02-10 01:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-04-07 09:32 - 2018-02-10 01:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-04-07 09:32 - 2018-02-10 01:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-04-07 09:32 - 2018-02-10 01:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-04-07 09:32 - 2018-02-10 01:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-04-07 09:32 - 2018-02-10 00:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-04-07 09:32 - 2018-02-10 00:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-04-07 09:32 - 2018-02-10 00:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-04-07 09:32 - 2018-02-10 00:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-04-07 09:32 - 2018-02-10 00:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-04-07 09:32 - 2018-02-10 00:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-04-07 09:32 - 2018-02-10 00:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-04-07 09:32 - 2018-02-10 00:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-04-07 09:32 - 2018-02-10 00:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-04-07 09:32 - 2018-02-10 00:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-04-07 09:32 - 2018-02-10 00:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-04-07 09:32 - 2018-02-10 00:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-04-07 09:32 - 2018-02-10 00:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-04-07 09:32 - 2018-02-10 00:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-04-07 09:32 - 2018-02-10 00:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-04-07 09:32 - 2018-02-10 00:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-04-07 09:32 - 2018-02-10 00:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-04-07 09:32 - 2018-02-10 00:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-04-07 09:32 - 2018-02-10 00:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-04-07 09:32 - 2018-02-10 00:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-04-07 09:32 - 2018-02-10 00:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-04-07 09:32 - 2018-02-10 00:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-04-07 09:32 - 2018-02-10 00:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-04-07 09:32 - 2018-02-10 00:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-04-07 09:32 - 2018-02-09 23:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-04-07 09:32 - 2018-02-09 23:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-04-07 09:32 - 2018-02-09 23:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-04-07 09:32 - 2018-02-09 23:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-04-07 09:32 - 2018-02-09 23:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-04-07 09:32 - 2018-02-09 23:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-04-07 09:32 - 2018-02-09 23:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-04-07 09:32 - 2018-02-09 23:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-04-07 09:32 - 2018-02-09 23:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-04-07 09:32 - 2018-02-09 23:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-04-07 09:32 - 2018-02-09 23:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-04-07 09:32 - 2018-02-09 23:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-04-07 09:32 - 2018-02-09 23:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-04-07 09:32 - 2018-02-09 23:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-04-07 09:32 - 2018-02-09 23:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-04-07 09:32 - 2018-02-09 23:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-04-07 09:32 - 2018-02-09 23:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-04-07 09:32 - 2018-02-09 23:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-04-07 09:32 - 2018-02-09 23:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-04-07 09:32 - 2018-02-09 23:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-04-07 09:32 - 2018-02-09 23:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-04-07 09:32 - 2018-02-09 23:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-07 09:32 - 2018-02-09 23:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-04-07 09:32 - 2018-02-09 23:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-04-07 09:32 - 2018-02-09 23:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-04-07 09:32 - 2018-02-09 23:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-04-07 09:32 - 2018-02-09 23:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-04-07 09:32 - 2018-02-09 23:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-04-07 09:32 - 2018-02-09 23:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-04-07 09:32 - 2018-02-09 23:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-04-07 09:32 - 2018-02-09 23:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-04-07 09:32 - 2018-02-09 23:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-04-07 09:32 - 2018-02-09 23:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-07 09:32 - 2018-02-09 23:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-04-07 09:32 - 2018-02-09 23:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-04-07 09:32 - 2018-02-09 23:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-04-07 09:32 - 2018-02-09 23:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-04-07 09:32 - 2018-02-09 23:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-04-07 09:32 - 2018-02-09 23:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-04-07 09:32 - 2018-02-09 23:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-04-07 09:32 - 2018-02-09 23:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-07 09:32 - 2018-02-09 23:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-04-07 09:32 - 2018-02-09 23:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-04-07 09:32 - 2018-02-09 23:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-04-07 09:32 - 2018-02-09 23:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-04-07 09:32 - 2018-02-09 23:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-04-07 09:32 - 2018-02-09 23:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-04-07 09:32 - 2018-02-09 23:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-04-07 09:32 - 2018-02-09 23:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-04-07 09:32 - 2018-02-09 23:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-04-07 09:32 - 2018-02-09 23:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-04-07 09:32 - 2018-02-09 23:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-04-07 09:32 - 2018-02-09 23:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-04-07 09:32 - 2018-02-09 23:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-04-07 09:32 - 2018-02-09 23:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-04-07 09:32 - 2018-02-09 23:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-04-07 09:32 - 2018-02-09 23:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-04-07 09:32 - 2018-02-09 23:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-04-07 09:32 - 2018-02-09 23:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-04-07 09:32 - 2018-02-09 23:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-04-07 09:32 - 2018-02-09 23:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-04-07 09:32 - 2018-02-09 23:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-04-07 09:32 - 2018-02-09 23:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-04-07 09:32 - 2018-02-09 23:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-04-07 09:32 - 2018-02-09 23:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-04-07 09:32 - 2018-02-09 21:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-04-07 09:32 - 2018-02-09 21:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-04-07 09:32 - 2018-02-08 22:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-04-07 09:32 - 2018-02-08 22:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-04-07 09:32 - 2018-02-08 22:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-04-07 09:32 - 2018-02-01 22:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-04-07 09:32 - 2018-02-01 22:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-04-07 09:32 - 2018-02-01 22:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-04-07 09:32 - 2018-01-01 07:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-04-07 09:32 - 2018-01-01 07:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-04-07 09:32 - 2018-01-01 07:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-04-07 09:32 - 2018-01-01 07:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-04-07 09:32 - 2018-01-01 07:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-04-07 09:32 - 2018-01-01 07:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-04-07 09:32 - 2018-01-01 07:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-04-07 09:32 - 2018-01-01 07:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-04-07 09:32 - 2018-01-01 07:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-04-07 09:32 - 2018-01-01 07:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-04-07 09:32 - 2018-01-01 07:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-04-07 09:32 - 2018-01-01 07:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-04-07 09:32 - 2018-01-01 07:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-04-07 09:32 - 2018-01-01 07:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-04-07 09:32 - 2018-01-01 07:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-04-07 09:32 - 2018-01-01 07:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-04-07 09:32 - 2018-01-01 07:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-04-07 09:32 - 2018-01-01 07:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-04-07 09:32 - 2018-01-01 07:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-04-07 09:32 - 2018-01-01 06:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-04-07 09:32 - 