hi there. I have a nasty virus which is opening multiple programmes and eating system resources. using programmes called Brodsky and Rivalry.
Ran by Mercedes (administrator) on PANDORA (09-06-2018 01:06:05)
Running from C:\Users\Mercedes\Desktop
Loaded Profiles: Mercedes (Available Profiles: Mercedes)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
() C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\ProgramData\Logic Cramble\set.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Gold Click Ltd) C:\Program Files (x86)\ProxyGate\Cloud.exe
(Gold Click Ltd) C:\Program Files (x86)\ProxyGate\PGChk.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\congestion\congestion.exe
() C:\Program Files (x86)\Hesitates\Rivalry.exe
() C:\Users\Mercedes\AppData\Local\Brodsky.exe
() C:\Program Files (x86)\Legg\loveridge.exe
() C:\Program Files (x86)\Hesitates\Brodsky.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
() C:\Users\Mercedes\AppData\Local\Rivalry.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Corel Corporation) C:\Program Files\WinZip\WinZip Smart Monitor\WinZipCompressionSmartMonitor.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
() C:\Users\Mercedes\AppData\Local\Rivalry.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
() C:\Program Files (x86)\Legg\loveridge.exe
() C:\Users\Mercedes\AppData\Local\Brodsky.exe
() C:\Program Files (x86)\Hesitates\Rivalry.exe
() C:\Program Files (x86)\Hesitates\Brodsky.exe
() C:\Program Files (x86)\congestion\congestion.exe
() C:\Program Files\ed896c4569b349cf14f608f5a7a00f93\dbe628b249273c180a6002346247c9c8.exe
(Advanced Micro Devices, Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
() C:\Program Files\ed896c4569b349cf14f608f5a7a00f93\dbe628b249273c180a6002346247c9c8.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21755.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(WinZip) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
() C:\Program Files (x86)\Hesitates\Brodsky.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
() C:\Program Files (x86)\Hesitates\Brodsky.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Hesitates\Brodsky.exe
() C:\Program Files (x86)\gaea\murdering.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
(IOT Mega) C:\Users\Mercedes\AppData\Roaming\Interstatnogui\interstatnogui.exe
Failed to access process -> ShellExperienceHost.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
() C:\Program Files (x86)\Avalanche\Brodsky.exe
() C:\Program Files (x86)\dusty\Rivalry.exe
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3873000 2016-06-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-15] (WinZip)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [123848 2017-12-15] (WinZip Computing, S.L.)
HKLM\...\Run: [Colonnades] => C:\Program Files (x86)\Avalanche\Brodsky.exe [21504 2018-06-05] ()
HKLM\...\Run: [Seshadri] => C:\Program Files (x86)\dusty\Rivalry.exe [21504 2018-06-05] ()
HKLM\...\Run: [Wall] => C:\Program Files (x86)\Hesitates\Brodsky.exe [21504 2018-06-05] ()
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Eakins] => C:\Program Files (x86)\Avalanche\Brodsky.exe [21504 2018-06-05] ()
HKLM-x32\...\Run: [Squamish] => C:\Program Files (x86)\dusty\Rivalry.exe [21504 2018-06-05] ()
HKLM-x32\...\Run: [Divinity] => C:\Program Files (x86)\Hesitates\Brodsky.exe [21504 2018-06-05] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [nostgo] => rundll32.exe "C:\Users\Mercedes\AppData\Local\pfialx.dll",nostgo <==== ATTENTION
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Browning] => C:\Program Files (x86)\Avalanche\Brodsky.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Pareto] => C:\Program Files (x86)\dusty\Rivalry.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Praiseworthy] => C:\Program Files (x86)\Hesitates\Brodsky.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Druce] => C:\Program Files (x86)\Avalanche\Brodsky.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Normative] => C:\Program Files (x86)\dusty\Rivalry.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Affectation] => C:\Program Files (x86)\Hesitates\Brodsky.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [murdering] => C:\Program Files (x86)\gaea\murdering.exe [37657 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [bullhorns] => C:\Program Files (x86)\Avalanche\Brodsky.exe [21504 2018-06-05] ()
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\...\Run: [Interstatnogui] => C:\Users\Mercedes\AppData\Roaming\Interstatnogui\interstatnogui.exe [1115760 2018-06-06] (IOT Mega) <==== ATTENTION
AppInit_DLLs: C:\ProgramData\Quoteex\Qvofix.dll => C:\ProgramData\Quoteex\Qvofix.dll [342528 2018-06-06] ()
AppInit_DLLs-x32: C:\ProgramData\Quoteex\Joyotcore.dll => C:\ProgramData\Quoteex\Joyotcore.dll [460800 2018-06-06] ()
Startup: C:\Users\Mercedes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reevaluating.lnk [2018-06-06]
ShortcutTarget: reevaluating.lnk -> C:\Program Files (x86)\Avalanche\Brodsky.exe ()
Startup: C:\Users\Mercedes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\reevaluatingreevaluating.lnk [2018-06-06]
ShortcutTarget: reevaluatingreevaluating.lnk -> C:\Program Files (x86)\dusty\Rivalry.exe ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1ff34650-66d5-4acc-921f-4c1e60f6e11e}: [DhcpNameServer] 192.168.0.1
==================
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH4wRuVxAvqMi2tp7FD6Y5ZRv8Eqmry9Tp5o8p58-8Nj59DAmZ0WOjLoF5EU1_EEeDTerOCz9rphakFMhOjsb0U4lyhf518mLJE7Nc1PZESiAP0T6EueJ8qXhwhjDSjoWFUlJnrGZowqi1cyYcfK6WtI6bw1JiBc3a0Jedbq9Q,,&q={searchTerms}
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH4wRuVxAvqMi2tp7FD6Y5ZRv8Eqmry9Tp5o8p58-8Nj59DAmZ0WOjLoF5EU1_EEeDTerOCz9rphakFAkhJtQ_sd8KWNJb8qtKv0dNYpzCUpwQKotc8GAnahGFJRTdeMCl5BTK3lvKfj2Kt-yzVulF9qbJboE-uJTAnDkJAnTA,,
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2757255035-3979406009-1362736679-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH4wRuVxAvqMi2tp7FD6Y5ZRv8Eqmry9Tp5o8p58-8Nj59DAmZ0WOjLoF5EU1_EEeDTerOCz9rphakFMhOjsb0U4lyhf518mLJE7Nc1PZESiAP0T6EueJ8qXhwhjDSjoWFUlJnrGZowqi1cyYcfK6WtI6bw1JiBc3a0Jedbq9Q,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757255035-3979406009-1362736679-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH4wRuVxAvqMi2tp7FD6Y5ZRv8Eqmry9Tp5o8p58-8Nj59DAmZ0WOjLoF5EU1_EEeDTerOCz9rphakFMhOjsb0U4lyhf518mLJE7Nc1PZESiAP0T6EueJ8qXhwhjDSjoWFUlJnrGZowqi1cyYcfK6WtI6bw1JiBc3a0Jedbq9Q,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757255035-3979406009-1362736679-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757255035-3979406009-1362736679-1001 -> {1E5B71DC-45ED-4D28-B8DF-37CE2F9D7018} URL =
SearchScopes: HKU\S-1-5-21-2757255035-3979406009-1362736679-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH4wRuVxAvqMi2tp7FD6Y5ZRv8Eqmry9Tp5o8p58-8Nj59DAmZ0WOjLoF5EU1_EEeDTerOCz9rphakFMhOjsb0U4lyhf518mLJE7Nc1PZESiAP0T6EueJ8qXhwhjDSjoWFUlJnrGZowqi1cyYcfK6WtI6bw1JiBc3a0Jedbq9Q,,&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-02] (Microsoft Corporation)
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-28] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2012-10-05] (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2011-12-06] (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://feed.bazzsearch.com/?fext=true&publisherid=51206&publisher=defaultbazz&st=ed&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Bazz Search
CHR Profile: C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default [2018-06-07]
CHR Extension: (Slides) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Docs) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-29]
CHR Extension: (YouTube) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-29]
CHR Extension: (Google Search) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Sheets) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Google Docs Offline) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Bazz Search) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh [2018-06-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Gmail) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Mercedes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-18] (Windows ® Win 7 DDK provider) [File not signed]
R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2018-06-06] () [File not signed] <==== ATTENTION
S2 BT Help Wizard; C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe [321024 2014-04-09] (Alcatel-Lucent) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8652976 2018-05-24] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 ed896c4569b349cf14f608f5a7a00f93; C:\Program Files\ed896c4569b349cf14f608f5a7a00f93\dbe628b249273c180a6002346247c9c8.exe [1760712 2018-06-06] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2016-06-02] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [467256 2013-11-11] (Alcatel-Lucent)
S2 pgt_svc; C:\Program Files (x86)\ProxyGate\MainService.exe [2285664 2017-02-22] (Gold Click Ltd) <==== ATTENTION
S2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe [1810944 2018-06-06] (TODO: <Company name>) [File not signed] <==== ATTENTION
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-02] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-02] (Microsoft Corporation)
R2 WinZip Compression Smart Monitor Service; C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe [495872 2017-09-01] ()
R2 867dcb50fd45ef7018a23d0efed06666; rundll32.exe C:\WINDOWS\yjvhvvrtfooukidv.ijvh DNPh [X]
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31832 2016-06-02] (ELAN Microelectronic Corp.)
R1 MpKsl8170f57a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{12FAEC16-FF19-4DD6-8D48-6A97D9F25583}\MpKsl8170f57a.sys [58120 2018-06-06] (Microsoft Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.sys [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.sys [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-02] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-02] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-02] (Microsoft Corporation)
==================== One Month Created files and folders ========
2018-06-07 22:49 - 2018-06-09 01:12 - 000023283 _____ C:\Users\Mercedes\Desktop\FRST.txt
2018-06-07 22:48 - 2018-06-07 22:49 - 000000000 ____D C:\FRST
2018-06-07 22:46 - 2018-06-07 22:46 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-07 22:44 - 2018-06-07 22:44 - 002413056 _____ (Farbar) C:\Users\Mercedes\Desktop\FRST64.exe
2018-06-07 21:58 - 2018-06-07 21:58 - 000857600 _____ C:\WINDOWS\yjvhvvrtfooukidv.ijvh
2018-06-07 21:58 - 2018-06-07 21:58 - 000000000 ____D C:\Program Files\ed896c4569b349cf14f608f5a7a00f93
2018-06-07 21:53 - 2018-06-07 21:53 - 000000072 ___SH C:\bootTel.dat
2018-06-06 19:55 - 2018-06-06 19:55 - 001830912 _____ C:\WINDOWS\54c7e575ec387f2ba0b614c3d95d2a1c.exe
2018-06-06 19:55 - 2018-06-06 19:55 - 000162712 _____ C:\WINDOWS\system32\Drivers\83a915133303ff21ff8a5b901dfa17ab.sys
2018-06-06 19:55 - 2018-06-06 19:55 - 000096527 _____ C:\WINDOWS\uninstaller.dat
2018-06-06 01:17 - 2018-06-09 01:12 - 000000000 ____D C:\Program Files (x86)\ProxyGate
2018-06-06 01:14 - 2018-06-06 01:14 - 000000000 ____D C:\Program Files (x86)\Microleaves
2018-06-06 01:13 - 2018-06-06 01:27 - 000000366 _____ C:\WINDOWS\Tasks\Online Application V2G6.job
2018-06-06 01:13 - 2018-06-06 01:27 - 000000366 _____ C:\WINDOWS\Tasks\Online Application V2G4.job
2018-06-06 01:13 - 2018-06-06 01:27 - 000000366 _____ C:\WINDOWS\Tasks\Online Application V2G3.job
2018-06-06 01:13 - 2018-06-06 01:13 - 000003292 _____ C:\WINDOWS\System32\Tasks\Updater_Online_Application
2018-06-06 01:13 - 2018-06-06 01:13 - 000003256 _____ C:\WINDOWS\System32\Tasks\Online Application V2G6
2018-06-06 01:13 - 2018-06-06 01:13 - 000003256 _____ C:\WINDOWS\System32\Tasks\Online Application V2G4
2018-06-06 01:13 - 2018-06-06 01:13 - 000003256 _____ C:\WINDOWS\System32\Tasks\Online Application V2G3
2018-06-06 01:12 - 2018-06-07 22:28 - 000000000 ____D C:\Program Files (x86)\SystemHealer
2018-06-06 01:12 - 2018-06-06 01:27 - 000000398 _____ C:\WINDOWS\Tasks\Updater_Online_Application.job
2018-06-06 01:12 - 2018-06-06 01:27 - 000000366 _____ C:\WINDOWS\Tasks\Online Application V2G5.job
2018-06-06 01:12 - 2018-06-06 01:27 - 000000366 _____ C:\WINDOWS\Tasks\Online Application V2G2.job
2018-06-06 01:12 - 2018-06-06 01:27 - 000000366 _____ C:\WINDOWS\Tasks\Online Application V2G1.job
2018-06-06 01:12 - 2018-06-06 01:12 - 000003256 _____ C:\WINDOWS\System32\Tasks\Online Application V2G5
2018-06-06 01:12 - 2018-06-06 01:12 - 000003256 _____ C:\WINDOWS\System32\Tasks\Online Application V2G2
2018-06-06 01:12 - 2018-06-06 01:12 - 000003256 _____ C:\WINDOWS\System32\Tasks\Online Application V2G1
2018-06-06 01:11 - 2018-06-06 01:11 - 000000000 ____D C:\Users\Mercedes\AppData\LocalLow\endGirl
2018-06-06 01:10 - 2018-06-06 01:10 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\Microleaves
2018-06-06 01:10 - 2018-06-06 01:10 - 000000000 ____D C:\Users\Mercedes\AppData\Local\AdvinstAnalytics
2018-06-06 01:09 - 2018-06-06 01:09 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\SystemHealer
2018-06-06 01:06 - 2018-06-06 01:06 - 000003774 _____ C:\WINDOWS\System32\Tasks\SoftUpgrade
2018-06-06 01:06 - 2018-06-06 01:06 - 000000012 _____ C:\WINDOWS\b32694208
2018-06-06 01:06 - 2018-06-06 01:06 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\Interstatnogui
2018-06-06 01:06 - 2018-06-06 01:06 - 000000000 ____D C:\Program Files (x86)\SoftUpgrade
2018-06-06 01:03 - 2018-06-06 01:03 - 000003850 _____ C:\WINDOWS\System32\Tasks\coinage regie racial
2018-06-06 01:03 - 2018-06-06 01:03 - 000003848 _____ C:\WINDOWS\System32\Tasks\gatekeeping_socking
2018-06-06 01:03 - 2018-06-06 01:03 - 000003844 _____ C:\WINDOWS\System32\Tasks\hollyhock-freundlich
2018-06-06 01:03 - 2018-06-06 01:03 - 000003842 _____ C:\WINDOWS\System32\Tasks\praising_gorges
2018-06-06 01:03 - 2018-06-06 01:03 - 000003840 _____ C:\WINDOWS\System32\Tasks\ic vacationing
2018-06-06 01:03 - 2018-06-06 01:03 - 000003834 _____ C:\WINDOWS\System32\Tasks\cassino
2018-06-06 01:03 - 2018-06-06 01:03 - 000003824 _____ C:\WINDOWS\System32\Tasks\sabine
2018-06-06 01:03 - 2018-06-06 01:03 - 000003824 _____ C:\WINDOWS\System32\Tasks\aquafresh
2018-06-06 01:03 - 2018-06-06 01:03 - 000003730 _____ C:\WINDOWS\System32\Tasks\coinage regie racialcoinage regie racial
2018-06-06 01:03 - 2018-06-06 01:03 - 000003726 _____ C:\WINDOWS\System32\Tasks\gatekeeping_sockinggatekeeping_socking
2018-06-06 01:03 - 2018-06-06 01:03 - 000003724 _____ C:\WINDOWS\System32\Tasks\hollyhock-freundlichhollyhock-freundlich
2018-06-06 01:03 - 2018-06-06 01:03 - 000003712 _____ C:\WINDOWS\System32\Tasks\praising_gorgespraising_gorges
2018-06-06 01:03 - 2018-06-06 01:03 - 000003708 _____ C:\WINDOWS\System32\Tasks\ic vacationingic vacationing
2018-06-06 01:03 - 2018-06-06 01:03 - 000003692 _____ C:\WINDOWS\System32\Tasks\snp
2018-06-06 01:03 - 2018-06-06 01:03 - 000003688 _____ C:\WINDOWS\System32\Tasks\cassinocassino
2018-06-06 01:03 - 2018-06-06 01:03 - 000003682 _____ C:\WINDOWS\System32\Tasks\aquafreshaquafresh
2018-06-06 01:03 - 2018-06-06 01:03 - 000003676 _____ C:\WINDOWS\System32\Tasks\sabinesabine
2018-06-06 01:03 - 2018-06-06 01:03 - 000000000 ___HD C:\Program Files (x86)\gaea
2018-06-06 01:02 - 2018-06-06 01:02 - 000000000 ___HD C:\Program Files (x86)\Hesitates
2018-06-06 01:02 - 2018-06-06 01:02 - 000000000 ____D C:\Program Files (x86)\Legg
2018-06-06 01:02 - 2018-06-06 01:02 - 000000000 ____D C:\Program Files (x86)\dusty
2018-06-06 01:02 - 2018-06-06 01:02 - 000000000 ____D C:\Program Files (x86)\congestion
2018-06-06 01:02 - 2018-06-06 01:02 - 000000000 ____D C:\Program Files (x86)\Avalanche
2018-06-06 01:01 - 2018-06-06 01:04 - 000003278 _____ C:\WINDOWS\System32\Tasks\snf
2018-06-06 01:01 - 2018-06-06 01:02 - 000015606 _____ C:\WINDOWS\SysWOW64\findit.xml
2018-06-06 01:01 - 2018-06-06 01:01 - 000000000 ____D C:\ProgramData\Quoteexs
2018-06-06 01:00 - 2018-06-06 01:00 - 000000000 ____D C:\ProgramData\Logic Cramble
2018-06-06 00:59 - 2018-06-06 00:59 - 001895384 _____ C:\Users\Mercedes\AppData\Local\Stannix.bin
2018-06-06 00:58 - 2018-06-06 01:14 - 000000000 ____D C:\ProgramData\Quoteex
2018-06-06 00:58 - 2018-06-06 00:58 - 007627776 _____ C:\Users\Mercedes\AppData\Local\agent.dat
2018-06-06 00:58 - 2018-06-06 00:58 - 001988014 _____ C:\Users\Mercedes\AppData\Local\MathSolotech.tst
2018-06-06 00:58 - 2018-06-06 00:58 - 000126464 _____ C:\Users\Mercedes\AppData\Local\noah.dat
2018-06-06 00:58 - 2018-06-06 00:58 - 000070896 _____ C:\Users\Mercedes\AppData\Local\Config.xml
2018-06-06 00:58 - 2018-06-06 00:58 - 000018432 _____ C:\Users\Mercedes\AppData\Local\Main.dat
2018-06-06 00:58 - 2018-06-06 00:58 - 000005568 _____ C:\Users\Mercedes\AppData\Local\md.xml
2018-06-06 00:58 - 2018-06-06 00:50 - 001810944 _____ (TODO: <Company name>) C:\Users\Mercedes\AppData\Local\MathSolotech.exe
2018-06-06 00:57 - 2018-06-06 01:02 - 000000000 ____D C:\Users\Mercedes\AppData\Local\WinZip
2018-06-06 00:57 - 2018-06-06 00:58 - 000278509 _____ C:\Users\Mercedes\AppData\Local\FinDom.tst
2018-06-06 00:57 - 2018-06-06 00:50 - 001810944 _____ (TODO: <Company name>) C:\Users\Mercedes\AppData\Local\FinDom.exe
2018-06-06 00:55 - 2018-06-07 22:24 - 000929792 _____ C:\Users\Mercedes\AppData\Local\sham.db
2018-06-06 00:55 - 2018-06-06 00:57 - 000016416 _____ C:\Users\Mercedes\AppData\Local\InstallationConfiguration.xml
2018-06-06 00:55 - 2018-06-06 00:55 - 000140800 _____ C:\Users\Mercedes\AppData\Local\installer.dat
2018-06-06 00:55 - 2018-06-06 00:55 - 000003510 _____ C:\WINDOWS\System32\Tasks\WinZip Update Notifier
2018-06-06 00:52 - 2018-06-06 00:52 - 000002001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2018-06-06 00:52 - 2018-06-06 00:52 - 000001901 _____ C:\Users\Public\Desktop\WinZip.lnk
2018-06-06 00:51 - 2018-06-06 00:56 - 000000000 ____D C:\ProgramData\WinZip
2018-06-06 00:50 - 2018-06-06 00:55 - 000000000 ____D C:\Program Files\WinZip
2018-06-06 00:50 - 2018-06-06 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 22.0
2018-06-06 00:50 - 2018-06-06 00:50 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2018-06-06 00:48 - 2018-06-06 00:48 - 000000000 ____D C:\ProgramData\UniqueId
2018-06-06 00:47 - 2018-06-09 01:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2018-06-06 00:47 - 2018-06-06 01:59 - 000000000 ____D C:\Program Files (x86)\AnonymizerGadget
2018-06-06 00:47 - 2018-06-06 00:50 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\AGData
2018-06-06 00:47 - 2018-06-06 00:47 - 000763096 _____ (WinZip Computing, S.L.) C:\Users\Mercedes\Downloads\winzip22.exe
2018-06-06 00:45 - 2018-06-06 00:45 - 000000000 ____D C:\Users\Mercedes\AppData\Local\Package Cache
2018-06-06 00:44 - 2018-06-06 00:45 - 000043520 _____ C:\Users\Mercedes\AppData\Local\pfialx.dll
2018-06-05 23:49 - 2018-06-05 23:49 - 000021504 _____ C:\WINDOWS\touche.exe
2018-06-05 23:49 - 2018-06-05 23:49 - 000021504 _____ C:\Users\Mercedes\AppData\Local\Rivalry.exe
2018-06-05 23:49 - 2018-06-05 23:49 - 000021504 _____ C:\Users\Mercedes\AppData\Local\Brodsky.exe
2018-06-03 01:13 - 2018-06-06 01:03 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\Mozilla
2018-05-27 08:36 - 2018-05-27 08:36 - 000000000 ____D C:\Users\Mercedes\Downloads\The.Ultimate.Fighter.S25E10.720p.HDTV.x264-daview
2018-05-27 02:04 - 2018-05-27 08:20 - 693700789 _____ C:\Users\Mercedes\Downloads\The.Ultimate.Fighter.S25E10.WEB.h264-KOENiG.mkv
2018-05-27 02:04 - 2018-05-27 02:04 - 532124614 _____ C:\Users\Mercedes\Downloads\The.Ultimate.Fighter.S25E11.HDTV.H264.Fight-BB.mp4
2018-05-26 15:34 - 2018-05-04 10:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2018-05-13 01:00 - 2018-05-03 08:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-13 01:00 - 2018-05-03 07:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-13 01:00 - 2018-05-03 07:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-13 01:00 - 2018-05-03 07:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-13 01:00 - 2018-05-03 07:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-13 01:00 - 2018-05-03 07:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-13 01:00 - 2018-05-03 06:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-13 01:00 - 2018-05-03 06:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-13 01:00 - 2018-05-03 06:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-13 01:00 - 2018-05-03 06:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-13 01:00 - 2018-05-03 06:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-13 01:00 - 2018-05-03 06:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-13 01:00 - 2018-05-03 06:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-13 01:00 - 2018-05-03 06:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-13 01:00 - 2018-05-03 06:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-13 01:00 - 2018-05-03 06:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-13 01:00 - 2018-05-03 06:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-13 01:00 - 2018-05-03 06:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-13 01:00 - 2018-04-15 22:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-13 01:00 - 2018-04-15 22:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-13 01:00 - 2018-04-15 21:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-13 01:00 - 2018-04-15 21:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-13 01:00 - 2018-04-15 21:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-13 01:00 - 2018-04-15 21:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-13 01:00 - 2018-04-15 21:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-13 01:00 - 2018-04-15 21:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-13 01:00 - 2018-04-15 21:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-13 01:00 - 2018-04-15 21:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-13 01:00 - 2018-04-15 21:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-13 01:00 - 2018-04-15 21:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-13 01:00 - 2018-04-15 21:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-13 01:00 - 2018-04-15 21:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-13 01:00 - 2018-04-15 21:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-13 01:00 - 2018-04-15 21:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-13 01:00 - 2018-04-15 21:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-13 01:00 - 2018-04-15 21:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-13 00:59 - 2018-05-03 08:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-13 00:59 - 2018-05-03 08:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-13 00:59 - 2018-05-03 08:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-13 00:59 - 2018-05-03 08:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-13 00:59 - 2018-05-03 08:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-13 00:59 - 2018-05-03 08:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-13 00:59 - 2018-05-03 08:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-13 00:59 - 2018-05-03 08:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-13 00:59 - 2018-05-03 08:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-13 00:59 - 2018-05-03 08:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-13 00:59 - 2018-05-03 08:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-13 00:59 - 2018-05-03 08:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-13 00:59 - 2018-05-03 08:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-13 00:59 - 2018-05-03 07:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-13 00:59 - 2018-05-03 07:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-13 00:59 - 2018-05-03 07:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-13 00:59 - 2018-05-03 07:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-13 00:59 - 2018-05-03 07:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-13 00:59 - 2018-05-03 07:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-13 00:59 - 2018-05-03 07:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-13 00:59 - 2018-05-03 07:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-13 00:59 - 2018-05-03 07:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-13 00:59 - 2018-05-03 07:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-13 00:59 - 2018-05-03 07:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-13 00:59 - 2018-05-03 07:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-13 00:59 - 2018-05-03 07:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-13 00:59 - 2018-05-03 07:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-13 00:59 - 2018-05-03 07:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-13 00:59 - 2018-05-03 07:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-13 00:59 - 2018-05-03 07:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-13 00:59 - 2018-05-03 07:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-13 00:59 - 2018-05-03 07:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-13 00:59 - 2018-05-03 07:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-13 00:59 - 2018-05-03 07:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-13 00:59 - 2018-05-03 07:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-13 00:59 - 2018-05-03 07:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-13 00:59 - 2018-05-03 07:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-13 00:59 - 2018-05-03 07:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-13 00:59 - 2018-05-03 07:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-13 00:59 - 2018-05-03 07:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-13 00:59 - 2018-05-03 07:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-13 00:59 - 2018-05-03 07:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-13 00:59 - 2018-05-03 07:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-13 00:59 - 2018-05-03 07:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-13 00:59 - 2018-05-03 07:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-13 00:59 - 2018-05-03 07:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-13 00:59 - 2018-05-03 07:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-13 00:59 - 2018-05-03 07:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-13 00:59 - 2018-05-03 07:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-13 00:59 - 2018-05-03 06:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-13 00:59 - 2018-05-03 06:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-13 00:59 - 2018-05-03 06:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-13 00:59 - 2018-05-03 06:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-13 00:59 - 2018-05-03 06:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-13 00:59 - 2018-05-03 06:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-13 00:59 - 2018-05-03 06:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-13 00:59 - 2018-05-03 06:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-13 00:59 - 2018-05-03 06:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-13 00:59 - 2018-04-15 23:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-13 00:59 - 2018-04-15 23:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-13 00:59 - 2018-04-15 22:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-13 00:59 - 2018-04-15 22:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-13 00:59 - 2018-04-15 22:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-13 00:59 - 2018-04-15 22:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-13 00:59 - 2018-04-15 22:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-13 00:59 - 2018-04-15 22:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-13 00:59 - 2018-04-15 22:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-13 00:59 - 2018-04-15 22:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-13 00:59 - 2018-04-15 22:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-13 00:59 - 2018-04-15 22:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-13 00:59 - 2018-04-15 22:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-13 00:59 - 2018-04-15 22:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-13 00:59 - 2018-04-15 22:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-13 00:59 - 2018-04-15 22:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-13 00:59 - 2018-04-15 21:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-13 00:59 - 2018-04-15 21:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-13 00:59 - 2018-04-15 21:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-13 00:59 - 2018-04-15 21:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-13 00:59 - 2018-04-15 21:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-13 00:59 - 2018-04-15 21:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-13 00:59 - 2018-04-15 21:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-13 00:59 - 2018-04-15 21:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-13 00:59 - 2018-04-15 21:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-13 00:59 - 2018-04-15 21:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-13 00:59 - 2018-04-15 21:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-13 00:59 - 2018-04-15 21:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-13 00:59 - 2018-04-15 21:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-13 00:59 - 2018-04-15 21:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-13 00:59 - 2018-04-15 21:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-13 00:59 - 2018-04-15 21:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-13 00:59 - 2018-04-15 21:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-13 00:59 - 2018-04-15 21:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-13 00:59 - 2018-04-15 21:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-13 00:59 - 2018-04-15 21:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-13 00:59 - 2018-04-15 21:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-13 00:59 - 2018-04-15 21:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-13 00:59 - 2018-04-15 21:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-13 00:59 - 2018-04-15 21:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-13 00:59 - 2018-04-15 21:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-13 00:59 - 2018-04-15 21:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-13 00:59 - 2018-04-15 21:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-13 00:59 - 2018-04-15 21:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-13 00:59 - 2018-04-15 21:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-13 00:59 - 2018-04-15 21:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-13 00:59 - 2018-04-15 21:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-13 00:59 - 2018-04-15 21:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-13 00:59 - 2018-04-15 21:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-13 00:59 - 2018-04-15 21:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-13 00:59 - 2018-04-15 21:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-13 00:59 - 2018-04-15 21:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-13 00:59 - 2018-04-15 21:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-13 00:59 - 2018-04-15 21:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-13 00:59 - 2018-04-15 21:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-13 00:59 - 2018-04-15 21:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-13 00:59 - 2018-04-15 21:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-13 00:59 - 2018-04-15 21:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-13 00:58 - 2018-05-03 08:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-13 00:58 - 2018-05-03 08:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-13 00:58 - 2018-05-03 08:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-13 00:58 - 2018-05-03 08:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-13 00:58 - 2018-05-03 08:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-13 00:58 - 2018-05-03 08:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-13 00:58 - 2018-05-03 07:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-13 00:58 - 2018-05-03 07:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-13 00:58 - 2018-05-03 07:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-13 00:58 - 2018-05-03 07:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-13 00:58 - 2018-04-15 23:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-13 00:58 - 2018-04-15 22:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-13 00:58 - 2018-04-15 22:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-13 00:58 - 2018-04-15 22:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-13 00:58 - 2018-04-15 21:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-13 00:58 - 2018-04-15 21:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-13 00:58 - 2018-04-15 21:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-13 00:58 - 2018-04-15 21:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-13 00:58 - 2018-04-15 21:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-13 00:58 - 2018-04-15 21:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-13 00:58 - 2018-04-15 21:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-13 00:58 - 2018-04-15 21:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-13 00:58 - 2018-04-15 21:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-13 00:58 - 2018-04-15 21:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-13 00:58 - 2018-04-15 21:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-13 00:58 - 2018-04-15 21:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-13 00:58 - 2018-04-15 21:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-13 00:58 - 2018-04-15 21:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-13 00:58 - 2018-04-15 21:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-13 00:58 - 2018-04-15 21:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-13 00:58 - 2018-04-15 20:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-13 00:57 - 2018-05-03 08:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-13 00:57 - 2018-05-03 08:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-13 00:57 - 2018-05-03 08:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-13 00:57 - 2018-05-03 08:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-13 00:57 - 2018-05-03 08:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-13 00:57 - 2018-05-03 08:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-13 00:57 - 2018-05-03 08:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-13 00:57 - 2018-05-03 08:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-13 00:57 - 2018-05-03 08:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-13 00:57 - 2018-05-03 08:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-13 00:57 - 2018-05-03 08:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-13 00:57 - 2018-05-03 08:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-13 00:57 - 2018-05-03 08:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-13 00:57 - 2018-05-03 08:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-13 00:57 - 2018-05-03 08:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-13 00:57 - 2018-05-03 08:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-13 00:57 - 2018-05-03 08:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-13 00:57 - 2018-05-03 08:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-13 00:57 - 2018-05-03 08:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-13 00:57 - 2018-05-03 07:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-13 00:57 - 2018-05-03 07:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-13 00:57 - 2018-05-03 07:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-13 00:57 - 2018-05-03 07:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-13 00:57 - 2018-05-03 07:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-13 00:57 - 2018-05-03 07:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-13 00:57 - 2018-05-03 07:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-13 00:57 - 2018-05-03 07:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-13 00:57 - 2018-05-03 07:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-13 00:57 - 2018-05-03 07:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-13 00:57 - 2018-05-03 07:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-13 00:57 - 2018-05-03 07:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-13 00:57 - 2018-05-03 07:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-13 00:57 - 2018-05-03 07:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-13 00:57 - 2018-05-03 07:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-13 00:57 - 2018-05-03 07:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-13 00:57 - 2018-05-03 07:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-13 00:57 - 2018-05-03 07:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-13 00:57 - 2018-05-03 06:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-13 00:57 - 2018-05-03 06:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-13 00:57 - 2018-05-03 06:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-13 00:57 - 2018-05-03 06:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-13 00:57 - 2018-05-03 06:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-13 00:57 - 2018-05-03 06:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-13 00:57 - 2018-05-03 06:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-13 00:57 - 2018-05-03 06:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-13 00:57 - 2018-05-03 06:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-13 00:57 - 2018-04-15 22:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-13 00:57 - 2018-04-15 22:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-13 00:57 - 2018-04-15 22:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-13 00:57 - 2018-04-15 22:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-13 00:57 - 2018-04-15 22:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-13 00:57 - 2018-04-15 22:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-13 00:57 - 2018-04-15 22:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-13 00:57 - 2018-04-15 22:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-13 00:57 - 2018-04-15 22:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-13 00:57 - 2018-04-15 22:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-13 00:57 - 2018-04-15 22:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-13 00:57 - 2018-04-15 21:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-13 00:57 - 2018-04-15 21:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-13 00:57 - 2018-04-15 21:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-13 00:57 - 2018-04-15 21:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-13 00:57 - 2018-04-15 21:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-13 00:57 - 2018-04-15 21:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-13 00:57 - 2018-04-15 21:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-13 00:57 - 2018-04-15 21:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-13 00:57 - 2018-04-15 21:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-13 00:57 - 2018-04-15 21:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-13 00:57 - 2018-04-15 21:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-13 00:57 - 2018-04-15 21:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-13 00:57 - 2018-04-15 21:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-13 00:57 - 2018-04-15 21:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-13 00:57 - 2018-04-15 21:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-13 00:57 - 2018-04-15 21:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-13 00:57 - 2018-04-15 21:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-13 00:57 - 2018-04-15 21:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-13 00:57 - 2018-04-15 21:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-13 00:57 - 2018-04-15 21:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-13 00:57 - 2018-04-15 21:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-13 00:57 - 2018-04-15 21:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-13 00:57 - 2018-04-15 21:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-13 00:57 - 2018-04-15 21:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-13 00:57 - 2018-04-15 21:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-13 00:57 - 2018-04-15 21:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-13 00:57 - 2018-04-15 21:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-13 00:57 - 2018-04-15 21:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-13 00:57 - 2018-04-15 21:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-13 00:57 - 2018-04-15 21:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-13 00:57 - 2018-04-15 21:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-13 00:57 - 2018-04-15 21:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-13 00:57 - 2018-04-15 21:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-13 00:57 - 2018-04-15 21:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-13 00:57 - 2018-04-15 21:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-13 00:57 - 2018-04-15 21:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-13 00:57 - 2018-04-15 21:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-13 00:57 - 2018-04-15 21:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-13 00:57 - 2018-04-15 21:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-13 00:57 - 2018-04-15 21:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-13 00:57 - 2018-04-15 21:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-13 00:57 - 2018-04-15 21:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-13 00:57 - 2018-04-15 21:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-13 00:57 - 2018-04-15 21:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-13 00:57 - 2018-04-15 21:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-13 00:57 - 2018-04-15 21:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-13 00:57 - 2018-04-15 21:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-13 00:57 - 2018-04-15 21:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-13 00:57 - 2018-04-15 21:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-13 00:57 - 2018-04-15 21:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-13 00:57 - 2018-04-15 20:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-13 00:57 - 2017-11-26 14:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-13 00:56 - 2018-05-03 07:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-13 00:56 - 2018-05-03 07:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-13 00:56 - 2018-05-03 07:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-13 00:56 - 2018-05-03 06:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-13 00:56 - 2018-04-15 21:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-13 00:56 - 2018-04-15 21:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-13 00:56 - 2018-04-15 21:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-13 00:56 - 2018-04-15 21:11 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2018-05-13 00:56 - 2018-04-15 21:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-13 00:56 - 2018-04-15 21:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-13 00:56 - 2018-04-15 21:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-13 00:56 - 2018-04-15 21:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-13 00:56 - 2018-04-15 21:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-13 00:56 - 2018-04-15 21:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-13 00:56 - 2018-04-15 21:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-13 00:56 - 2018-04-15 21:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-13 00:56 - 2018-04-15 21:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-13 00:56 - 2018-04-15 21:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-13 00:56 - 2018-04-15 21:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-13 00:56 - 2018-04-15 21:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-13 00:56 - 2018-04-15 21:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-13 00:56 - 2018-04-15 21:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-13 00:56 - 2018-04-15 21:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-13 00:56 - 2018-04-15 21:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-13 00:56 - 2018-04-15 21:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-13 00:56 - 2018-04-15 21:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-13 00:56 - 2018-04-15 21:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-13 00:56 - 2018-04-15 20:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-13 00:56 - 2018-04-15 20:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-06-09 01:15 - 2015-01-08 20:54 - 000002313 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-09 01:14 - 2015-01-08 20:54 - 000002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-09 01:12 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-09 01:09 - 2018-01-10 23:01 - 000992634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-09 01:06 - 2015-05-13 14:30 - 000000000 ___RD C:\Users\Mercedes\iCloudDrive
2018-06-09 01:02 - 2018-01-10 23:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-09 01:02 - 2018-01-10 22:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-07 22:16 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-07 22:12 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-06-06 01:39 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2018-06-06 01:29 - 2018-01-10 22:34 - 000000000 ____D C:\Users\Mercedes
2018-06-02 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-02 10:16 - 2014-05-22 02:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-06-02 08:58 - 2018-02-28 22:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-29 16:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-27 02:44 - 2018-01-10 23:07 - 000003494 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2018-05-26 20:35 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-26 20:29 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-26 20:21 - 2018-01-14 00:23 - 000000000 ___RD C:\Users\Mercedes\3D Objects
2018-05-26 20:21 - 2014-12-29 23:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-26 20:17 - 2018-01-10 22:26 - 000461728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-26 20:16 - 2017-11-26 22:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-05-26 20:16 - 2017-09-29 09:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-26 20:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-26 20:13 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-26 20:13 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-26 19:51 - 2017-10-04 20:13 - 000000000 ____D C:\Users\Mercedes\AppData\Roaming\vlc
2018-05-19 01:24 - 2018-01-10 23:07 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-19 01:24 - 2018-01-10 23:07 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-13 01:13 - 2017-09-29 14:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-13 01:12 - 2017-09-29 14:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-13 01:12 - 2017-09-29 14:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-13 01:11 - 2017-09-29 14:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-13 00:46 - 2015-01-17 01:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-13 00:30 - 2017-10-11 00:26 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-13 00:30 - 2015-01-17 01:07 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-06 00:58 - 2018-06-06 00:58 - 007627776 _____ () C:\Users\Mercedes\AppData\Local\agent.dat
2018-06-05 23:49 - 2018-06-05 23:49 - 000021504 _____ () C:\Users\Mercedes\AppData\Local\Brodsky.exe
2018-06-06 00:58 - 2018-06-06 00:58 - 000070896 _____ () C:\Users\Mercedes\AppData\Local\Config.xml
2018-06-06 00:57 - 2018-06-06 00:50 - 001810944 _____ (TODO: <Company name>) C:\Users\Mercedes\AppData\Local\FinDom.exe
2018-06-06 00:57 - 2018-06-06 00:58 - 000278509 _____ () C:\Users\Mercedes\AppData\Local\FinDom.tst
2018-06-06 00:55 - 2018-06-06 00:57 - 000016416 _____ () C:\Users\Mercedes\AppData\Local\InstallationConfiguration.xml
2018-06-06 00:55 - 2018-06-06 00:55 - 000140800 _____ () C:\Users\Mercedes\AppData\Local\installer.dat
2018-06-06 00:58 - 2018-06-06 00:58 - 000018432 _____ () C:\Users\Mercedes\AppData\Local\Main.dat
2018-06-06 00:58 - 2018-06-06 00:50 - 001810944 _____ (TODO: <Company name>) C:\Users\Mercedes\AppData\Local\MathSolotech.exe
2018-06-06 00:58 - 2018-06-06 00:58 - 001988014 _____ () C:\Users\Mercedes\AppData\Local\MathSolotech.tst
2018-06-06 00:58 - 2018-06-06 00:58 - 000005568 _____ () C:\Users\Mercedes\AppData\Local\md.xml
2018-06-06 00:58 - 2018-06-06 00:58 - 000126464 _____ () C:\Users\Mercedes\AppData\Local\noah.dat
2018-06-06 00:44 - 2018-06-06 00:45 - 000043520 _____ () C:\Users\Mercedes\AppData\Local\pfialx.dll
2018-06-05 23:49 - 2018-06-05 23:49 - 000021504 _____ () C:\Users\Mercedes\AppData\Local\Rivalry.exe
2018-06-06 00:55 - 2018-06-07 22:24 - 000929792 _____ () C:\Users\Mercedes\AppData\Local\sham.db
2018-06-06 00:59 - 2018-06-06 00:59 - 001895384 _____ () C:\Users\Mercedes\AppData\Local\Stannix.bin
2018-06-06 01:01 - 2018-06-06 01:01 - 000032038 _____ () C:\Users\Mercedes\AppData\Local\uninstall_temp.ico
====================
C:\Users\Mercedes\AppData\Roaming\Interstatnogui\interstatnogui.exe
Some files in TEMP:
====================
2018-06-06 00:57 - 2018-06-06 00:57 - 000088576 _____ () C:\Users\Mercedes\AppData\Local\Temp\AZOREG.exe
2018-05-03 15:12 - 2018-05-03 15:12 - 001115760 _____ (IOT Mega) C:\Users\Mercedes\AppData\Local\Temp\Uk0I6Gfz-prog.exe
2018-05-03 15:12 - 2018-05-03 15:12 - 000147792 _____ () C:\Users\Mercedes\AppData\Local\Temp\Uk0I6Gfz-upd.exe
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed