Process Monitor says yours belongs to Research In Motion:
C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
computer running slowwww, Chrome will not open up, freezes, pop-up ads
Started by
Krueg9651
, Sep 15 2018 06:04 PM
#17
Posted 08 November 2018 - 08:25 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
? I'm confused. What do I do based on that statement?
#18
Posted 08 November 2018 - 08:32 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Sorry. Posted in the wrong thread.
#19
Posted 08 November 2018 - 08:57 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Go into Task Scheduler, then drill down to SoftwareProtectionPlatform. In the next pane over doubleclick on SvcRestartTask. A new window should open. Click on the Triggers tab then on the Daily task. Click on Edit.
Try to change the Start Date to 11/9/2018. (There is a little calendar icon you can click on to use to set the date.) OK.
#20
Posted 08 November 2018 - 09:03 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
I followed that step but when I tried to click ok, I get this image (see attached)
#22
Posted 08 November 2018 - 09:10 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
My mistake. Here is what I get after clicking OK
Attached Thumbnails
#23
Posted 08 November 2018 - 10:16 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
That's odd:
SID: S-1-5-20
Name: NT Authority
Description: Network Service
Doesn't have a password as far as I know. Let's see if FRST can unlock it for us:
Download the attached fixlist.txt to the same location as FRST
fixlist.txt 574bytes
225 downloads
Run FRST and press Fix
A fix log will be generated please post that
Reboot if the fix doesn't reboot it for you
Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.
#24
Posted 29 April 2019 - 09:56 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
RKinner, I owe you a HUGE apology. We had been communicating back and forth and you had completely helped me fix my computer problem, but I made the mistake of not following through and responding to your last post. I am soo sorry. Because of this, I may have opened up my computer again to malware/virus issues because my computer is acting very slow again. I did not mean to ignore your last message, I got caught up with work and forgot to go back and finish your last step, because it felt like the comptuer was back to normal. Below is my information.
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
Ran by Andrew (29-04-2019 22:38:18) Run:4
Running from C:\Users\Andrew\Desktop
Loaded Profiles: Andrew (Available Profiles: Andrew & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Unlock: c:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform
Unlock: c:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcPrestartTask
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
*****************
"c:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform" => was unlocked
"c:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcPrestartTask" => not found
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
========= End of CMD: =========
The system needed a reboot.
==== End of Fixlog 22:39:06 ====
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.04.2019
Ran by Andrew (administrator) on ANDREW-PC (Dell Inc. Inspiron 620) (29-04-2019 22:44:07)
Running from C:\Users\Andrew\Desktop
Loaded Profiles: Andrew (Available Profiles: Andrew & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.437 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
() [File not signed] C:\Program Files\pia_manager\pia_manager.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19032.731.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Chicony) [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\caudiofilteragent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Dell Inc -> SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Dell Inc -> SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(DELL) [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Andrew\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> ) C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Symantec Corporation -> Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Unlimited Realities -> ) C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [883840 2012-03-28] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2013-12-16] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Chicony_OSD] => C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe [53248 2011-01-12] () [File not signed]
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Symantec Corporation -> Dell, Inc.)
HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] (Nero AG -> )
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-07-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] (Unlimited Realities -> )
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [221184 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0579DB7C-F4CA-4845-9D46-928D728B9997} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {0CA1DE0B-DBBA-48A6-9ED1-5DE606B3AA18} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {164AB38D-BDD8-498A-B41D-F903CEDAD0DF} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
Task: {18E7C743-AB9B-4741-8586-400F4CC9A2F1} - System32\Tasks\{69D6DFB6-DD30-49C2-AF4F-0DE759856B3F} => C:\Program Files (x86)\e-iceblue\Spire.PDFConverter\Bin\PDFConverter.exe [1167360 2011-06-07] (e-iceblue) [File not signed]
Task: {1AC52998-29FC-4097-A5F5-FADCD7CB3249} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [7711878 2017-01-15] () [File not signed]
Task: {2560912E-0E58-40BA-A354-C05E87725ACF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B4DBCA3-208C-4116-A354-3EA58C3BCADE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {40CFC240-561C-4610-BBEC-998E0A3AF824} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {5B68DDB2-0601-4C92-B014-141A85F9146E} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-09-12] (Rivet Networks LLC -> DELL)
Task: {658FDF8B-5680-473D-AAFE-45BBFB271FF0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {775BF3E0-25B4-4CA1-A74E-1F1DE4254F7B} - System32\Tasks\{0D8421A0-C776-441E-9A5A-8348A718FF18} => C:\Program Files (x86)\e-iceblue\Spire.PDFConverter\Bin\PDFConverter.exe [1167360 2011-06-07] (e-iceblue) [File not signed]
Task: {A8DD2A08-0A9F-4CBA-97B7-8015E3A1FFD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC05B29A-A0D9-4E8F-AD90-1BAE6B0D1198} - System32\Tasks\Microsoft\Windows\CUAssistant\CULauncher => C:\Program Files\CUAssistant\culauncher.exe [258568 2019-03-11] (Microsoft Windows -> Microsoft Corporation)
Task: {C0832607-22E9-4DD2-A4BE-3256AA57223F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {E0FCE90F-5A6C-427B-A674-CC2768754559} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2018-10-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EDE780D1-95AF-449E-A9A6-B70A9500495B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{323d16de-a400-4672-9c31-84b8ca31219d}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b763cc00-27d6-496f-9e5a-42a604ed4a59}: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{d064c2cb-5202-426e-9b46-f8b21d3e07f6}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
SearchScopes: HKLM -> {8C76C316-788B-42E5-9B10-D5F6C84F616E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {8C76C316-788B-42E5-9B10-D5F6C84F616E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3960278461-2044705814-1633424519-1000 -> {921B4CE9-B045-4AC7-A263-134982A3E7A8} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2011-05-05] (Cozi Group Inc. -> Cozi Group, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\3cuohms2.default [2019-03-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] () [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] () [File not signed]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN) [File not signed]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://mlnnopicjonfamklpcdfnbcomdlopmof/newtab.html"
CHR Profile: C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default [2019-04-29]
CHR Extension: (Slides) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Floorplanner) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2017-08-27]
CHR Extension: (Docs) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Skype Calling) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-06-21]
CHR Extension: (YouTube) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (QR Code Generator) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnehiohlphfeeoajihccdlbioaickhak [2017-07-29]
CHR Extension: (Google Search) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (InsertLearning) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehajjkfchegiinhcmoclkfbnmpgcahj [2019-04-17]
CHR Extension: (Sheets) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Print this page with CleanPrint) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf [2017-06-16]
CHR Extension: (The QR Code Generator) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2016-10-19]
CHR Extension: (Video Recorder for WeVideo) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiglpeefdoagfbbfhjfbmomnfobojia [2019-02-10]
CHR Extension: (Pocket New Tab) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnnopicjonfamklpcdfnbcomdlopmof [2018-05-15]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2019-03-10]
CHR Extension: (Wikibuy) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2019-04-26]
CHR Extension: (Save to Pocket) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
CHR HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Andrew\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-14]
CHR HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc. -> Apple Inc.)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-04-27] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 NOBU; C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2823000 2010-08-25] (Symantec Corporation -> Dell, Inc.)
R2 OSDSvc; C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe [176128 2010-12-01] (Chicony) [File not signed]
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-09-12] (Rivet Networks LLC -> CloudBees, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SftService; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [1695040 2012-02-16] (Dell Inc -> SoftThinks SAS)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-09-12] (Rivet Networks LLC -> Rivet Networks)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-04-05] (Microsoft Windows -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-09-12] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-01-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-29 22:44 - 2019-04-29 22:44 - 000000000 ___HD C:\OneDriveTemp
2019-04-29 22:38 - 2019-04-29 22:39 - 000001178 _____ C:\Users\Andrew\Desktop\Fixlog.txt
2019-04-29 22:38 - 2019-04-29 22:38 - 000161364 _____ C:\Users\Andrew\Desktop\FRST 4-29.txt
2019-04-29 22:38 - 2019-04-29 22:38 - 000065926 _____ C:\Users\Andrew\Desktop\Addition 4-29.txt
2019-04-29 22:09 - 2019-04-29 22:10 - 000000574 _____ C:\Users\Andrew\Downloads\fixlist (3).txt
2019-04-29 22:09 - 2019-04-29 22:10 - 000000574 _____ C:\Users\Andrew\Downloads\fixlist (2).txt
2019-04-29 22:09 - 2019-04-29 22:09 - 000000574 _____ C:\Users\Andrew\Downloads\fixlist (1).txt
2019-04-28 23:21 - 2019-04-28 23:21 - 006310771 _____ C:\Users\Andrew\Downloads\Did you get it 4.1 (3).pdf
2019-04-22 23:20 - 2019-04-22 23:20 - 000087253 _____ C:\Users\Andrew\Downloads\Copy of Preguntas - infografías sobre el trabajo infantil.pdf
2019-04-22 23:17 - 2019-04-22 23:17 - 000053825 _____ C:\Users\Andrew\Downloads\Copy of La hora del planeta AK (1).pdf
2019-04-22 23:13 - 2019-04-22 23:14 - 000053820 _____ C:\Users\Andrew\Downloads\Copy of La hora del planeta AK.pdf
2019-04-22 06:22 - 2019-04-22 06:22 - 000079588 _____ C:\Users\Andrew\Downloads\El Examen Unidad 4 - Parte Escrita.docx (1).pdf
2019-04-22 06:05 - 2019-04-22 06:05 - 000079588 _____ C:\Users\Andrew\Downloads\El Examen Unidad 4 - Parte Escrita.docx.pdf
2019-04-15 23:08 - 2019-04-15 23:08 - 000033969 _____ C:\Users\Andrew\Desktop\Copy of El Calentamiento Global escuchar.pdf
2019-04-15 23:08 - 2019-04-15 23:08 - 000028366 _____ C:\Users\Andrew\Downloads\Copy of El Calentamiento Global escuchar.pdf
2019-04-15 22:47 - 2019-04-15 22:47 - 000032966 _____ C:\Users\Andrew\Desktop\AK Copy of Univisión – Entra en vigor ley ....pdf
2019-04-15 22:46 - 2019-04-15 22:46 - 000026009 _____ C:\Users\Andrew\Downloads\AK Copy of Univisión – Entra en vigor ley ....pdf
2019-04-15 22:45 - 2019-04-15 22:45 - 000043958 _____ C:\Users\Andrew\Downloads\Copy of Spanish Listening con preguntas (2).pdf
2019-04-15 22:43 - 2019-04-15 22:43 - 000001212 _____ C:\Users\Andrew\Downloads\Práctica Escuchar - el trabajo infantil.txt
2019-04-15 00:36 - 2019-04-15 00:36 - 073569266 _____ C:\Users\Andrew\Downloads\jury orientation small.wmv
2019-04-14 10:18 - 2019-04-14 10:18 - 000763684 _____ C:\Users\Andrew\Downloads\Game of Thrones predictions - Krueger.pdf
2019-04-10 23:41 - 2019-04-10 23:41 - 000583027 _____ C:\Users\Andrew\Downloads\CLAVE - Subjuntivo_ Repaso con Duda v. Certeza 2019.pdf
2019-04-10 23:38 - 2019-04-10 23:38 - 000582907 _____ C:\Users\Andrew\Downloads\CLAVE - Subjuntivo_ Repaso con Duda v. Certeza 2019 .pdf
2019-04-10 17:54 - 2019-04-10 17:54 - 000450405 _____ C:\Users\Andrew\Downloads\CLAVE - p v i ws 3.pdf
2019-04-10 17:52 - 2019-04-10 17:52 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-04-10 17:52 - 2019-04-10 17:52 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-10 17:51 - 2019-04-10 17:51 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-10 17:51 - 2019-04-10 17:51 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-04-10 17:51 - 2019-04-10 17:51 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-10 17:51 - 2019-04-10 17:51 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 17:51 - 2019-04-10 17:51 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 17:50 - 2019-04-10 17:50 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 17:50 - 2019-04-10 17:50 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-10 17:50 - 2019-04-10 17:50 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-10 17:50 - 2019-04-10 17:50 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-10 17:50 - 2019-04-10 17:50 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-10 17:50 - 2019-04-10 17:50 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-10 17:50 - 2019-04-10 17:50 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 17:50 - 2019-04-10 17:50 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-10 17:50 - 2019-04-10 17:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-04-10 17:49 - 2019-04-10 17:49 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-10 17:49 - 2019-04-10 17:49 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 17:49 - 2019-04-10 17:49 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 17:49 - 2019-04-10 17:49 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 17:49 - 2019-04-10 17:49 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 17:49 - 2019-04-10 17:49 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-10 17:49 - 2019-04-10 17:49 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 17:49 - 2019-04-10 17:49 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 17:49 - 2019-04-10 17:49 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-10 17:49 - 2019-04-10 17:49 - 000274492 _____ C:\Users\Andrew\Downloads\CLAVE - p v i ws tarea #2.pdf
2019-04-10 17:49 - 2019-04-10 17:49 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-10 17:49 - 2019-04-10 17:49 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 17:49 - 2019-04-10 17:49 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-10 17:49 - 2019-04-10 17:49 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 17:49 - 2019-04-10 17:49 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 17:40 - 2019-04-10 17:40 - 000121467 _____ C:\Users\Andrew\Downloads\CLAVE - study guide for P v I quiz.pdf
2019-04-10 17:39 - 2019-04-10 17:39 - 000114127 _____ C:\Users\Andrew\Desktop\study guide for P v I quiz.pdf
2019-04-09 20:51 - 2019-04-09 20:51 - 000106512 _____ C:\Users\Andrew\Desktop\El Examen U4 - Práctica Escrita.pdf
2019-04-09 20:50 - 2019-04-09 20:50 - 000101261 _____ C:\Users\Andrew\Downloads\El Examen U4 - Práctica Escrita.pdf
2019-04-08 00:19 - 2019-04-08 00:19 - 000051414 _____ C:\Users\Andrew\Desktop\Conoce al _hombre-basura_ de cuida el planeta _ Al Rojo Vivo.pdf
2019-04-08 00:19 - 2019-04-08 00:19 - 000044305 _____ C:\Users\Andrew\Downloads\Conoce al _hombre-basura_ de cuida el planeta _ Al Rojo Vivo.pdf
2019-04-08 00:15 - 2019-04-08 00:15 - 001054709 _____ C:\Users\Andrew\Desktop\Esp. 3 _Did you get it__ Subjuntivo con expresiones de Emoción.pdf
2019-04-08 00:15 - 2019-04-08 00:15 - 001051834 _____ C:\Users\Andrew\Downloads\Esp. 3 _Did you get it__ Subjuntivo con expresiones de Emoción.pdf
2019-04-08 00:14 - 2019-04-08 00:14 - 000203626 _____ C:\Users\Andrew\Desktop\APUNTES subjuntive expressions of emotion.pdf
2019-04-08 00:13 - 2019-04-08 00:13 - 000203623 _____ C:\Users\Andrew\Downloads\APUNTES subjuntive expressions of emotion.pdf
2019-04-07 20:31 - 2019-04-07 20:31 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2019-04-06 02:56 - 2019-04-10 17:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-06 02:56 - 2019-04-10 17:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-06 00:50 - 2019-04-06 00:50 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001969152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-04-06 00:50 - 2019-04-06 00:50 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-04-06 00:50 - 2019-04-06 00:50 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-04-06 00:50 - 2019-04-06 00:50 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-06 00:50 - 2019-04-06 00:50 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-04-06 00:50 - 2019-04-06 00:50 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-04-06 00:50 - 2019-04-06 00:50 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-04-06 00:50 - 2019-04-06 00:50 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2019-04-06 00:50 - 2019-04-06 00:50 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 003729808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 003427840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001481488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001098128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2019-04-06 00:49 - 2019-04-06 00:49 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2019-04-06 00:49 - 2019-04-06 00:49 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-04-06 00:49 - 2019-04-06 00:49 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-04-06 00:49 - 2019-04-06 00:49 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-04-06 00:49 - 2019-04-06 00:49 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-04-06 00:49 - 2019-04-06 00:49 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 002766648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 002199864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 002141184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001751352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001296576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001177088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000895048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000115152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000047136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-04-06 00:48 - 2019-04-06 00:48 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2019-04-06 00:48 - 2019-04-06 00:48 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000033056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2019-04-06 00:48 - 2019-04-06 00:48 - 000000072 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2019-04-05 10:43 - 2019-04-05 10:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-04-05 10:43 - 2019-04-05 10:43 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2019-04-05 10:41 - 2019-04-05 10:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-04-05 10:41 - 2019-04-05 10:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-04-05 10:38 - 2019-04-05 10:38 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-04-05 10:38 - 2019-04-05 10:38 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-04-05 10:38 - 2019-04-05 10:38 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001446400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001282640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 001271608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-04-05 10:38 - 2019-04-05 10:38 - 001168384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-04-05 10:38 - 2019-04-05 10:38 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000762272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000588304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-04-05 10:38 - 2019-04-05 10:38 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-04-05 10:38 - 2019-04-05 10:38 - 000522312 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-04-05 10:38 - 2019-04-05 10:38 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-04-05 10:38 - 2019-04-05 10:38 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000121872 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-04-05 10:38 - 2019-04-05 10:38 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-04-05 10:38 - 2019-04-05 10:38 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-04-05 10:38 - 2019-04-05 10:38 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 005561856 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 005527552 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 004019200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002149368 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001700880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001533440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000864056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000752136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000612368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000408800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000276488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000148480 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000114856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-04-05 10:37 - 2019-04-05 10:37 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-04-05 10:37 - 2019-04-05 10:37 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-04-05 10:37 - 2019-04-05 10:37 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-04-05 10:33 - 2019-04-05 10:33 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpsnap.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntwin.exe
2019-04-05 10:33 - 2019-04-05 10:33 - 000107882 _____ C:\WINDOWS\system32\mib_ii.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntagnt.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-04-05 10:33 - 2019-04-05 10:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-04-05 10:33 - 2019-04-05 10:33 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
2019-04-05 10:33 - 2019-04-05 10:33 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hostmib.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000048593 _____ C:\WINDOWS\system32\hostmib.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\lmmib2.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000034317 _____ C:\WINDOWS\system32\msiprip2.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000030448 _____ C:\WINDOWS\system32\mcastmib.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntcmd.exe
2019-04-05 10:33 - 2019-04-05 10:33 - 000026236 _____ C:\WINDOWS\system32\wins.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000026100 _____ C:\WINDOWS\system32\lmmib2.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000022462 _____ C:\WINDOWS\system32\rfc2571.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000021271 _____ C:\WINDOWS\system32\http.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64mib.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000015799 _____ C:\WINDOWS\system32\ipforwd.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000015032 _____ C:\WINDOWS\system32\authserv.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000014032 _____ C:\WINDOWS\system32\accserv.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000013767 _____ C:\WINDOWS\system32\msipbtp.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpmib.dll
2019-04-05 10:33 - 2019-04-05 10:33 - 000006179 _____ C:\WINDOWS\system32\ftp.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000004597 _____ C:\WINDOWS\system32\dhcp.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000004411 _____ C:\WINDOWS\system32\smi.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000000698 _____ C:\WINDOWS\system32\inetsrv.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000000581 _____ C:\WINDOWS\system32\msft.mib
2019-04-05 10:33 - 2019-04-05 10:33 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2019-04-05 10:33 - 2019-04-05 10:33 - 000000000 ____D C:\WINDOWS\system32\msmq
2019-04-05 10:33 - 2019-04-05 10:33 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2019-04-05 10:33 - 2019-04-05 10:33 - 000000000 ____D C:\inetpub
2019-04-05 10:32 - 2019-04-05 10:32 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-04-05 10:32 - 2019-04-05 10:32 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-04-05 10:32 - 2019-04-05 10:32 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-04-05 10:32 - 2019-04-05 10:32 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-04-05 10:32 - 2019-04-05 10:32 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-04-05 10:32 - 2019-04-05 10:32 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-04-05 10:32 - 2019-04-05 10:32 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-04-05 10:32 - 2019-04-05 10:32 - 000000000 ____D C:\Program Files\MSBuild
2019-04-05 10:32 - 2019-04-05 10:32 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-04-05 10:32 - 2019-04-05 10:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-04-05 08:27 - 2019-04-05 08:27 - 000000000 ____D C:\Users\Andrew\AppData\Local\PlaceholderTileLogoFolder
2019-04-05 08:27 - 2019-04-05 08:27 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-04-05 08:27 - 2019-04-05 08:27 - 000000000 ____D C:\ProgramData\ATI
2019-04-05 08:23 - 2019-04-05 08:23 - 000000020 ___SH C:\Users\Andrew\ntuser.ini
2019-04-05 08:22 - 2019-04-29 22:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-05 08:22 - 2019-04-15 17:21 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3960278461-2044705814-1633424519-1000
2019-04-05 08:22 - 2019-04-15 00:41 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E45B52B-EC63-4571-B0D5-D23995CCD414}
2019-04-05 08:22 - 2019-04-05 08:22 - 000003752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-05 08:22 - 2019-04-05 08:22 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-04-05 08:22 - 2019-04-05 08:22 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-05 08:22 - 2019-04-05 08:22 - 000003322 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-05 08:22 - 2019-04-05 08:22 - 000003302 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-04-05 08:22 - 2019-04-05 08:22 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-05 08:22 - 2019-04-05 08:22 - 000002496 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2019-04-05 08:22 - 2019-04-05 08:22 - 000002258 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2019-04-05 08:22 - 2019-04-05 08:22 - 000002160 _____ C:\WINDOWS\System32\Tasks\{69D6DFB6-DD30-49C2-AF4F-0DE759856B3F}
2019-04-05 08:22 - 2019-04-05 08:22 - 000002160 _____ C:\WINDOWS\System32\Tasks\{0D8421A0-C776-441E-9A5A-8348A718FF18}
2019-04-05 08:22 - 2019-04-05 08:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2019-04-05 08:22 - 2019-04-05 08:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-04-05 08:22 - 2019-04-05 08:22 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2019-04-05 08:20 - 2019-04-05 08:21 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-04-05 08:20 - 2019-04-05 08:21 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-04-05 08:11 - 2019-04-29 22:28 - 000972156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-05 08:03 - 2019-04-05 08:03 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-05 08:01 - 2019-04-29 22:39 - 000000000 ____D C:\Users\Andrew
2019-04-05 08:01 - 2019-04-15 17:21 - 000002413 _____ C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-05 08:01 - 2019-04-07 20:31 - 000000000 ____D C:\Users\DefaultAppPool
2019-04-05 08:01 - 2019-04-05 07:57 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\ATI
2019-04-05 08:01 - 2019-04-05 07:57 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\ATI
2019-04-05 08:01 - 2019-04-05 07:57 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\ATI
2019-04-05 08:01 - 2019-04-05 07:57 - 000000000 ____D C:\Users\Andrew\AppData\Local\ATI
2019-04-05 08:01 - 2018-09-15 02:29 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-05 07:58 - 2019-04-05 07:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2019-04-05 07:57 - 2019-04-05 07:57 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2019-04-05 07:57 - 2019-04-05 07:57 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2019-04-05 07:57 - 2019-04-05 07:57 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2019-04-05 07:57 - 2019-04-05 07:57 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2019-04-05 07:57 - 2019-04-05 07:57 - 000000000 ____D C:\ProgramData\USOShared
2019-04-05 07:56 - 2019-04-06 00:48 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-04-05 07:53 - 2019-04-29 22:22 - 000445888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-05 07:53 - 2019-04-29 22:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-01 23:47 - 2019-04-01 23:47 - 007321731 _____ C:\Users\Andrew\Desktop\Barcelona article - songs in classroom.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-29 22:47 - 2018-01-05 11:36 - 000026002 _____ C:\Users\Andrew\Desktop\FRST.txt
2019-04-29 22:45 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Registration
2019-04-29 22:44 - 2016-03-08 07:24 - 000000000 ___RD C:\Users\Andrew\OneDrive
2019-04-29 22:44 - 2015-04-26 13:24 - 000000000 ____D C:\FRST
2019-04-29 22:43 - 2018-09-15 21:38 - 000000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2019-04-29 22:43 - 2018-09-15 21:38 - 000000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2019-04-29 22:43 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-29 22:43 - 2012-05-22 17:00 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2019-04-29 22:39 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-29 22:37 - 2018-01-05 11:38 - 000065923 _____ C:\Users\Andrew\Desktop\Addition.txt
2019-04-29 22:30 - 2018-04-29 09:30 - 000000000 ____D C:\Users\Andrew\Desktop\FRST-OlderVersion
2019-04-29 22:30 - 2018-01-05 10:56 - 002429952 _____ (Farbar) C:\Users\Andrew\Desktop\FRST64.exe
2019-04-29 22:28 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-29 21:36 - 2012-06-06 00:53 - 000000000 ____D C:\Users\Andrew\AppData\Local\Nero
2019-04-28 13:22 - 2015-04-29 17:35 - 000000000 ____D C:\ProgramData\PCDr
2019-04-27 15:25 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-27 15:11 - 2012-05-22 16:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-04-27 15:06 - 2017-06-24 21:12 - 000000000 ____D C:\ProgramData\SupportAssist
2019-04-26 20:26 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-23 06:15 - 2018-02-21 23:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-11 01:14 - 2018-09-15 04:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 01:14 - 2018-09-15 02:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-11 01:14 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-11 01:14 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-11 01:14 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 01:14 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 01:14 - 2018-09-15 01:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-10 23:29 - 2015-05-03 20:40 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 23:29 - 2015-05-03 20:40 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 17:56 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 17:34 - 2016-03-09 19:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 17:28 - 2016-03-09 19:41 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-09 17:23 - 2015-05-18 21:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-08 00:11 - 2019-03-24 14:39 - 000061432 ____H C:\Users\Andrew\Desktop\~WRL0004.tmp
2019-04-06 11:37 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\appcompat
2019-04-06 03:01 - 2018-09-15 01:09 - 000000000 ____D C:\WINDOWS\servicing
2019-04-06 02:56 - 2017-12-12 23:54 - 000000000 ___RD C:\Users\Andrew\3D Objects
2019-04-06 02:56 - 2016-03-08 07:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-04-06 02:56 - 2012-06-05 10:20 - 000000000 ___RD C:\Users\Andrew\Virtual Machines
2019-04-06 02:52 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-06 02:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-06 02:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-04-06 02:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-04-05 10:52 - 2018-09-26 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rivet Networks
2019-04-05 10:52 - 2018-09-16 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2019-04-05 10:52 - 2018-09-15 02:36 - 000000000 ____D C:\WINDOWS\Setup
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\IME
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\schemas
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Cursors
2019-04-05 10:52 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-05 10:52 - 2018-09-15 02:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-04-05 10:52 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-04-05 10:52 - 2017-07-09 03:55 - 000000000 ____D C:\Program Files\CONEXANT
2019-04-05 10:52 - 2017-04-28 03:34 - 000000000 ____D C:\Program Files\UNP
2019-04-05 10:52 - 2017-01-24 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Dell
2019-04-05 10:52 - 2016-08-30 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-04-05 10:52 - 2015-12-11 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2019-04-05 10:52 - 2015-10-30 04:07 - 000000000 ____D C:\WINDOWS\ShellNew
2019-04-05 10:52 - 2015-04-26 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2019-04-05 10:52 - 2015-04-15 06:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-05 10:52 - 2015-04-11 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 15
2019-04-05 10:52 - 2014-01-14 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2019-04-05 10:52 - 2013-02-23 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-04-05 10:52 - 2012-07-28 16:13 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2019-04-05 10:52 - 2012-07-05 04:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-04-05 10:52 - 2012-06-05 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-04-05 10:52 - 2012-05-22 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2019-04-05 10:52 - 2012-05-22 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-NFB Reading Technology
2019-04-05 10:52 - 2012-05-22 17:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe Online
2019-04-05 10:52 - 2012-05-22 17:14 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2019-04-05 10:52 - 2012-05-22 17:14 - 000000000 ____D C:\WINDOWS\en
2019-04-05 10:52 - 2012-05-22 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Stage
2019-04-05 10:52 - 2012-05-22 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
2019-04-05 10:52 - 2009-07-14 00:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-04-05 10:50 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-04-05 10:49 - 2018-09-15 02:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-04-05 10:43 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Resources
2019-04-05 10:43 - 2017-07-09 03:55 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-04-05 10:43 - 2017-07-09 03:55 - 000000000 ____D C:\Program Files\AMD
2019-04-05 10:39 - 2018-09-15 04:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-04-05 10:39 - 2018-09-15 04:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-04-05 10:39 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-04-05 10:39 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-04-05 10:39 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-04-05 10:33 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-04-05 08:43 - 2017-12-12 23:31 - 000000000 ____D C:\Users\Andrew\AppData\Local\Packages
2019-04-05 08:42 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-04-05 08:42 - 2018-08-23 22:23 - 000000000 ____D C:\ProgramData\Packages
2019-04-05 08:25 - 2016-08-05 20:19 - 000000000 ____D C:\Users\Andrew\AppData\Local\ConnectedDevicesPlatform
2019-04-05 08:23 - 2019-02-06 00:17 - 000000000 ___DC C:\WINDOWS\Panther
2019-04-05 08:22 - 2018-09-15 01:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-04-05 08:13 - 2018-09-15 02:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-04-05 08:11 - 2018-09-15 02:33 - 000000000 __RSD C:\WINDOWS\media
2019-04-05 08:04 - 2017-01-15 12:34 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2019-04-05 08:04 - 2012-07-20 00:41 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-05 08:02 - 2013-02-23 10:50 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mkv2vob
2019-04-05 08:02 - 2012-07-28 16:16 - 000000000 ____D C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\e-iceblue
2019-04-05 07:58 - 2017-07-09 03:56 - 000000000 ____D C:\Program Files\ATI Technologies
2019-04-05 07:58 - 2017-07-09 03:56 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2019-04-05 07:57 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-04-05 07:57 - 2013-05-31 23:49 - 000000000 ____D C:\AMD
2019-04-05 06:55 - 2018-11-17 17:24 - 000000000 ____D C:\Program Files\rempl
2019-03-30 12:01 - 2019-03-14 17:17 - 000000000 ____D C:\Program Files\CUAssistant
==================== Files in the root of some directories =======
2014-01-14 21:46 - 2014-01-15 00:10 - 050053120 _____ () C:\Program Files (x86)\GUT8D24.tmp
2013-12-12 23:38 - 2014-06-25 03:15 - 000003749 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2015-04-20 16:19 - 2015-05-01 06:14 - 000000020 _____ () C:\Users\Andrew\AppData\Roaming\appdataFr3.bin
2013-12-04 01:50 - 2015-10-14 00:15 - 000016896 _____ () C:\Users\Andrew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-05-13 22:38 - 2018-05-13 22:38 - 000000218 _____ () C:\Users\Andrew\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
Ran by Andrew (29-04-2019 22:48:50)
Running from C:\Users\Andrew\Desktop
Windows 10 Pro Version 1809 17763.437 (X64) (2019-04-05 13:23:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3960278461-2044705814-1633424519-500 - Administrator - Disabled)
Andrew (S-1-5-21-3960278461-2044705814-1633424519-1000 - Administrator - Enabled) => C:\Users\Andrew
DefaultAccount (S-1-5-21-3960278461-2044705814-1633424519-503 - Limited - Disabled)
Guest (S-1-5-21-3960278461-2044705814-1633424519-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3960278461-2044705814-1633424519-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3960278461-2044705814-1633424519-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Profiles (HKLM-x32\...\{63059735-CA97-FDFB-0E7A-3B8D81572EFD}) (Version: 2.0.4888.34279 - Advanced Micro Devices, Inc.)
ATI AVIVO64 Codecs (HKLM\...\{262325FE-E6AA-7D56-9071-453A374086C9}) (Version: 11.6.0.10628 - ATI Technologies Inc.) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WT089409) (Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (HKLM-x32\...\WT089410) (Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WT089443) (Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (HKLM-x32\...\WT089411) (Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (HKLM-x32\...\WT089412) (Version: 2.2.0.95 - WildTangent) Hidden
ccoomPareItApplic (HKLM-x32\...\{88E96402-3BBD-02D9-0A36-6FB806AEE04E}) (Version: - )
Chuzzle Deluxe (HKLM-x32\...\WT089413) (Version: 2.2.0.95 - WildTangent) Hidden
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.14.50 - Conexant)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell KM632 Wireless Keyboard Caps Lock Indicator (HKLM-x32\...\{55586382-6704-4237-AAA7-85FF9C055022}) (Version: 2.1.9.0401 - Dell)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell VideoStage (HKLM-x32\...\{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Diner Dash 2 Restaurant Rescue (HKLM-x32\...\WT089414) (Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (HKLM-x32\...\WT089415) (Version: 2.2.0.95 - WildTangent) Hidden
Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.4.47.146 - OSToto Co., Ltd.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Escape Whisper Valley ™ (HKLM-x32\...\WT089434) (Version: 2.2.0.95 - WildTangent) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Farm Frenzy (HKLM-x32\...\WT089450) (Version: 2.2.0.95 - WildTangent) Hidden
FATE (HKLM-x32\...\WT089418) (Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (HKLM-x32\...\WT089499) (Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (HKLM-x32\...\WT089444) (Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Jewel Quest (HKLM-x32\...\WT089420) (Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (HKLM-x32\...\WT089422) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Luxor (HKLM-x32\...\WT089507) (Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
Movavi Video Converter 15 (HKLM-x32\...\Movavi Video Converter 15) (Version: 15.2.2 - Movavi)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Namco All-Stars PAC-MAN (HKLM-x32\...\WT089440) (Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WT089445) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WT089452) (Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT089426) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WT089508) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT089433) (Version: 2.2.0.95 - WildTangent) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Samantha Swift (HKLM-x32\...\WT089503) (Version: 2.2.0.95 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{6AD3253B-AFE1-436E-971B-B16D8C6ABA3F}) (Version: 2.0.637 - Rivet Networks)
Spire.PDFConverter (HKLM-x32\...\{7144A11C-9162-4FE1-BA93-2A8CA6DB30CF}) (Version: 1.0.8 - e-iceblue)
SyncUP (HKLM-x32\...\{40F06490-8C14-43AA-99D3-EEEFDBAC3CFC}) (Version: 1.12.12400.17.102 - Nero AG) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Use VLC for YouTube (HKLM-x32\...\{C2E3DB8B-C43B-9203-7BE7-D03BA334FD8A}) (Version: - )
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089430) (Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Web Launch Recorder (HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\...\WebLaunchRecorder) (Version: 2.0 - )
Wedding Dash - Ready, Aim, Love! (HKLM-x32\...\WT089446) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell) (Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\{7FB00B6B-6843-97EC-EED6-78BD6D35370A}) (Version: 4.2.4164 - Zinio LLC) Hidden
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zuma Deluxe (HKLM-x32\...\WT089448) (Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => C:\Program Files (x86)\Movavi Video Converter 15\vcContext\vcContext.dll [2015-02-18] (Movavi) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => C:\Program Files (x86)\Movavi Video Converter 15\vcContext\vcContext.dll [2015-02-18] (Movavi) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2012-05-22 16:56 - 2010-12-01 15:07 - 000176128 _____ (Chicony) [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
2018-09-12 13:00 - 2018-09-12 13:00 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2015-02-18 04:42 - 2015-02-18 04:42 - 002375680 _____ (Movavi) [File not signed] C:\Program Files (x86)\Movavi Video Converter 15\vcContext\vcContext.dll
2017-01-15 12:34 - 2017-01-15 12:34 - 007711878 _____ () [File not signed] C:\Program Files\pia_manager\pia_manager.exe
2012-05-22 16:56 - 2011-01-12 19:17 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
2012-05-22 16:56 - 2011-04-01 17:08 - 000660480 _____ (DELL) [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe
2019-04-06 13:07 - 2019-04-06 13:07 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM\e4447920f93e9b6882cdca38f614dbd9\MOM.ni.exe
2019-04-06 13:07 - 2019-04-06 13:07 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\abfacb68b49cc8fcb5627970753a9b37\MOM.Implementation.ni.dll
2019-04-06 13:05 - 2019-04-06 13:05 - 000131584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\ebd57a1113b0e0f875e2f234df225a25\LOG.Foundation.ni.dll
2019-04-06 13:05 - 2019-04-06 13:05 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\3e05a7bc83178f562d2bacbec56406b9\LOG.Foundation.Private.ni.dll
2019-04-06 13:07 - 2019-04-06 13:07 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\dd060e6b82097097e0788603f9030cc3\LOG.Foundation.Implementation.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\d95ee0ba8dbe862a8b54afb24cec9266\MOM.Foundation.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\d37c91722dca681a3656648182c9dc28\LOG.Foundation.Implementation.Private.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\c26f86980f2762a4cca4a05a692a921e\CCC.Implementation.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC\8e2347fa4e75bbef76849516085f8c11\CCC.ni.exe
2019-04-06 13:06 - 2019-04-06 13:06 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\ea240799b401890077fa511a8fae7c0d\CLI.Foundation.ni.dll
2019-04-06 13:07 - 2019-04-06 13:07 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\803bcb0423dd9e50412aab0861cfff91\CLI.Foundation.XManifest.ni.dll
2019-04-06 13:07 - 2019-04-06 13:07 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\60d96a008b9e4948a02974f9e7e1be92\CLI.Component.Runtime.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\a6a23f33211b0b74364eee35d553ecfe\CLI.Component.Runtime.Shared.Private.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\b073b89a6911ee5bdfe6a55319e38f9d\CLI.Foundation.Private.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\750ef3d68ea6421037665e32660217a8\CLI.Component.Runtime.Shared.ni.dll
2019-04-06 13:07 - 2019-04-06 13:07 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\326cea1fbdd2a157acc4d049522b2925\ATICCCom.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\d2f63a425e49f2cba42da9f2ab392d24\AEM.Server.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\4a3e4f82cec9c105e1afb5833d305de1\NEWAEM.Foundation.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\befd4e5f17dd355c35bfaa295fa758a9\ADL.Foundation.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\3d5e4f14c1c70b714156766f00ff5b9f\AEM.Server.Shared.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000275456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\da2b5fd861dcbb192a4625625cf9b691\AEM.Plugin.Source.Kit.Server.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\8352d5e1d5519f16c1a008d399da8182\CLI.Foundation.CoreAudioAPI.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\d088ed91fcf65288c73d8f0addf79bec\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\efd11645b1ae4e211dd89ffd90daf41d\AEM.Plugin.WinMessages.Shared.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\d3e74857c3818a14e86f6103ee0d7163\DEM.Graphics.I0601.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\10989caf4046f704acdda094bf370d29\DEM.Foundation.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\b2ac88b04e0f781ac4f9c432a09bee41\DEM.Graphics.ni.dll
2019-04-06 13:07 - 2019-04-06 13:07 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\a8a43edb324bfa7940bdfca74b11302f\DEM.Graphics.I1010.ni.dll
2019-04-06 13:07 - 2019-04-06 13:07 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\59c6bcc491f4b3a9c5423a5e3ef8ea97\CLI.Caste.Graphics.Runtime.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 002786304 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\4bf6a36321bbb0cc6168df47e7a0bf86\CLI.Caste.Graphics.Shared.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\a757dcd0f88e10772b06eade5ec3c6d0\AEM.Plugin.GD.Shared.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\4b595116057b875a6edcb44ad552a345\AEM.Actions.CCAA.Shared.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\10bcc2a89c57857811ec8b910534b3ac\DEM.Graphics.I0709.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\dc22b415879327328de2681407282a7e\ResourceManagement.Foundation.Private.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\e4c106a19634f76e392bcaceab4c0f6a\DEM.Graphics.I0804.ni.dll
2019-04-06 13:06 - 2019-04-06 13:06 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\e7672f8c0499bf0edfe25c1b89909de2\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-04-06 12:59 - 2019-04-06 12:59 - 002196480 _____ (Conexant Systems, Inc) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SmartAudio\df75897294c865b4c803bae325bb0379\SmartAudio.ni.exe
2019-04-06 12:59 - 2019-04-06 12:59 - 000328192 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\81a6f9b9d6e3bd02de57b463b019f1b4\Interop.CxHDAudioAPILib.ni.dll
2016-08-05 20:56 - 2013-12-16 11:00 - 001086464 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2012-05-22 16:56 - 2011-03-11 11:09 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\INDICATOR_OSD.DLL
2012-02-01 11:44 - 2012-02-01 11:44 - 018858496 _____ (Unlimited Realities) [File not signed] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\libumajin.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 008151040 _____ () [File not signed] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 002278400 _____ () [File not signed] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 002459648 ____R (Python Software Foundation) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\python27.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 000098816 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32api.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000110080 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\pywintypes27.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 000364544 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\pythoncom27.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 000320512 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32com.shell.shell.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000914432 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_hashlib.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 001176576 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._core_.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 002030592 ____R (wxWidgets development team) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wxbase30u_vc90.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 000155136 ____R (wxWidgets development team) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wxbase30u_net_vc90.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 001251328 ____R (wxWidgets development team) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wxmsw30u_adv_vc90.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 004796928 ____R (wxWidgets development team) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wxmsw30u_core_vc90.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 000806400 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._gdi_.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000816128 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._windows_.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000601088 ____R (wxWidgets development team) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wxmsw30u_html_vc90.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 001067008 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._controls_.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000733184 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._misc_.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000682496 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\pysqlite2._sqlite.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000088064 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_ctypes.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000686080 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\unicodedata.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000119808 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32file.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000108544 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32security.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000007168 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\hashobjs_ext.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000017920 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\thumbnails_ext.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000088064 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\usb_ext.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000012800 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\common.time34.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000018432 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32event.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000167936 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32gui.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000046080 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_socket.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 001303552 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_ssl.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000128512 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_elementtree.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000127488 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\pyexpat.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000038912 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32inet.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000036864 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_psutil_windows.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000011264 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32crypt.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000123392 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._wizard.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000077312 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._html2.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000110080 ____R (wxWidgets development team) [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wxmsw30u_webview_vc90.dll
2019-04-29 22:43 - 2019-04-29 22:43 - 000027648 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_multiprocessing.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000020480 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\_yappi.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000035840 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32process.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000078848 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\wx._animate.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000024064 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32pipe.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000010240 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\select.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000025600 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32pdh.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000017408 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32profile.pyd
2019-04-29 22:43 - 2019-04-29 22:43 - 000022528 ____R () [File not signed] C:\Users\Andrew\AppData\Local\Temp\_MEI93002\win32ts.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\...\eztv.ag -> hxxps://eztv.ag
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2015-05-03 11:29 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3960278461-2044705814-1633424519-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win7 LtBlue 1920x1200.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D330DA15-5213-42F3-B3F7-9C893B3B1A41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{1A769229-E754-4DAB-AD0E-F26DADEC1962}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [TCP Query User{47980681-F642-4852-997D-C887161D0695}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe No File
FirewallRules: [UDP Query User{E0E4F86F-A1C9-4E1C-948A-113953C2712A}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe No File
FirewallRules: [{8BA3F465-6FBF-4F45-A4DE-D7943E6F07AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{2254CC99-E6B7-46FE-BDB8-284FD54EB8DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{F6A277C3-9332-4CC0-84C2-1EFD67960323}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{C792BD28-E91B-4E29-9167-203DE88574BA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{9C9A37BB-6713-4D64-AB1D-1333BCEBE1B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{C53727B8-8E0A-44EF-B26B-B77B6237536D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{431EC14C-063A-4794-92A9-0EC8B7210A81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
09-04-2019 17:27:41 Windows Update
19-04-2019 23:45:19 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Dell Wireless 1450 Dual-band (802.11a/b/g) USB 2.0 Adapter
Description: Dell Wireless 1450 Dual-band (802.11a/b/g) USB 2.0 Adapter
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (04/29/2019 10:45:32 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume OS.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (04/29/2019 10:43:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/29/2019 10:43:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/29/2019 10:40:40 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
==================== Memory info ===========================
BIOS: Dell Inc. A08 09/27/2012
Motherboard: Dell Inc. 0GDG8Y
Processor: Intel® Core™ i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 8174.64 MB
Available physical RAM: 4935.49 MB
Total Virtual: 25582.64 MB
Available Virtual: 21749.2 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1844.7 GB) (Free:1368.73 GB) NTFS
Drive d: (WHO_IS_AMERICA_DISC_2) (CDROM) (Total:4.7 GB) (Free:0 GB) UDF
\\?\Volume{89db7e19-a466-11e1-9521-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:18.28 GB) (Free:7.77 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 0EF3ACCD)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=18.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1844.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
#25
Posted 30 April 2019 - 04:07 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Error: (04/29/2019 10:45:32 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)Description: A corruption was discovered in the file system structure on volume OS.The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Open an elevated command prompt:
http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html
(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)
Type:
chkdsk C: /f /r /x
Hit Enter. Reboot the PC. The dick check should run and take some time to complete.
Once it boots back into Windows:
Open an elevated command prompt:
http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html
(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)
Once you have an elevated command prompt:
Type:
DISM /Online /Cleanup-Image /RestoreHealth
(I use two spaces so you can be sure to see where one space goes.)
Hit Enter. This will take a while (10-20 minutes) to complete. Once the prompt returns:
Reboot. Open an elevated Command Prompt again and type (with an Enter after the line):
sfc /scannow
This will also take a few minutes.
When it finishes it will say one of the following:
Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
If you get the last result then type:
findstr /c:"[SR]" \windows\logs\cbs\cbs.log > %UserProfile%\desktop\junk.txt
Hit Enter. Then type::
notepad %UserProfile%\desktop\junk.txt
Hit Enter.
Copy the text from notepad and paste it into a reply.
After you finish SFC, regardless of the result:
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
* System
4. Under 'Select type to list', select:
* Error
* Warning
Then use the 'Number of events' as follows:
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
Get Process Explorer
https://live.sysinte...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.
Wait a full minute then:
File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.
Copy the next 2 lines:
TASKLIST /SVC > \junk.txt
notepad \junk.txt
Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.
Get the free version of Speccy:
http://www.filehippo...ownload_speccy/
(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER (CCleaner is offered in the box at the bottom. Uncheck it)
. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.
Latency Monitor:
Go to
http://www.resplendence.com/downloads
Scroll down to
System Monitoring Tools
and then find
LatencyMon 6.70 (or it may be a higher number if they update)
Click on Download free home edition
Save it then right click and Run As Admin. It will install and then start the program.
It will tell you to click on the Start button but there isn't one.
Instead click on the green arrowhead (looks like a Play button). Let it run for at least 20 seconds. Then hit the red box to stop it.
Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.
#26
Posted 01 May 2019 - 06:49 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
I tried doing the first step by opening the elevated Command Prompt and this is the message I received (see attached)
#27
Posted 01 May 2019 - 06:49 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
I tried doing the first step by opening the elevated Command Prompt and this is the message I received (see attached)
Attached Thumbnails
#28
Posted 01 May 2019 - 08:17 PM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Say
Y
and Enter
Then reboot
#29
Posted 01 May 2019 - 10:42 PM
Krueg9651
- Topic Starter
-
- Member
-
- 136 posts
Member
Currently at 10% complete (its been nearly 2 hours). I know it takes a while to scan and repair device after rebooting first step you gave, but should I be concerned after waking up if still at 10%?
Attached Thumbnails
#30
Posted 02 May 2019 - 03:38 AM
RKinner
-
- Expert
-
- 24,624 posts
Malware Expert
Your drive is 2 TB or so. That's going to take a while but if it's still at 10% then hold down the power button until it reboots and cancel the scan before it starts up again.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