2018-01-01 06:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-04-07 09:32 - 2018-01-01 06:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-04-07 09:32 - 2018-01-01 06:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-04-07 09:32 - 2018-01-01 06:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-04-07 09:32 - 2018-01-01 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-04-07 09:32 - 2018-01-01 06:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-04-07 09:32 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-04-07 09:32 - 2018-01-01 06:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-04-07 09:32 - 2018-01-01 06:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-04-07 09:32 - 2018-01-01 06:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-04-07 09:32 - 2018-01-01 06:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-04-07 09:32 - 2018-01-01 06:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-04-07 09:32 - 2018-01-01 06:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-04-07 09:32 - 2018-01-01 06:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-04-07 09:32 - 2018-01-01 06:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-04-07 09:32 - 2018-01-01 06:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-07 09:32 - 2018-01-01 06:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-04-07 09:32 - 2018-01-01 06:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-04-07 09:32 - 2018-01-01 06:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-04-07 09:32 - 2018-01-01 06:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-04-07 09:32 - 2018-01-01 06:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-04-07 09:32 - 2018-01-01 06:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-04-07 09:32 - 2018-01-01 06:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-04-07 09:32 - 2018-01-01 06:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-04-07 09:32 - 2018-01-01 06:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-04-07 09:32 - 2018-01-01 06:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-04-07 09:32 - 2018-01-01 06:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-07 09:32 - 2018-01-01 06:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-04-07 09:32 - 2018-01-01 06:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-04-07 09:32 - 2018-01-01 06:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-07 09:32 - 2018-01-01 06:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-04-07 09:32 - 2018-01-01 06:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-04-07 09:32 - 2018-01-01 06:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-04-07 09:32 - 2018-01-01 06:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-04-07 09:32 - 2018-01-01 06:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-07 09:32 - 2018-01-01 06:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-04-07 09:32 - 2018-01-01 06:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-04-07 09:32 - 2018-01-01 06:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-04-07 09:32 - 2018-01-01 06:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-04-07 09:32 - 2018-01-01 06:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-04-07 09:32 - 2018-01-01 06:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-04-07 09:32 - 2017-12-08 01:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-04-07 09:32 - 2017-12-07 18:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-04-07 09:32 - 2017-12-07 18:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-04-07 09:32 - 2017-12-07 18:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-04-07 09:32 - 2017-12-07 18:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2018-04-07 09:32 - 2017-12-07 17:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-04-07 09:32 - 2017-12-07 17:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-04-07 09:32 - 2017-12-07 17:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-04-07 09:32 - 2017-12-07 17:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2018-04-07 09:32 - 2017-12-07 17:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2018-04-07 09:32 - 2017-12-07 17:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-04-07 09:32 - 2017-12-07 17:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2018-04-07 09:32 - 2017-12-07 17:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-04-07 09:32 - 2017-12-07 17:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-04-07 09:32 - 2017-12-07 17:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2018-04-07 09:32 - 2017-12-07 17:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2018-04-07 09:32 - 2017-12-07 17:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-04-07 09:32 - 2017-12-07 17:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-04-07 09:32 - 2017-12-07 17:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2018-04-07 09:32 - 2017-12-07 17:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2018-04-07 09:32 - 2017-12-07 17:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-04-07 09:32 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-04-07 09:32 - 2017-12-07 17:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-04-07 09:32 - 2017-12-07 17:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2018-04-07 09:32 - 2017-12-07 16:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-04-07 09:32 - 2017-12-07 16:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-04-07 09:32 - 2017-12-07 16:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-07 09:32 - 2017-11-26 15:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-04-07 09:32 - 2017-11-26 15:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-04-07 09:32 - 2017-11-26 11:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-04-07 09:32 - 2017-11-26 08:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-04-07 09:32 - 2017-11-26 08:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-04-07 09:32 - 2017-11-26 08:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-04-07 09:32 - 2017-11-26 08:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2018-04-07 09:32 - 2017-11-26 08:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-04-07 09:32 - 2017-11-26 08:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2018-04-07 09:32 - 2017-11-26 08:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-04-07 09:32 - 2017-11-26 08:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-04-07 09:32 - 2017-11-26 07:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-04-07 09:32 - 2017-11-26 07:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-07 09:32 - 2017-11-26 07:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-04-07 09:32 - 2017-11-26 07:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-04-07 09:32 - 2017-11-26 07:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2018-04-07 09:32 - 2017-11-26 07:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2018-04-07 09:32 - 2017-11-26 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2018-04-07 09:32 - 2017-11-26 07:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2018-04-07 09:32 - 2017-11-26 07:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-04-07 09:32 - 2017-11-26 07:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2018-04-07 09:32 - 2017-11-26 07:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-04-07 09:32 - 2017-11-26 07:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-04-07 09:32 - 2017-11-26 07:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-04-07 09:32 - 2017-11-26 07:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-04-07 09:32 - 2017-11-26 07:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-04-07 09:32 - 2017-11-26 07:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-04-07 09:32 - 2017-11-26 07:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-04-07 09:32 - 2017-11-26 07:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-04-07 09:32 - 2017-11-26 06:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-04-07 09:32 - 2017-11-26 06:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2018-04-07 09:32 - 2017-11-26 06:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-04-07 09:32 - 2017-11-26 06:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-04-07 09:32 - 2017-11-26 06:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-04-07 09:32 - 2017-11-26 06:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2018-04-07 09:32 - 2017-11-26 06:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-04-07 09:32 - 2017-11-26 06:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2018-04-07 09:32 - 2017-11-26 06:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-04-07 09:32 - 2017-11-26 06:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-04-07 09:32 - 2017-11-26 05:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-04-07 09:32 - 2017-11-26 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-07 09:32 - 2017-11-26 05:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-04-07 09:32 - 2017-11-26 05:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-04-07 09:32 - 2017-11-26 05:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2018-04-07 09:32 - 2017-11-26 05:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-04-07 09:32 - 2017-11-26 05:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2018-04-07 09:32 - 2017-11-26 05:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-04-07 09:32 - 2017-11-26 05:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-04-07 09:32 - 2017-11-26 05:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-04-07 09:32 - 2017-11-26 05:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-04-07 09:32 - 2017-11-26 05:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2018-04-07 09:32 - 2017-11-19 02:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-04-07 09:32 - 2017-11-18 21:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-04-07 09:31 - 2018-03-01 22:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-04-07 09:31 - 2018-03-01 22:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-04-07 09:31 - 2018-03-01 22:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-04-07 09:31 - 2018-03-01 22:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-04-07 09:31 - 2018-03-01 22:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-04-07 09:31 - 2018-03-01 15:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-04-07 09:31 - 2018-03-01 02:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-04-07 09:31 - 2018-03-01 02:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-04-07 09:31 - 2018-03-01 02:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-04-07 09:31 - 2018-03-01 02:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-04-07 09:31 - 2018-03-01 02:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-04-07 09:31 - 2018-03-01 02:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-04-07 09:31 - 2018-03-01 02:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-04-07 09:31 - 2018-03-01 02:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-04-07 09:31 - 2018-03-01 02:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-04-07 09:31 - 2018-03-01 02:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-04-07 09:31 - 2018-03-01 02:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-04-07 09:31 - 2018-03-01 02:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-04-07 09:31 - 2018-03-01 01:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-04-07 09:31 - 2018-03-01 01:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-04-07 09:31 - 2018-03-01 01:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-04-07 09:31 - 2018-03-01 01:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-04-07 09:31 - 2018-03-01 01:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-04-07 09:31 - 2018-03-01 01:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-04-07 09:31 - 2018-03-01 01:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-04-07 09:31 - 2018-03-01 01:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-04-07 09:31 - 2018-03-01 01:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-04-07 09:31 - 2018-03-01 00:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-04-07 09:31 - 2018-03-01 00:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-04-07 09:31 - 2018-03-01 00:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-04-07 09:31 - 2018-03-01 00:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-04-07 09:31 - 2018-03-01 00:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-04-07 09:31 - 2018-03-01 00:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-04-07 09:31 - 2018-03-01 00:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-07 09:31 - 2018-03-01 00:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-04-07 09:31 - 2018-03-01 00:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-04-07 09:31 - 2018-03-01 00:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-04-07 09:31 - 2018-03-01 00:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-04-07 09:31 - 2018-03-01 00:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-04-07 09:31 - 2018-03-01 00:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-04-07 09:31 - 2018-03-01 00:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-04-07 09:31 - 2018-03-01 00:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-04-07 09:31 - 2018-03-01 00:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-04-07 09:31 - 2018-03-01 00:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-07 09:31 - 2018-03-01 00:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-04-07 09:31 - 2018-03-01 00:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-04-07 09:31 - 2018-03-01 00:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-04-07 09:31 - 2018-03-01 00:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-04-07 09:31 - 2018-03-01 00:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-04-07 09:31 - 2018-03-01 00:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-04-07 09:31 - 2018-03-01 00:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-04-07 09:31 - 2018-03-01 00:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-04-07 09:31 - 2018-03-01 00:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-04-07 09:31 - 2018-02-21 21:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-07 09:31 - 2018-02-21 21:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-04-07 09:31 - 2018-02-21 21:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-04-07 09:31 - 2018-02-21 21:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-04-07 09:31 - 2018-02-21 21:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-04-07 09:31 - 2018-02-21 21:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-04-07 09:31 - 2018-02-21 21:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-04-07 09:31 - 2018-02-21 21:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-04-07 09:31 - 2018-02-21 21:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-04-07 09:31 - 2018-02-21 20:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-04-07 09:31 - 2018-02-21 20:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-04-07 09:31 - 2018-02-21 20:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-04-07 09:31 - 2018-02-21 20:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-04-07 09:31 - 2018-02-21 19:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-04-07 09:31 - 2018-02-21 19:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-04-07 09:31 - 2018-02-21 19:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-04-07 09:31 - 2018-02-21 19:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-04-07 09:31 - 2018-02-21 19:26 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-04-07 09:31 - 2018-02-21 19:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-04-07 09:31 - 2018-02-21 19:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-04-07 09:31 - 2018-02-10 01:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-04-07 09:31 - 2018-02-10 01:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-04-07 09:31 - 2018-02-10 01:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-04-07 09:31 - 2018-02-10 01:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-04-07 09:31 - 2018-02-10 01:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-04-07 09:31 - 2018-02-10 01:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-04-07 09:31 - 2018-02-10 01:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-04-07 09:31 - 2018-02-10 01:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-04-07 09:31 - 2018-02-10 01:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-04-07 09:31 - 2018-02-10 01:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-04-07 09:31 - 2018-02-10 00:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-04-07 09:31 - 2018-02-10 00:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-04-07 09:31 - 2018-02-10 00:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-04-07 09:31 - 2018-02-10 00:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-04-07 09:31 - 2018-02-10 00:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-04-07 09:31 - 2018-02-10 00:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-04-07 09:31 - 2018-02-09 23:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-04-07 09:31 - 2018-02-09 23:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-04-07 09:31 - 2018-02-09 23:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-04-07 09:31 - 2018-02-09 23:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-04-07 09:31 - 2018-02-09 23:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-04-07 09:31 - 2018-02-09 23:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-04-07 09:31 - 2018-02-09 23:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-04-07 09:31 - 2018-02-09 23:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-04-07 09:31 - 2018-02-09 23:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-04-07 09:31 - 2018-02-09 23:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-04-07 09:31 - 2018-02-09 23:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-04-07 09:31 - 2018-02-09 23:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-04-07 09:31 - 2018-02-09 23:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-07 09:31 - 2018-02-09 23:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-04-07 09:31 - 2018-02-09 23:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-04-07 09:31 - 2018-02-09 23:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-04-07 09:31 - 2018-02-09 23:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-04-07 09:31 - 2018-02-09 23:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-04-07 09:31 - 2018-02-09 23:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-04-07 09:31 - 2018-02-09 23:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-04-07 09:31 - 2018-02-09 23:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-04-07 09:31 - 2018-02-09 23:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-04-07 09:31 - 2018-02-09 23:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-04-07 09:31 - 2018-02-09 23:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-04-07 09:31 - 2018-02-09 23:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-04-07 09:31 - 2018-02-09 23:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-04-07 09:31 - 2018-02-09 23:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-04-07 09:31 - 2018-02-09 23:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-07 09:31 - 2018-02-09 23:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-04-07 09:31 - 2018-02-09 23:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-04-07 09:31 - 2018-02-09 23:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-04-07 09:31 - 2018-02-09 23:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-04-07 09:31 - 2018-02-09 23:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-04-07 09:31 - 2018-02-09 23:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-04-07 09:31 - 2018-02-09 23:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-04-07 09:31 - 2018-02-09 23:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-04-07 09:31 - 2018-02-09 23:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-04-07 09:31 - 2018-02-09 23:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-04-07 09:31 - 2018-02-09 23:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-04-07 09:31 - 2018-02-09 23:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-04-07 09:31 - 2018-02-09 23:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-04-07 09:31 - 2018-02-09 23:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-04-07 09:31 - 2018-02-09 23:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-04-07 09:31 - 2018-02-09 23:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-04-07 09:31 - 2018-02-09 23:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-04-07 09:31 - 2018-02-09 23:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-04-07 09:31 - 2018-02-09 23:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-04-07 09:31 - 2018-02-09 23:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-04-07 09:31 - 2018-02-09 23:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-07 09:31 - 2018-02-09 23:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-04-07 09:31 - 2018-02-09 23:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-04-07 09:31 - 2018-02-09 23:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-04-07 09:31 - 2018-02-09 23:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-04-07 09:31 - 2018-02-09 23:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-04-07 09:31 - 2018-02-09 23:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-04-07 09:31 - 2018-02-09 23:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-04-07 09:31 - 2018-02-09 23:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-04-07 09:31 - 2018-02-09 23:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-04-07 09:31 - 2018-02-09 23:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-04-07 09:31 - 2018-02-09 23:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-04-07 09:31 - 2018-02-09 23:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-04-07 09:31 - 2018-02-09 23:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-04-07 09:31 - 2018-02-09 23:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-04-07 09:31 - 2018-02-09 23:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-04-07 09:31 - 2018-02-09 23:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-04-07 09:31 - 2018-02-09 23:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-04-07 09:31 - 2018-02-09 23:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-04-07 09:31 - 2018-02-09 23:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-04-07 09:31 - 2018-02-09 23:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-04-07 09:31 - 2018-02-09 23:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-04-07 09:31 - 2018-02-09 23:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-04-07 09:31 - 2018-02-09 23:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-04-07 09:31 - 2018-02-09 23:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-04-07 09:31 - 2018-02-08 22:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-04-07 09:31 - 2018-02-08 22:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-04-07 09:31 - 2018-02-01 22:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-04-07 09:31 - 2018-02-01 22:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-04-07 09:31 - 2018-01-01 07:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-04-07 09:31 - 2018-01-01 07:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-04-07 09:31 - 2018-01-01 07:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-04-07 09:31 - 2018-01-01 07:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-07 09:31 - 2018-01-01 07:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-04-07 09:31 - 2018-01-01 07:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-04-07 09:31 - 2018-01-01 07:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-04-07 09:31 - 2018-01-01 07:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-04-07 09:31 - 2018-01-01 07:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-04-07 09:31 - 2018-01-01 07:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-04-07 09:31 - 2018-01-01 07:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-04-07 09:31 - 2018-01-01 07:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-04-07 09:31 - 2018-01-01 07:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-04-07 09:31 - 2018-01-01 06:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-04-07 09:31 - 2018-01-01 06:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-07 09:31 - 2018-01-01 06:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-04-07 09:31 - 2018-01-01 06:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-04-07 09:31 - 2018-01-01 06:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-04-07 09:31 - 2018-01-01 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-07 09:31 - 2018-01-01 06:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-04-07 09:31 - 2018-01-01 06:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-07 09:31 - 2018-01-01 06:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-04-07 09:31 - 2018-01-01 06:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-04-07 09:31 - 2018-01-01 06:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-04-07 09:31 - 2018-01-01 06:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-04-07 09:31 - 2018-01-01 06:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-07 09:31 - 2018-01-01 06:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-04-07 09:31 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-04-07 09:31 - 2018-01-01 06:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-04-07 09:31 - 2018-01-01 06:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-04-07 09:31 - 2018-01-01 06:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-04-07 09:31 - 2018-01-01 06:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-04-07 09:31 - 2018-01-01 06:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-04-07 09:31 - 2018-01-01 06:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-04-07 09:31 - 2018-01-01 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-04-07 09:31 - 2018-01-01 06:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-04-07 09:31 - 2018-01-01 06:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-04-07 09:31 - 2018-01-01 06:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-04-07 09:31 - 2018-01-01 06:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-04-07 09:31 - 2018-01-01 06:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-04-07 09:31 - 2018-01-01 06:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-04-07 09:31 - 2018-01-01 06:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-04-07 09:31 - 2018-01-01 06:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-04-07 09:31 - 2018-01-01 06:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-04-07 09:31 - 2018-01-01 06:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-04-07 09:31 - 2018-01-01 06:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-04-07 09:31 - 2018-01-01 06:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-04-07 09:31 - 2018-01-01 06:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-04-07 09:31 - 2018-01-01 06:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-04-07 09:31 - 2018-01-01 06:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-04-07 09:31 - 2018-01-01 06:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-04-07 09:31 - 2018-01-01 06:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-07 09:31 - 2018-01-01 06:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-04-07 09:31 - 2018-01-01 06:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-04-07 09:31 - 2018-01-01 06:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-04-07 09:31 - 2018-01-01 06:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-04-07 09:31 - 2017-12-07 18:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2018-04-07 09:31 - 2017-12-07 18:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-04-07 09:31 - 2017-12-07 17:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-04-07 09:31 - 2017-12-07 17:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2018-04-07 09:31 - 2017-12-07 17:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2018-04-07 09:31 - 2017-12-07 17:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-04-07 09:31 - 2017-12-07 17:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2018-04-07 09:31 - 2017-12-07 17:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2018-04-07 09:31 - 2017-12-07 17:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-04-07 09:31 - 2017-12-07 17:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-04-07 09:31 - 2017-12-07 17:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-04-07 09:31 - 2017-12-07 17:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2018-04-07 09:31 - 2017-12-07 17:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-04-07 09:31 - 2017-12-07 17:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2018-04-07 09:31 - 2017-12-07 17:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-04-07 09:31 - 2017-12-07 17:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2018-04-07 09:31 - 2017-12-07 17:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-04-07 09:31 - 2017-12-07 17:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2018-04-07 09:31 - 2017-12-07 17:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2018-04-07 09:31 - 2017-12-07 16:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2018-04-07 09:31 - 2017-11-26 08:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-04-07 09:31 - 2017-11-26 08:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-04-07 09:31 - 2017-11-26 07:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2018-04-07 09:31 - 2017-11-26 07:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-04-07 09:31 - 2017-11-26 07:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2018-04-07 09:31 - 2017-11-26 07:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-04-07 09:31 - 2017-11-26 07:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2018-04-07 09:31 - 2017-11-26 06:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2018-04-07 09:31 - 2017-11-26 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2018-04-07 09:31 - 2017-11-26 06:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-04-07 09:31 - 2017-11-26 05:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2018-04-07 09:31 - 2017-11-26 05:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2018-04-07 09:27 - 2018-04-07 09:27 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-950022629-2792073568-2137371155-1001
2018-04-07 09:27 - 2018-04-07 09:27 - 000002365 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-07 09:27 - 2018-04-07 09:27 - 000000000 ___RD C:\Users\admin\OneDrive
2018-04-07 09:27 - 2018-04-07 09:27 - 000000000 ____D C:\Users\admin\Documents\AlienFX
2018-04-07 09:27 - 2018-04-07 09:27 - 000000000 ____D C:\Users\admin\AppData\Roaming\Intel Corporation
2018-04-07 09:26 - 2018-04-14 12:18 - 000000000 ____D C:\ProgramData\Alienware
2018-04-07 09:26 - 2018-04-07 09:26 - 000000000 ____D C:\Users\admin\AppData\Local\NVIDIA
2018-04-07 09:26 - 2018-04-07 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-04-07 09:26 - 2018-04-07 09:26 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-04-07 09:25 - 2018-04-07 10:58 - 000000000 ____D C:\Users\admin\AppData\Local\MicrosoftEdge
2018-04-07 09:25 - 2018-04-07 09:25 - 000000000 ___HD C:\Users\admin\MicrosoftEdgeBackups
2018-04-07 09:25 - 2018-04-07 09:25 - 000000000 ____D C:\Users\admin\AppData\Local\Publishers
2018-04-07 09:25 - 2018-04-07 09:25 - 000000000 ____D C:\Users\admin\AppData\Local\Power2Go8
2018-04-07 09:24 - 2018-04-14 10:34 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles
2018-04-07 09:24 - 2018-04-07 11:07 - 000000000 ____D C:\Users\admin
2018-04-07 09:24 - 2018-04-07 10:49 - 000000000 ___RD C:\Users\admin\3D Objects
2018-04-07 09:24 - 2018-04-07 10:00 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2018-04-07 09:24 - 2018-04-07 09:24 - 000000020 ___SH C:\Users\admin\ntuser.ini
2018-04-07 09:24 - 2018-04-07 09:24 - 000000000 ____D C:\Users\admin\AppData\Roaming\Intel
2018-04-07 09:24 - 2018-04-07 09:24 - 000000000 ____D C:\Users\admin\AppData\Roaming\Adobe
2018-04-07 09:24 - 2018-04-07 09:24 - 000000000 ____D C:\Users\admin\AppData\Local\VirtualStore
2018-04-07 09:24 - 2018-04-07 09:24 - 000000000 ____D C:\Users\admin\AppData\Local\ConnectedDevicesPlatform
2018-04-07 02:45 - 2018-04-07 02:45 - 000000000 _SHDL C:\Users\Default User
2018-04-07 02:45 - 2018-04-07 02:45 - 000000000 _SHDL C:\Users\All Users
2018-04-07 02:45 - 2018-04-07 02:45 - 000000000 _SHDL C:\Documents and Settings
2018-04-07 02:44 - 2018-04-07 02:44 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-04-07 02:44 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-04-07 02:43 - 2018-04-14 10:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-07 02:43 - 2018-04-07 11:17 - 000003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-04-07 02:43 - 2018-04-07 02:43 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2018-04-07 02:43 - 2018-04-07 02:43 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2018-04-07 02:43 - 2018-04-07 02:43 - 000002528 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2018-04-07 02:40 - 2018-04-07 02:40 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-04-07 02:36 - 2018-04-07 02:36 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-04-07 02:32 - 2018-04-14 10:31 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-07 02:32 - 2018-04-07 02:32 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-04-07 02:32 - 2018-04-07 02:32 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-04-07 02:32 - 2018-04-07 02:32 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-04-07 02:32 - 2018-04-07 02:32 - 000000000 ____D C:\Program Files\Realtek
2018-04-07 02:32 - 2017-10-27 11:36 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-04-07 02:32 - 2017-10-27 11:12 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-04-07 02:32 - 2017-10-27 11:12 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-04-07 02:32 - 2017-10-27 11:12 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-04-07 02:32 - 2017-10-27 11:12 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-04-07 02:32 - 2017-10-27 11:12 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-04-07 02:32 - 2017-10-27 11:12 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-04-07 02:32 - 2017-10-27 11:12 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-04-07 02:32 - 2017-10-25 05:33 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-04-07 02:31 - 2018-04-07 11:06 - 000000000 ____D C:\Program Files\Intel
2018-04-07 02:31 - 2018-04-07 02:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-04-07 02:31 - 2018-04-07 02:38 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-04-07 02:31 - 2018-04-07 02:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-04-07 02:31 - 2018-04-07 02:36 - 000000000 ____D C:\Intel
2018-04-07 02:31 - 2018-04-07 02:31 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-04-07 02:31 - 2018-04-07 02:31 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2018-04-07 02:31 - 2017-06-27 19:04 - 000140264 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-04-07 02:31 - 2017-06-27 19:04 - 000116712 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-04-07 02:31 - 2017-02-24 18:23 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-04-07 02:31 - 2017-02-24 18:23 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-04-07 02:31 - 2017-02-24 18:23 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-04-07 02:31 - 2017-02-24 18:23 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-04-07 02:28 - 2018-04-14 10:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-07 02:28 - 2018-04-13 22:56 - 000416448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-07 02:28 - 2018-04-07 02:29 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-04-07 01:40 - 2018-04-07 01:40 - 000000000 ____D C:\Program Files (x86)\Dell Customer Connect
2018-04-07 01:30 - 2018-04-07 01:30 - 000004166 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2018-04-07 01:30 - 2018-04-07 01:30 - 000003580 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2018-04-07 01:30 - 2018-04-07 01:30 - 000003444 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2018-04-07 01:29 - 2018-04-07 01:29 - 000003324 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2018-04-07 01:29 - 2018-04-07 01:29 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2018-04-07 01:26 - 2018-04-07 01:26 - 000003242 _____ C:\WINDOWS\System32\Tasks\BundleApplicationRepairToolLauncherTask
2018-04-07 01:22 - 2018-04-07 01:22 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-04-07 01:21 - 2018-04-07 01:21 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-04-07 01:18 - 2018-04-07 01:18 - 000000000 ____D C:\WINDOWS\Setup
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\si-LK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\am-ET
2018-04-07 01:16 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\0409
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\OCR
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\DigitalLocker
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files\MSBuild
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-04-07 01:16 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-04-07 01:12 - 2018-04-14 10:31 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2018-04-07 01:12 - 2018-04-14 10:17 - 000000000 ___RD C:\Program Files (x86)
2018-04-07 01:12 - 2018-04-14 00:10 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-07 01:12 - 2018-04-13 18:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-07 01:12 - 2018-04-11 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-04-07 01:12 - 2018-04-11 23:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-04-07 01:12 - 2018-04-11 23:35 - 000000000 ____D C:\Program Files\Common Files\system
2018-04-07 01:12 - 2018-04-11 22:13 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-07 01:12 - 2018-04-11 22:10 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-07 01:12 - 2018-04-10 01:16 - 000000000 ____D C:\WINDOWS\rescache
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ___RD C:\Program Files\Windows Defender
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\TextInput
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\Provisioning
2018-04-07 01:12 - 2018-04-07 10:45 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-04-07 01:12 - 2018-04-07 05:30 - 000000000 ____D C:\WINDOWS\appcompat
2018-04-07 01:12 - 2018-04-07 02:44 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-04-07 01:12 - 2018-04-07 02:44 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-04-07 01:12 - 2018-04-07 02:44 - 000000000 ____D C:\WINDOWS\Registration
2018-04-07 01:12 - 2018-04-07 02:43 - 000000000 __RHD C:\Users\Public\Libraries
2018-04-07 01:12 - 2018-04-07 02:39 - 000000000 ____D C:\WINDOWS\system32\spool
2018-04-07 01:12 - 2018-04-07 02:39 - 000000000 ____D C:\ProgramData\USOPrivate
2018-04-07 01:12 - 2018-04-07 02:35 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-04-07 01:12 - 2018-04-07 02:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-04-07 01:12 - 2018-04-07 02:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-04-07 01:12 - 2018-04-07 02:32 - 000000000 ____D C:\WINDOWS\Help
2018-04-07 01:12 - 2018-04-07 02:28 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2018-04-07 01:12 - 2018-04-07 01:22 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-04-07 01:12 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-04-07 01:12 - 2018-04-07 01:17 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\setup
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\system32\com
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\IME
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-04-07 01:12 - 2018-04-07 01:16 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-04-07 01:12 - 2018-04-07 01:13 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2018-04-07 01:12 - 2018-04-07 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2018-04-07 01:12 - 2018-04-07 01:13 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 __RSD C:\WINDOWS\media
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___SD C:\WINDOWS\system32\Nui
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Web
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Vss
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\tracing
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\TAPI
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SystemResources
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SystemApps
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\winevt
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\ras
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\IME
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\icsxml
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\ias
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\hydrogen
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\downlevel
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\DDFs
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\System
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SKB
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\security
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\schemas
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\SchCache
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Resources
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\PLA
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Performance
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\ModemLogs
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\L2Schemas
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\InputMethod
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Globalization
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Cursors
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\Branding
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\addins
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files\Windows Security
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files\Windows Portable Devices
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files\windows nt
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files\Common Files\Services
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files (x86)\windows nt
2018-04-07 01:12 - 2018-04-07 01:12 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2018-04-07 01:12 - 2018-04-07 01:10 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2018-04-07 01:12 - 2018-04-07 01:10 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2018-04-07 01:12 - 2018-04-07 01:10 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2018-04-07 01:12 - 2018-04-07 01:10 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2018-04-07 01:12 - 2018-04-07 01:10 - 000017572 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2018-04-07 01:12 - 2018-04-07 01:10 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
2018-04-07 01:12 - 2018-04-07 01:10 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2018-04-07 01:12 - 2018-04-07 01:10 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2018-04-07 01:12 - 2018-04-07 01:10 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2018-04-07 01:12 - 2018-04-07 01:10 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2018-04-07 01:11 - 2018-04-14 10:13 - 000000000 ____D C:\WINDOWS\INF
2018-04-07 01:08 - 2018-04-13 22:32 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-07 01:06 - 2018-04-14 10:31 - 090439680 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-04-07 01:06 - 2018-04-14 10:31 - 023068672 ____N C:\WINDOWS\system32\config\SYSTEM
2018-04-07 01:06 - 2018-04-14 10:31 - 023068672 _____ C:\WINDOWS\system32\config\HARDWARE
2018-04-07 01:06 - 2018-04-14 10:31 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2018-04-07 01:06 - 2018-04-14 10:31 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-04-07 01:06 - 2018-04-14 10:31 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2018-04-07 01:06 - 2018-04-07 02:44 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-04-07 01:06 - 2018-04-07 01:16 - 000000000 ____D C:\WINDOWS\servicing
2018-04-07 01:06 - 2018-04-07 01:14 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2018-04-07 01:06 - 2018-04-07 01:12 - 000000000 ____D C:\WINDOWS\system32\SMI
2018-04-07 01:06 - 2018-04-07 00:39 - 000000000 ____D C:\WINDOWS\Panther
2018-04-06 21:49 - 2018-04-07 01:22 - 000000000 ___HD C:\$SysReset
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-14 12:18 - 2016-01-24 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware
2018-04-14 12:18 - 2016-01-24 20:03 - 000000000 ____D C:\Program Files\Alienware
2018-04-14 10:35 - 2016-01-24 20:12 - 000000000 ____D C:\MSI
2018-04-14 00:12 - 2016-01-24 20:06 - 001084072 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-11 23:41 - 2015-10-30 02:24 - 000000167 _____ C:\WINDOWS\win.ini
2018-04-11 23:37 - 2015-10-30 04:05 - 000000000 ____D C:\WINDOWS\ShellNew
2018-04-11 23:33 - 2016-01-24 20:00 - 000000000 ____D C:\ProgramData\CyberLink
2018-04-11 22:09 - 2016-01-24 20:02 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-07 11:06 - 2016-01-24 20:08 - 000000000 ____D C:\ProgramData\Intel
2018-04-07 11:06 - 2016-01-24 20:07 - 000000000 ____D C:\Program Files (x86)\Intel
2018-04-07 11:05 - 2016-01-24 19:40 - 000000000 ____D C:\ProgramData\Dell
2018-04-07 10:49 - 2016-01-24 20:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-07 09:34 - 2016-01-24 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-04-07 02:43 - 2016-01-24 20:03 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installations
2018-04-07 02:43 - 2015-10-30 02:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-04-07 02:39 - 2016-01-24 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-04-07 02:39 - 2016-01-24 20:11 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2018-04-07 02:39 - 2016-01-24 20:11 - 000000000 ____D C:\WINDOWS\nvmup
2018-04-07 02:39 - 2016-01-24 20:10 - 000000000 ____D C:\ProgramData\Intel.sav
2018-04-07 02:39 - 2016-01-24 20:09 - 000000000 ____D C:\ProgramData\Intel® Update Manager
2018-04-07 02:39 - 2016-01-24 20:08 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-04-07 02:39 - 2016-01-24 20:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio
2018-04-07 02:39 - 2016-01-24 20:04 - 000000000 ____D C:\ProgramData\iolo
2018-04-07 02:39 - 2016-01-24 20:02 - 000000000 ____D C:\Users\Public\CyberLink
2018-04-07 02:39 - 2016-01-24 20:00 - 000000000 ____D C:\ProgramData\USOShared
2018-04-07 02:39 - 2016-01-24 20:00 - 000000000 ____D C:\ProgramData\Temp
2018-04-07 02:39 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\PurchaseDialog
2018-04-07 02:39 - 2015-10-30 02:24 - 000000000 ___RD C:\WINDOWS\DesktopTileResources
2018-04-07 02:38 - 2016-01-24 20:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-07 02:38 - 2016-01-24 20:13 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2018-04-07 02:38 - 2016-01-24 20:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-04-07 02:38 - 2016-01-24 20:08 - 000000000 ____D C:\Program Files (x86)\MSI
2018-04-07 02:38 - 2016-01-24 20:07 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-04-07 02:38 - 2016-01-24 20:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-04-07 02:38 - 2016-01-24 20:00 - 000000000 ____D C:\ProgramData\install_clap
2018-04-07 02:38 - 2016-01-24 20:00 - 000000000 ____D C:\ProgramData\CLSK
2018-04-07 02:38 - 2016-01-24 20:00 - 000000000 ____D C:\Program Files (x86)\CyberLink
2018-04-07 02:37 - 2016-01-24 20:10 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-04-07 02:37 - 2016-01-24 20:10 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-04-07 02:37 - 2015-10-30 04:05 - 000000000 ____D C:\Program Files\Windows Journal
2018-04-07 02:36 - 2016-01-24 19:51 - 000000000 ____D C:\backup
2018-04-07 02:36 - 2016-01-24 19:34 - 000000000 ____D C:\MFG
2018-04-07 02:36 - 2015-11-03 14:03 - 000000000 ____D C:\dell
2018-04-07 01:29 - 2016-01-24 20:12 - 000000000 ____D C:\ProgramData\PCDr
==================== Files in the root of some directories =======
2018-04-13 00:33 - 2018-04-13 00:33 - 000000046 _____ () C:\Users\admin\AppData\Roaming\WB.CFG
2018-04-13 20:11 - 2018-04-13 20:11 - 000085504 _____ () C:\Users\admin\AppData\Local\Crueler.exe
2018-04-13 22:21 - 2018-04-13 22:21 - 000043520 _____ () C:\Users\admin\AppData\Local\dkstoj.dll
2018-04-13 20:11 - 2018-04-13 20:11 - 000085504 _____ () C:\Users\admin\AppData\Local\filip.exe
2018-04-13 22:21 - 2018-04-13 22:21 - 000194048 _____ () C:\Users\admin\AppData\Local\plsxc.dll
2018-04-13 22:21 - 2018-04-13 22:21 - 000003072 _____ () C:\Users\admin\AppData\Local\setup_NeoNetPlasma.exe
Some files in TEMP:
====================
2018-04-13 14:54 - 2018-04-13 05:45 - 004279968 _____ (NeoSoft Tools                                               ) C:\Users\admin\AppData\Local\Temp\ctask.exe
2018-04-14 12:41 - 2018-02-10 01:15 - 001954048 _____ (Microsoft Corporation) C:\Users\admin\AppData\Local\Temp\dllnt_dump.dll
2018-04-14 02:23 - 2018-04-13 22:37 - 071942408 _____ (Malwarebytes                                                ) C:\Users\admin\AppData\Local\Temp\mbam-setup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\cwcmptwz.sys -> Access Denied <======= ATTENTION
LastRegBack: 2018-04-07 02:28
==================== End of FRST.txt ============================

Edited by jmailf2, 14 April 2018 - 12:56 PM.

  • 0

Advertisements

#2
Gary R
Posted 15 April 2018 - 01:52 AM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts

Looking over your logs back soon.


  • 0

#3
Gary R
Posted 15 April 2018 - 02:32 AM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts
Hi jmailf2

I'm Gary R,

The following indcations in your FRST log ....

S4 acoue; System32\drivers\sbmkpndo.sys [X]
R3 xaehkn; system32\drivers\ehknru.sys [X]
S3 xxxbbb; system32\drivers\rrruuu.sys [X]
C:\WINDOWS\system32\drivers\cwcmptwz.sys -> Access Denied <======= ATTENTION


.... along with the symptoms you have described, show that you have an infection that we call Smart Service.

There are a number of different versions of this infection, and all can be difficult to remove.

So at this point you have 2 options ....
  • Reset your computer to factory condition
    • In which case you will lose all your personal files and you will have to re-install them from a backup, along with any applications you currently have installed.
  • We can attempt to remove the infection.
    • This can sometimes be a long, involved process, and there is no absolute guarantee of success.
Please let me know which option you would like to take

If you opt for the 2nd, please let me know if your computer allows you to open a Command window in Recovery Environment ...
  • Open your start menu, and shift click on Restart
  • Windows will boot into Advanced Startup Options menu
    • Click on Troubleshoot
      • Click on Advanced Startup
        • Click on Command Prompt
If you can't, then please let me know if you have access to another uninfected Windows 10 machine.
  • 0

#4
jmailf2
Posted 15 April 2018 - 09:49 AM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

no I cannot do the shift click on restart.

 

I can go into the system configuration where there are tabs for General, Boot, Services, Startup, Tools.

this is how I go to the safe boot the last time.

 

I do have another computer that has windows 10 on it also.


  • 0

#5
jmailf2
Posted 15 April 2018 - 09:54 AM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I would do the first option but I don't know how to do the factory reset on this computer. I bought it off someone else and it is an Alienware computer with windows 10. If you know how without losing the Alienware software that would also be great. Which ever way is easiest for you works for me.


  • 0

#6
Gary R
Posted 15 April 2018 - 10:42 AM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts

Before doing anything, whatever you decide to do, I advise you to back up any personal files and folders to detachable media (USB drive, or other plug-in storage) making sure to back up only data files (photos, music, videos, text documents), and not any executable file types.

 

With Windows 10 there are usually 2 reset options accessed through Settings ... https://support.micr...ecovery-options... (click on the Reset your PC link to see them)

 

  • Keep my Files - which preserves your personal file and folders, and also any applications that came pre-installed by the PC manufacturer (all others will be lost).
  • Remove everything - which as its name suggests just re-installs Windows and all personal files, and all applications and programs are lost.

 

If either of those options are acceptable to you, then please feel free to use them. If you'd prefer to try to clean your machine, then I'm equally happy to talk you through the process.

 

It's quite possible that your infection may not allow you to access the 2 reset options, if that is the case or if you decide you want to try and clean your machine, then please get back to me.

 

 

 

 

 

 


  • 0

#7
jmailf2
Posted 15 April 2018 - 12:20 PM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

ok don't have anything that I have to save on this computer. I bought it off someone else and I had just started using it. anything I do have installed I can redo.

 

and yes I see the link to reset but nothing happens when I click it so I believe it is blocked.


  • 0

#8
jmailf2
Posted 15 April 2018 - 12:22 PM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

I can do either, whatever gets the issue solved. thanks again for the assistance.

I did download the windows iso tool on this machine. but that is all I have done.


  • 0

#9
Gary R
Posted 15 April 2018 - 01:42 PM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts
It's not the link being blocked that I was referring to, it's whether you can access the reset options on your computer in Settings ...

So go to ... Settings > Update & security > Reset this PC > Get started

... then select the option you want, and click on it, then follow any prompts that are presented.

If you can't access the Reset ths PC options, then you're going to need to create a Recovery Drive using the uninfected (clean) Windows 10 machine that you have access to ...

To create one, you need a USB drive of 32 GByte capacity or greater, then ....
  • From the taskbar, search for Create a recovery drive and then select it. You might be asked to enter an admin password or confirm your choice.
  • When the tool opens, make sure Back up system files to the recovery drive is selected and then select Next.
  • Connect a USB drive to your PC, select it, and then select Next > Create. A lot of files need to be copied to the recovery drive, so this might take a while.
  • When its done, you might see a Delete the recovery partition from your PC link on the final screen. Do not select this option
  • select Finish to complete the process.
You can now use this USB to boot your computer from, and to access the reset options.

To boot from your USB drive ...
  • Power down your computer
  • Insert the USB drive
  • Power up your computer, and at the same time press the F12 key repeatedly
  • This should bring up a boot menu
  • Select your USB drive from the boot options and hit Enter
  • Your computer should now boot from the USB drive.
Once it starts to boot, you should be presented with the following options ...
  • Choose the language - click on the language you want to procede with
  • Choose your keyboard layout - click on the appropriate option
  • Choose an Option - click on Troubleshoot
  • Click on Reset this PC and then the reset option of your choice.

  • 0

#10
jmailf2
Posted 15 April 2018 - 01:58 PM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

so i don't use the installation media to restore or reset your PC option on the link you sent me?

 

I did go to Get Started but when I click it nothing happens.


Edited by jmailf2, 15 April 2018 - 01:59 PM.

  • 0

Advertisements

#11
Gary R
Posted 15 April 2018 - 11:43 PM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts

When you say you got to Get Started, I'm presuming that this was with your computer booting as normal (ie not from a USB drive as described in my last post).

 

The Smart Service infection will often block some or all recovery options, so if that happens, you need to follow the instructions in my last post ... http://www.geekstogo...n/#entry2620513

 

As far as using installation media goes, I don't believe I ever asked you to use that method to recover your machine.

 

The post  posted earlier which linked to ... https://support.micr...ecovery-options... provided a number of options ...

 

  1. Restore from a System Restore Point - this is not relevant to your circumstances because it won't solve your problem
  2. Reset your PC - you say you can't access that option on your PC
  3. Use a Recovery Drive to Restore or Reset your PC - that's the one I've just described to you in my last post, and the one I recommend you now use.
  4. Use Installation Media to Restore or Reset your PC - not necessary because the previous method (option 3) is easier to implement

  • 0

#12
jmailf2
Posted 16 April 2018 - 01:10 AM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts
Sorry, meant to say I had previously downloaded the installation media. But to do it the way you say I have to get a larger thumb drive tomorrow. I will let you know once I get it and do the recovery drive.
  • 0

#13
Gary R
Posted 16 April 2018 - 01:34 AM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts

No problem. :)

 

The trouble with the installation media approach is it adds an extra layer of complication. Creating and using a Recovery Drive is generally more straight forward for most people, and is therefore likely to be more successful.


  • 0

#14
jmailf2
Posted 19 April 2018 - 04:57 PM

jmailf2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 21 posts

No problem. :)

 

The trouble with the installation media approach is it adds an extra layer of complication. Creating and using a Recovery Drive is generally more straight forward for most people, and is therefore likely to be more successful.

 

ok did it and did a reset. Is there anything I should do now?


  • 0

#15
Gary R
Posted 19 April 2018 - 11:22 PM

Gary R

    Trusted Helper

  • Malware Removal
  • 445 posts

Yes, we need to check that the infection has been fully removed (it should have, but always best to be sure), so ....

 

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
  • Please post them in your next reply.


 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP