Solved Unmoveable virus

Sticcs · May 31, 2017

Sup fellas. Newb here, ready for help. Not sure what's my issues are except its beyond my comprehension. Can one of you smart people please help me. I'm downloading the help for slow people manuals now and will post again shortly with the results. Thanx

Sticcs · May 31, 2017

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
Ran by Sticcs (administrator) on PEGASUS (31-05-2017 01:37:57)
Running from C:\Users\Sticcs\Downloads
Loaded Profiles: Sticcs & (Available Profiles: Sticcs & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 7\creator-ws.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(LULU Software Limited) C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.16.5170.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(WinZip Computing) C:\Program Files (x86)\WinZip Courier\wzwmcgcnm.exe
(WinZip Computing) C:\Program Files (x86)\WinZip Courier\wzwmcgcnm64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [TSP100ecoOndemand] => C:\Program Files (x86)\StarMicronics\TSP100\Software\20130806\Ondemand.exe [61440 2010-02-08] (Star Micronics Co., Ltd.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3792648 2016-02-11] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28734456 2017-05-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-04-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1265256 2017-03-23] (Carbonite, Inc.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [49730 2016-11-28] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [49730 2016-11-28] ()
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9539800 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\RunOnce: [Uninstall C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9539800 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\RunOnce: [Uninstall C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\RunOnce: [Uninstall 17.3.6798.0207\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\amd64"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\RunOnce: [Uninstall 17.3.6798.0207] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6798.0207"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015226419\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-06-23]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-06-23]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk [2016-06-23]
ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-06-23]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 16.0\QBW32.EXE (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-03-16]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-03-16]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e1514d00-fab3-4bce-b8eb-838524b6f624}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie64.dll [2016-08-29] (WinZip Computing)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Soda PDF 7 Helper -> {1D31AA81-4D4B-4BFB-B3AF-B6DDD6DF43B1} -> C:\Program Files (x86)\Soda PDF 7\creator-ie-helper.dll [2015-07-06] (LULU SOFTWARE LIMITED)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie32.dll [2016-08-29] (WinZip Computing)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Soda PDF 7 Toolbar - {7C68E87F-4487-4AE5-BBC2-C398C530DE9A} - C:\Program Files (x86)\Soda PDF 7\creator-ie-plugin.dll [2015-07-06] (LULU SOFTWARE LIMITED)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001 -> No Name - {85DD1E92-2A45-4FF7-97E0-D8D5456B5829} - No File
Toolbar: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433 -> No Name - {85DD1E92-2A45-4FF7-97E0-D8D5456B5829} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: intu-help-qb9 - {C1252096-0E63-4C06-A38B-03DF9A16AA12} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 16.0\HelpAsyncPluggableProtocol.dll [2016-02-11] (Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1wf8396q.default
FF ProfilePath: C:\Users\Sticcs\AppData\Roaming\Mozilla\Firefox\Profiles\1wf8396q.default [2017-05-30]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1wf8396q.default -> Ask.com
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\1wf8396q.default -> Ask.com
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1wf8396q.default -> Ask.com
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_7_conv@sodapdf.com] - C:\Program Files (x86)\Soda PDF 7\resources\sodapdf7firefoxextension
FF Extension: (Soda PDF 7 Creator) - C:\Program Files (x86)\Soda PDF 7\resources\sodapdf7firefoxextension [2015-07-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt.xpi
FF Extension: (WinZip Courier) - C:\Program Files (x86)\WinZip Courier\FFExt.xpi [2016-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: Soda PDF 7 -> C:\Program Files (x86)\Soda PDF 7\np-previewer.dll [2015-07-06] (LULU SOFTWARE LIMITED)
FF Plugin HKU\S-1-5-21-3011202683-1613651232-3371837574-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Sticcs\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-04] (Citrix Online)
FF Plugin HKU\S-1-5-21-3011202683-1613651232-3371837574-1001: electronicarts.com/GameFacePlugin -> C:\Users\Sticcs\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2011-11-29] (Electronic Arts)
FF Plugin HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433: @citrixonline.com/appdetectorplugin -> C:\Users\Sticcs\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-04] (Citrix Online)
FF Plugin HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433: electronicarts.com/GameFacePlugin -> C:\Users\Sticcs\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2011-11-29] (Electronic Arts)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://astromenda.com/?f=7&a=ast_ir_14_40_ch&cd=2XzuyEtN2Y1L1Qzu0FyEyC0DtDyE0E0F0D0FtB0EtDtCtBtBtN0D0Tzu0StCtDtDzztN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDtC0DyCzy0DtAzytGtDtDtB0EtGtDzytA0EtGtD0Czz0FtGtDtD0D0EtCtDtBtD0F0AtDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtC0AtDyD0FyBzytG0A0CyE0CtGyE0C0E0DtG0AyDtBtCtGtByCyBtA0EtBtBtA0F0AtDzy2Q&cr=105506371&ir="
CHR Profile: C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default [2017-05-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-22]
CHR Extension: (WinZip Courier) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomojjnmhlhdepbfoknpkenickajcphi [2017-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-22]
CHR Extension: (Chrome Media Router) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lomojjnmhlhdepbfoknpkenickajcphi] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx [2016-08-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-16] (Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 PortEmulator; C:\Program Files\StarMicronics\TSP100\Software\20130806\portemu_umdf_tsp100.exe [204800 2012-10-15] () [File not signed]
S2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2016-02-11] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2016-02-11] (Intuit Inc.) [File not signed]
S2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2016-02-11] (Intuit Inc.) [File not signed]
R2 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [868688 2015-01-29] (LULU Software Limited)
S3 Soda PDF 7; C:\Program Files (x86)\Soda PDF 7\ws.exe [2129688 2015-07-06] (LULU SOFTWARE LIMITED)
S3 Soda PDF 7 CrashHandler; C:\Program Files (x86)\Soda PDF 7\crash-handler-ws.exe [845080 2015-07-06] (LULU SOFTWARE LIMITED)
R2 Soda PDF 7 Creator; C:\Program Files (x86)\Soda PDF 7\creator-ws.exe [650520 2015-07-06] (LULU SOFTWARE LIMITED)
S3 TcpEmulatorTSP100LAN; C:\Program Files\StarMicronics\TSP100\Software\20130806\tcpemu_tsp100lan.exe [351744 2011-10-20] (STAR MICRONICS CO,.LTD) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-26] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-26] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-31] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Sticcs · May 31, 2017

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-31 01:37 - 2017-05-31 01:40 - 00037205 _____ C:\Users\Sticcs\Downloads\FRST.txt
2017-05-31 01:37 - 2017-05-31 01:37 - 00000000 ____D C:\FRST
2017-05-31 01:25 - 2017-05-31 01:26 - 02429952 _____ (Farbar) C:\Users\Sticcs\Downloads\FRST64 (1).exe
2017-05-31 01:22 - 2017-05-31 01:36 - 02429952 _____ (Farbar) C:\Users\Sticcs\Downloads\FRST64.exe
2017-05-26 00:48 - 2017-05-31 00:59 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-26 00:48 - 2017-05-26 01:52 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-26 00:48 - 2017-05-26 00:48 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-26 00:47 - 2017-05-26 01:52 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-26 00:47 - 2017-05-26 01:52 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-26 00:47 - 2017-05-26 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-26 00:47 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-26 00:46 - 2017-05-26 00:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-26 00:46 - 2017-05-26 00:46 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-26 00:44 - 2017-05-26 00:45 - 63364552 _____ (Malwarebytes ) C:\Users\Sticcs\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-24 22:58 - 2017-05-24 22:58 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-24 22:57 - 2017-05-24 22:57 - 00002407 _____ C:\Users\Sticcs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-17 16:54 - 2017-05-17 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-16 14:01 - 2017-05-16 14:01 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-15 17:15 - 2017-05-15 17:15 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-15 17:15 - 2017-05-15 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-15 17:13 - 2017-05-15 17:15 - 00000000 ____D C:\Program Files\iTunes
2017-05-15 17:13 - 2017-05-15 17:13 - 00000000 ____D C:\Program Files\iPod
2017-05-15 17:04 - 2017-05-15 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-05-11 21:17 - 2017-05-11 21:17 - 00089525 _____ C:\Users\Sticcs\Downloads\dir (2).dcr
2017-05-11 20:10 - 2017-03-28 04:11 - 00389330 __RSH C:\bootmgr
2017-05-11 20:10 - 2016-07-16 04:43 - 00000001 ___SH C:\BOOTNXT
2017-05-11 11:11 - 2017-04-28 17:59 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-11 11:11 - 2017-04-28 17:59 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 11:08 - 2017-04-27 17:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-11 11:08 - 2017-04-27 17:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-11 11:08 - 2017-04-27 16:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-11 11:08 - 2017-03-04 00:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-11 11:08 - 2017-03-03 23:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-11 11:07 - 2017-04-27 18:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-11 11:07 - 2017-04-27 17:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 11:07 - 2017-04-27 17:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 11:07 - 2017-04-27 17:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-11 11:07 - 2017-04-27 17:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 11:07 - 2017-04-27 17:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 11:07 - 2017-04-27 17:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-11 11:07 - 2017-04-27 17:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-11 11:07 - 2017-04-27 17:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 11:07 - 2017-04-27 17:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 11:07 - 2017-04-27 17:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 11:07 - 2017-04-27 17:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-11 11:07 - 2017-04-27 17:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 11:07 - 2017-04-27 17:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-11 11:07 - 2017-04-27 17:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-11 11:07 - 2017-04-27 17:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 11:07 - 2017-04-27 17:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 11:07 - 2017-04-27 17:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 11:07 - 2017-04-27 17:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-11 11:07 - 2017-04-27 17:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-11 11:07 - 2017-04-27 17:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 11:07 - 2017-04-27 17:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-11 11:07 - 2017-04-27 17:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 11:07 - 2017-04-27 17:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 11:07 - 2017-04-27 17:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-11 11:07 - 2017-04-27 17:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 11:07 - 2017-04-27 17:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-11 11:07 - 2017-04-27 17:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 11:07 - 2017-04-27 17:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-11 11:07 - 2017-04-27 17:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-11 11:07 - 2017-04-27 17:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-11 11:07 - 2017-04-27 17:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 11:07 - 2017-04-27 17:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-11 11:07 - 2017-04-27 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-11 11:07 - 2017-04-27 17:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 11:07 - 2017-04-27 17:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-11 11:07 - 2017-04-27 17:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 11:07 - 2017-04-27 17:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 11:07 - 2017-04-27 17:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 11:07 - 2017-04-27 17:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 11:07 - 2017-04-27 17:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 11:07 - 2017-04-27 17:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 11:07 - 2017-04-27 17:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-11 11:07 - 2017-04-27 17:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 11:07 - 2017-04-27 17:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-11 11:07 - 2017-04-27 17:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-11 11:07 - 2017-04-27 17:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 11:07 - 2017-04-27 17:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-11 11:07 - 2017-04-27 17:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-11 11:07 - 2017-04-27 17:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-11 11:07 - 2017-04-27 17:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 11:07 - 2017-04-27 16:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-11 11:07 - 2017-04-27 16:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 11:07 - 2017-04-27 16:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-11 11:07 - 2017-04-27 16:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 11:07 - 2017-04-27 16:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-11 11:07 - 2017-04-27 16:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 11:07 - 2017-04-27 16:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 11:07 - 2017-04-27 16:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-11 11:07 - 2017-04-27 16:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 11:07 - 2017-04-27 16:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-11 11:07 - 2017-04-27 16:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 11:07 - 2017-03-03 23:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-11 11:07 - 2017-03-03 23:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 11:07 - 2017-03-03 23:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 11:07 - 2017-03-03 23:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-11 11:07 - 2017-03-03 23:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 11:06 - 2017-04-27 17:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-11 11:06 - 2017-04-27 17:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-11 11:06 - 2017-04-27 17:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-11 11:06 - 2017-04-27 17:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-11 11:06 - 2017-04-27 17:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-11 11:06 - 2017-04-27 17:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 11:06 - 2017-04-27 17:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 11:06 - 2017-04-27 17:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-11 11:06 - 2017-04-27 17:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-11 11:06 - 2017-04-27 17:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-11 11:06 - 2017-04-27 17:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-11 11:06 - 2017-04-27 17:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-11 11:06 - 2017-04-27 17:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 11:06 - 2017-04-27 17:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-11 11:06 - 2017-04-27 17:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-11 11:06 - 2017-04-27 17:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-11 11:06 - 2017-04-27 17:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-11 11:06 - 2017-04-27 17:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-11 11:06 - 2017-04-27 17:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 11:06 - 2017-04-27 17:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-11 11:06 - 2017-04-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-11 11:06 - 2017-04-27 17:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-11 11:06 - 2017-04-27 17:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-11 11:06 - 2017-04-27 16:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 11:06 - 2017-04-27 16:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-11 11:06 - 2017-04-27 16:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-11 11:06 - 2017-04-27 16:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 11:06 - 2017-04-27 16:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-11 11:06 - 2017-04-27 16:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 11:06 - 2017-04-27 16:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 11:06 - 2017-04-27 16:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 11:06 - 2017-04-27 16:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-11 11:06 - 2017-04-27 16:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 11:06 - 2017-04-27 16:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-11 11:06 - 2017-04-27 16:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-11 11:06 - 2017-04-27 16:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 11:06 - 2017-04-27 16:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-11 11:06 - 2017-04-27 16:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-11 11:06 - 2017-03-03 23:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-11 11:06 - 2017-03-03 23:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 11:06 - 2017-03-03 23:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-11 11:05 - 2017-04-27 17:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 11:05 - 2017-04-27 17:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 11:05 - 2017-04-27 17:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 11:05 - 2017-04-27 17:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 11:05 - 2017-04-27 17:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-11 11:05 - 2017-04-27 17:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-11 11:05 - 2017-04-27 17:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-11 11:05 - 2017-04-27 17:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-11 11:05 - 2017-04-27 17:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 08170600 _____ (Microsoft Corporation)

Sticcs · May 31, 2017

C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-11 11:05 - 2017-04-27 17:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-11 11:05 - 2017-04-27 17:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 11:05 - 2017-04-27 17:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-11 11:05 - 2017-04-27 17:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-11 11:05 - 2017-04-27 17:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-11 11:05 - 2017-04-27 17:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-11 11:05 - 2017-04-27 16:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 11:05 - 2017-04-27 16:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 11:05 - 2017-04-27 16:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-11 11:05 - 2017-04-27 16:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-11 11:05 - 2017-04-27 16:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-11 11:05 - 2017-04-27 16:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-11 11:05 - 2017-04-27 16:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-11 11:05 - 2017-04-27 16:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 11:05 - 2017-04-27 16:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-11 11:05 - 2017-04-27 16:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 11:05 - 2017-04-27 16:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-11 11:05 - 2017-04-27 16:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 11:05 - 2017-04-27 16:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 11:05 - 2017-04-27 16:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-11 11:05 - 2017-04-27 16:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-11 11:05 - 2017-04-27 16:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-11 11:05 - 2017-04-27 16:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-11 11:05 - 2017-04-27 16:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-11 11:05 - 2017-04-27 16:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-11 11:05 - 2017-04-27 16:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-11 11:05 - 2017-04-27 16:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-11 11:05 - 2017-04-27 16:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-11 11:05 - 2017-04-27 16:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-11 11:05 - 2017-04-27 16:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-11 11:05 - 2017-04-27 16:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-11 11:05 - 2017-04-27 16:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-11 11:05 - 2017-04-27 16:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-11 11:05 - 2017-04-27 16:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-11 11:05 - 2017-04-27 16:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-11 11:05 - 2017-04-27 16:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-11 11:05 - 2017-04-27 16:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-11 11:05 - 2017-04-27 16:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-11 11:05 - 2017-04-27 16:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-11 11:05 - 2017-04-27 16:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-11 11:05 - 2017-04-27 16:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-11 11:05 - 2017-04-27 16:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-11 11:05 - 2017-04-27 16:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-11 11:05 - 2017-04-27 16:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 11:05 - 2017-03-04 00:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-11 11:05 - 2017-03-03 23:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-11 11:05 - 2017-03-03 23:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-11 11:04 - 2017-04-27 17:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 11:04 - 2017-04-27 17:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 11:04 - 2017-04-27 17:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 11:04 - 2017-04-27 17:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-11 11:04 - 2017-04-27 17:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 11:04 - 2017-04-27 17:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 11:04 - 2017-04-27 17:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 11:04 - 2017-04-27 17:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 11:04 - 2017-04-27 17:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 11:04 - 2017-04-27 17:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 11:04 - 2017-04-27 17:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 11:04 - 2017-04-27 17:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 11:04 - 2017-04-27 17:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-11 11:04 - 2017-04-27 17:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 11:04 - 2017-04-27 17:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-11 11:04 - 2017-04-27 16:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 11:04 - 2017-04-27 16:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-11 11:04 - 2017-04-27 16:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-11 11:04 - 2017-04-27 16:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-11 11:04 - 2017-04-27 16:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 11:04 - 2017-04-27 16:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-11 11:04 - 2017-04-27 16:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 11:04 - 2017-04-27 16:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-11 11:04 - 2017-04-27 16:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 11:04 - 2017-04-27 16:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 11:04 - 2017-04-27 16:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 11:04 - 2017-04-27 16:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 11:04 - 2017-04-27 16:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 11:04 - 2017-04-27 16:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 11:04 - 2017-04-27 16:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 11:04 - 2017-04-27 16:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-11 11:04 - 2017-04-27 16:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-11 11:04 - 2017-04-27 16:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-11 11:04 - 2017-04-27 16:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 11:04 - 2017-04-27 16:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 11:04 - 2017-04-27 16:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-11 11:04 - 2017-04-27 16:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-11 11:04 - 2017-04-27 16:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-11 11:04 - 2017-04-27 16:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-11 11:04 - 2017-04-27 16:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 11:04 - 2017-04-27 16:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 11:04 - 2017-04-27 16:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 11:04 - 2017-04-27 16:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 11:04 - 2017-04-27 16:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-11 11:04 - 2017-04-27 16:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-11 11:04 - 2017-04-27 16:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 11:04 - 2017-04-27 16:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 11:04 - 2017-04-27 16:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-11 11:04 - 2017-04-27 16:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-11 11:04 - 2017-04-27 16:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 11:04 - 2017-04-27 16:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-11 11:04 - 2017-04-27 16:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-11 11:04 - 2017-03-03 23:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-11 11:03 - 2017-04-27 17:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 11:03 - 2017-04-27 17:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 11:03 - 2017-04-27 17:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-11 11:03 - 2017-04-27 17:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-11 11:03 - 2017-04-27 17:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-11 11:03 - 2017-04-27 17:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-11 11:03 - 2017-04-27 17:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 11:03 - 2017-04-27 17:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-11 11:03 - 2017-04-27 17:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 11:03 - 2017-04-27 17:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 11:03 - 2017-04-27 17:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-11 11:03 - 2017-04-27 17:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 11:03 - 2017-04-27 17:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-11 11:03 - 2017-04-27 17:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 11:03 - 2017-04-27 17:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 11:03 - 2017-04-27 17:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 11:03 - 2017-04-27 17:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-11 11:03 - 2017-04-27 17:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-11 11:03 - 2017-04-27 17:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 11:03 - 2017-04-27 16:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 11:03 - 2017-04-27 16:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-11 11:03 - 2017-04-27 16:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-11 11:03 - 2017-04-27 16:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-11 11:03 - 2017-04-27 16:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-11 11:03 - 2017-04-27 16:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-11 11:03 - 2017-04-27 16:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-11 11:03 - 2017-04-27 16:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-11 11:03 - 2017-04-27 16:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-11 11:03 - 2017-04-27 16:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-11 11:03 - 2017-04-27 16:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-11 11:03 - 2017-04-27 16:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-11 11:03 - 2017-04-27 16:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 11:03 - 2017-04-27 16:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-11 11:03 - 2017-04-27 16:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-11 11:03 - 2017-04-27 16:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 11:03 - 2017-04-27 16:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 11:03 - 2017-04-27 16:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-11 11:03 - 2017-04-27 16:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 11:03 - 2017-04-27 16:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 11:03 - 2017-04-27 16:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-11 11:03 - 2017-04-27 16:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-11 11:03 - 2017-04-27 16:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-11 11:03 - 2017-04-27 16:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 11:03 - 2017-04-27 16:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 11:03 - 2017-04-27 16:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-11 11:03 - 2017-04-27 16:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 11:03 - 2017-04-27 16:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-11 11:03 - 2017-04-27 16:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 11:03 - 2017-03-03 23:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-11 11:02 - 2017-04-27 17:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-11 11:02 - 2017-04-27 17:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-11 11:02 - 2017-04-27 17:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 11:02 - 2017-04-27 17:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 11:02 - 2017-04-27 17:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-11 11:02 - 2017-04-27 17:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-11 11:02 - 2017-04-27 17:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-11 11:02 - 2017-04-27 17:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-11 11:02 - 2017-04-27 17:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-11 11:02 - 2017-04-27 17:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 11:02 - 2017-04-27 17:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-11 11:02 - 2017-04-27 17:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-11 11:02 - 2017-04-27 17:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 11:02 - 2017-04-27 17:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 11:02 - 2017-04-27 17:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-11 11:02 - 2017-04-27 17:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 11:02 - 2017-04-27 17:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 11:02 - 2017-04-27 17:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-11 11:02 - 2017-04-27 17:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 11:02 - 2017-04-27 17:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 11:02 - 2017-04-27 17:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 11:02 - 2017-04-27 17:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-11 11:02 - 2017-04-27 17:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-11 11:02 - 2017-04-27 17:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-11 11:02 - 2017-04-27 17:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-11 11:02 - 2017-04-27 17:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 11:02 - 2017-04-27 17:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-11 11:02 - 2017-04-27 16:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-11 11:02 - 2017-04-27 16:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-11 11:02 - 2017-04-27 16:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 11:02 - 2017-04-27 16:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-11 11:02 - 2017-04-27 16:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-11 11:02 - 2017-04-27 16:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-11 11:02 - 2017-04-27 16:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-11 11:02 - 2017-04-27 16:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-11 11:02 - 2017-04-27 16:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-11 11:02 - 2017-04-27 16:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-11 11:02 - 2017-04-27 16:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-11 11:02 - 2017-04-27 16:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 11:02 - 2017-04-27 16:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-11 11:02 - 2017-04-27 16:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 11:02 - 2017-04-27 16:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-11 11:02 - 2017-04-27 16:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-11 11:02 - 2017-04-27 16:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-11 11:02 - 2017-04-27 16:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-11 11:02 - 2017-04-27 16:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-11 11:02 - 2017-04-27 16:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-11 11:02 - 2017-04-27 16:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 11:02 - 2017-04-27 16:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-11 11:02 - 2017-04-27 16:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-11 11:02 - 2017-04-27 16:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-11 11:02 - 2017-04-27 16:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-11 11:02 - 2017-04-27 16:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-11 11:02 - 2017-04-27 16:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-11 11:02 - 2017-04-27 16:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 11:02 - 2017-04-27 16:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-11 11:02 - 2017-04-27 16:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-11 11:02 - 2017-04-27 16:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-11 11:02 - 2017-04-27 16:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-11 11:02 - 2017-04-27 16:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-11 11:02 - 2017-04-27 16:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 11:02 - 2017-04-27 16:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-11 11:02 - 2017-04-27 16:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-11 11:02 - 2017-04-27 16:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-11 11:02 - 2017-04-27 16:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-11 11:02 - 2017-04-27 16:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 11:02 - 2016-12-21 00:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-11 10:09 - 2017-05-11 10:09 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 17:17 - 2017-05-10 17:17 - 00089525 _____ C:\Users\Sticcs\Downloads\dir.dcr
2017-05-10 17:17 - 2017-05-10 17:17 - 00089525 _____ C:\Users\Sticcs\Downloads\dir (1).dcr
2017-05-10 13:53 - 2017-05-10 17:09 - 00004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-06 09:22 - 2017-05-11 20:07 - 00000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job
2017-05-06 09:22 - 2017-05-11 20:07 - 00000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job
2017-05-04 22:01 - 2017-05-04 22:01 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-31 00:45 - 2016-09-28 13:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-27 19:46 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 19:11 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 03:12 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 03:05 - 2011-08-29 02:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 02:06 - 2014-08-24 12:17 - 00000000 ____D C:\Users\Sticcs\AppData\Local\Adobe
2017-05-26 01:51 - 2016-09-28 14:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-26 01:49 - 2016-07-15 23:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-26 01:46 - 2013-08-01 21:00 - 00000000 ____D C:\ProgramData\APN
2017-05-24 22:57 - 2014-07-27 22:37 - 00000000 ___RD C:\Users\Sticcs\OneDrive
2017-05-23 22:33 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-23 22:33 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-22 23:27 - 2013-07-16 03:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 23:16 - 2011-08-28 01:37 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-17 16:55 - 2016-06-30 11:30 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-15 19:34 - 2017-04-11 16:50 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-15 19:34 - 2011-08-27 02:20 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-14 16:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 04:11 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-11 21:16 - 2015-11-28 19:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 20:13 - 2016-09-28 13:56 - 01179284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-11 20:07 - 2016-09-28 13:48 - 00373504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 20:03 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 17:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-10 17:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-06 09:22 - 2016-09-28 14:34 - 00003812 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001
2017-05-06 09:22 - 2016-09-28 14:34 - 00003716 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001
2017-05-03 21:25 - 2015-11-28 19:21 - 00000000 ____D C:\Users\Sticcs\AppData\Local\Packages

==================== Files in the root of some directories =======

2014-11-27 00:35 - 2015-09-12 03:04 - 0000112 _____ () C:\Users\Sticcs\AppData\Roaming\JP2K CS6 Prefs
2014-10-14 09:52 - 2014-12-21 17:20 - 0001456 _____ () C:\Users\Sticcs\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-05 12:08 - 2014-10-05 12:08 - 0002143 _____ () C:\Users\Sticcs\AppData\Local\recently-used.xbel
2011-12-22 19:17 - 2011-12-22 19:17 - 0000000 _____ () C:\Users\Sticcs\AppData\Local\{63360EDD-FB10-487E-AC49-99680D734EC2}
2014-02-14 06:28 - 2014-02-14 06:28 - 0002416 _____ () C:\ProgramData\.ico
2016-12-19 16:23 - 2016-12-19 16:23 - 0241640 _____ () C:\ProgramData\1482189677.bdinstall.bin
2016-12-19 16:23 - 2016-12-19 16:23 - 0029042 _____ () C:\ProgramData\agent.1482189824.bdinstall.bin
2015-10-23 21:43 - 2015-10-23 21:43 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-27 17:38

==================== End of FRST.txt ============================

Sticcs · May 31, 2017

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
Ran by Sticcs (31-05-2017 01:43:36)
Running from C:\Users\Sticcs\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-28 21:39:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3011202683-1613651232-3371837574-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3011202683-1613651232-3371837574-503 - Limited - Disabled)
Guest (S-1-5-21-3011202683-1613651232-3371837574-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3011202683-1613651232-3371837574-1003 - Limited - Enabled)
Sticcs (S-1-5-21-3011202683-1613651232-3371837574-1001 - Administrator - Enabled) => C:\Users\Sticcs

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Carbonite (HKLM-x32\...\{543E55B3-8630-49A9-9BB0-DA68F079FF36}) (Version: 6.2.3 build 6861 (Mar-23-2017) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix)
Dropbox (HKLM-x32\...\Dropbox) (Version: 26.4.24 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EA SPORTS Game Face Browser Plugin 1.5.3.0 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.5.3.0 - Electronic Arts)
EA SPORTS Game Face Browser Plugin 1.5.3.0 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\EA SPORTS Game Face Browser Plugin) (Version: 1.5.3.0 - Electronic Arts)
FileZilla Client 3.14.1 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FileZilla Client 3.14.1 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FinalTorrent 2012 (HKLM-x32\...\FinalTorrent_is1) (Version: 2012.12.09.27 - Bitberry Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GoToMeeting 8.5.0.6956 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\GoToMeeting) (Version: 8.5.0.6956 - CitrixOnline)
GoToMeeting 8.5.0.6956 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\GoToMeeting) (Version: 8.5.0.6956 - CitrixOnline)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Mobile Drivers Installation 5.2.0 (HKLM\...\{1CCF1727-A817-4FEE-A028-5466FB542934}) (Version: 5.2.0 - Motorola Inc.)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
QuickBooks (x32 Version: 26.0.4005.2607 - Intuit Inc.) Hidden
QuickBooks Enterprise Solutions: Mfg and Whsle Edition 16.0 (HKLM-x32\...\{E201B39C-FFFF-46D5-A5FB-081A503221C3}) (Version: 26.0.4005.2607 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RSDLite (HKLM-x32\...\{F4943DDC-2FF8-486B-B354-87571D401222}) (Version: 5.5 - Motorola)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Soda Manager (x32 Version: 7.0.0.21720 - LULU Software Limited) Hidden
Soda PDF 7 (HKLM-x32\...\Soda7) (Version: 7.3.9.23867 - LULU Software Limited)
Soda PDF 7 Asian Fonts Pack (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Convert Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Create Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Edit Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Forms Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Insert Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 OCR Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Review Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Secure Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 View Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION) <==== ATTENTION
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
TSP100 Setup Version 5.5.0 (HKLM\...\{31ACC706-01DA-4D97-A90E-F770A55D5916}) (Version: 5.5.0 - Star Micronics)
TuneUp 3.0.7.0 (HKLM-x32\...\TuneUpMedia) (Version: 3.0.7.0 - TuneUp Media, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
WinZip Courier (HKLM-x32\...\{D011655B-0753-4C2A-B870-946C5B02F54F}) (Version: 7.0.0 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F1FC536CDDF0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{943F19B2-32F9-4373-8D4C-DBE62B95F2CF}\InprocServer32 -> C:\Program Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

Sticcs · May 31, 2017

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013C10F0-A859-4A1B-BA64-A11EC00BCC7A} - System32\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupdate.exe [2017-05-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {02F2B260-5D6C-4150-9442-526810CB032E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {03A2DD48-F7D8-4E9D-ABE5-110B29B3C749} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {07797901-E6C1-4E0A-B26B-075BA5D5BEEC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {08A04474-75FD-43C1-A3B1-85BC97FE4E1C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {098E9B75-DA2A-48D9-9CA1-6EB46D21D9A1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {0A40A369-D39C-48EB-A220-F896BC216BFE} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8bf46a908ed6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {0E59D367-2CF6-4594-8545-4AC968C548A3} - System32\Tasks\AdobeAAMUpdater-1.0-PEGASUS-Sticcs => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {1158522E-4D87-40F6-AB7B-5E0477E535DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {19670B32-5938-4052-B583-CD574FAB3619} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8bf46e56578a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {1C6C0739-C492-4D8C-B373-E539929BF044} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {27A9C3D4-10F3-4CAC-85C7-38593206CC5B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {28757728-73FE-413C-8FA5-8AAB323F7762} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {28DB202A-0B04-4867-85CC-987B324ED271} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-10] (WinZip)
Task: {2FCAA06C-E4B7-4A11-ACFD-19E8487B9741} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3287231C-2C63-4FAE-A67D-FA063380A3A6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3E79F3FC-E553-469E-A8C4-576ED41C6399} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {453A38AD-60C4-4A89-B817-048AFFEC8568} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4637146B-443F-4E6E-8C0E-9450D599F50C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {4A8EAF1E-E635-4AB3-9E19-FC46F3B323D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {4C2A3E50-5F7C-4130-99E1-3B51AA61B5DA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5051C1DD-E3FA-4ED9-85DD-4F84517B50F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {51C9966A-DA4C-4E4E-962B-32DCE4348A33} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {52961676-3AD2-404B-8B49-31AFC0549EEC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5740183E-4BF2-43D3-93DC-7D0DD2B3B03E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {59FE3600-A363-46AC-84D5-9C5247D03DF8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {609479A1-FFB8-428D-9186-162F91906BEE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {696416CC-D7FB-4083-BD5D-8135661849C4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {69A4BEB8-2FD9-4453-B8BC-9C40274CBEBD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6B550E4A-EC35-4CBC-910F-272B74A0BC45} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {6BC5D775-CB95-4A16-8C87-26880ACBB8C5} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-10] (WinZip Computing, S.L.)
Task: {71E07A34-1E9F-45E3-9F3D-0A8192FF491B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {741A79F1-71FE-4DCC-AF3D-850A34626A3C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7E76D4A5-B455-4712-A848-8584D0261457} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {80608C90-F742-47AB-8903-B7774157D9DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {83CB4DE9-458D-4651-8C81-1BD59B601015} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {87290DB9-99DB-42DE-A278-2C8D841C426E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-30] (Dropbox, Inc.)
Task: {88CD6C8A-274B-44CF-AE04-B10D5B0EDF07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {893C1780-8C69-4FB8-8056-9520D6B70FCE} - System32\Tasks\{C7F0C6CE-2690-419B-B803-A3F8A8A76F8C} => pcalua.exe -a C:\Users\Sticcs\AppData\Local\TNT2\2.0.0.1676\TNT2User.exe -c /UNINSTALL PARTNER=10753
Task: {8A99F3C3-A930-4113-9098-D1D1FB19DF46} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {8AE114FF-6AD3-4C75-8448-354B0555EAE1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8B32D6B0-5A92-433E-A159-E26434FCFDB3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {8EC7E5D9-3AA2-4E2B-8FDD-3F16C55B8F80} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {95D9E775-0DDD-4866-B097-9F436032300E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {97ADDEDD-F4FD-4F68-9B54-EE0624B808E1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9AC18200-C08B-4167-B072-9CB266F03A7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9BEDD5BF-BF3D-41E2-8AC8-3E47A24C9E34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {A1EB4A89-99EF-497A-98BB-9FAAC57F8F86} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {A74E05EE-2B7F-4E99-B291-1D517CD2C18E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {B2A9E16D-4BB7-47F4-9E43-7283AB6C2F4E} - System32\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupload.exe [2017-05-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B46A80EB-E293-40EA-AB15-536F92743709} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-22] (Microsoft Corporation)
Task: {B66E8B69-614E-46F8-940C-EE7ED557A7C9} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {BAE31544-4B2A-4096-A6BB-081E9CE5B951} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-30] (Dropbox, Inc.)
Task: {C031E3FB-70DA-4A04-B55E-BE2895A6CFDD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-h_sticcs@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C5FE8148-966D-4523-A3C3-F5E7C3EBAA6A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C7F00890-3734-4998-B977-B45A2EB0E60C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {C804145D-B04E-40F5-BAE3-710F3C0C6A80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {CB5ED5F1-580A-475F-B0F0-709B7ED40EA3} - System32\Tasks\FinalTorrent Update Checker => C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe [2013-03-25] (Bitberry Software)
Task: {CD664968-5283-49B6-8E8C-CEE335E61C4F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D4062A1B-A014-4C40-936C-F70CEB917039} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B5C27B-717E-460F-A02F-D26D97EE85D3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {D73FA222-9BEF-4FE4-8CE8-9D47C07ECA74} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DA221EFA-9435-4B25-90C8-EE812FC557FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {DBCA97A0-3E3A-4455-831A-72A9A6AFB935} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {ED2683AF-2635-4F83-9182-22C93BABCA36} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F1E524AC-5B6A-4B01-9FA8-40DD0097BF87} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {F63B0AB3-620C-4E6B-A3BB-EDC6C9AEDCFD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {F9B5914C-A8D1-4EB8-B723-400762DC73F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {FAA56E5E-A86E-49DE-8458-857F01072EAE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FEBBEC4F-663C-4080-9BF9-2681B1391913} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\FinalTorrent Update Checker.job => C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 04:42 - 2016-07-16 04:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 11:04 - 2017-04-27 17:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-26 00:47 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-28 14:39 - 2016-09-28 14:39 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 10:30 - 2017-03-03 23:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 10:27 - 2017-03-03 23:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 10:26 - 2017-03-03 23:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 10:27 - 2017-03-03 23:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-16 03:02 - 2015-10-16 03:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-01-06 09:41 - 2016-01-06 09:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2017-05-15 19:34 - 2017-05-09 02:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-15 19:34 - 2017-05-09 02:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-10 17:09 - 2017-05-10 17:09 - 31118328 _____ () C:\WINDOWS\system32\Macromed\Flash\pepflashplayer64_25_0_0_171.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP

1B5B4F1 [294]
AlternateDataStreams: C:\ProgramData\TEMP

FC5A2B2 [105]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Sticcs\Downloads\chromeinstall-7u65.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\CreativeCloudSet-Up (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\CreativeCloudSet-Up.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\DivXInstaller (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\DropboxInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\FileZilla_3.14.1_win64-setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\GoogleChromeSetup-21409441.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPPSdr (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPPSdr.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\install_flashplayer14x32au_ltr5x64d_awc_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\MicrosoftFixit.Printing.Run.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup.X86.en-US_O365HomePremRetail_e5a9a73f-ddd7-45cf-abb0-d8954c856657_TX_PR_.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Soda_PDF_7_Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\TeamViewer_Setup_en-khm.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-01-11 18:46 - 2016-12-19 15:53 - 00000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts

Sticcs · May 31, 2017

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015208687\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015215432\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sticcs\AppData\Local\Microsoft\Windows\Themes\NASA Spac\DesktopBackground\3_sunrise_in_space.jpg
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\Control Panel\Desktop\\Wallpaper -> C:\Users\Sticcs\AppData\Local\Microsoft\Windows\Themes\NASA Spac\DesktopBackground\3_sunrise_in_space.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015226419\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: PCTools FGuard =>
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Web Connector.lnk"
HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TSP100ecoOndemand"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LTCM Client"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "Bitdefender Wallet Application Agent"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "Bitdefender Wallet Agent"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "HP Officejet Pro 8610 (NET)"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\Run: => "Bitdefender Wallet Application Agent"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\Run: => "Bitdefender Wallet Agent"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\Run: => "HP Officejet Pro 8610 (NET)"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262017015219433\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BDC7FA48-27EF-46C7-B214-09E871F9DF07}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0E37A815-CAB7-40C8-905E-098C6FBEC4B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D259F768-AB4B-473A-BBEF-82774FAE5D7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FDD07FE5-B397-4B9E-A980-FF932488B3DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{339AE67C-72C0-4802-A609-5AFAC31BD972}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90C69118-99F4-4803-93A6-86240E3EC73E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A140D7D9-1980-4745-92BF-A76F7A2EFD10}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22382CCD-EE50-4D9C-8D45-4128384ADB6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BB40D75-7604-4C72-8322-E4C8E3B6B288}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2A723A2A-848F-4F4E-A681-8C409D7F8668}] => (Allow) LPort=5357
FirewallRules: [{39838AA4-861C-4D6E-BCE9-EB2EC2CFB598}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{1B32C502-34AB-47A9-B044-4036365DE0AD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{1D8117D1-E650-408E-B019-06EED98F0F9D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{D9233A11-37E6-47FA-9586-3EBC831ED26D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{666EDD3F-DBD0-4C25-84D0-F60F3A6EEB51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FE35B98-4C8C-4105-AF17-470DCA7DB92F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{229EAD7E-CDFB-4C59-96CB-6BE69AFC164A}] => (Allow) C:\Program Files (x86)\File Type Assistant\TSAssist.exe
FirewallRules: [{19975857-7C12-452B-B762-E75C782BA1F9}] => (Allow) C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe
FirewallRules: [{7CEF1CB3-CFD1-4F74-9289-A4DB2B1B45C7}] => (Allow) C:\Program Files (x86)\FinalTorrent\FINALTORRENT.exe
FirewallRules: [{AA34A70A-5C5E-498F-834B-E19332390181}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{3D55B340-683F-4ABB-8220-3F54DBEA0D8D}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{535213C5-EB1E-467C-9DBC-B20787E40B93}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1C49C25E-F6F2-4E71-83DD-9486779BE795}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{65FD38FB-8E09-4D2B-9819-56F5801749BD}] => (Allow) G:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{BE498799-698B-4644-B61F-FEB0FD084F5F}] => (Allow) G:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{1967688B-4770-47A6-BB8D-75EC6EA2BF30}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{7BEC4F84-94B2-4428-9FD0-9692F2C94EAB}C:\users\sticcs\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\sticcs\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [UDP Query User{CEDAAC03-F278-45B2-9576-B3A7FB201AD8}C:\users\sticcs\appdata\local\temp\bduninstall\x32\pcsftool.exe] => (Allow) C:\users\sticcs\appdata\local\temp\bduninstall\x32\pcsftool.exe
FirewallRules: [TCP Query User{9C4F4B44-8E9C-45AF-8C56-6DD63E541298}C:\users\sticcs\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\sticcs\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [UDP Query User{D4B89B58-A618-4BBE-AADC-A8FF5CEA8C47}C:\users\sticcs\appdata\local\temp\bduninstall\x64\pcsftool.exe] => (Allow) C:\users\sticcs\appdata\local\temp\bduninstall\x64\pcsftool.exe
FirewallRules: [{C344FD89-1EA5-4405-B8E6-742596325ABF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{49662046-428B-4472-96C2-8BF7447559E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{42610A01-C140-416A-815E-59BC2422B6E9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8489778E-A8E3-4EE7-BF62-96F9D78BB6CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Restore Points =========================

28-05-2017 20:47:28 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2017 04:03:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files (x86)\microsoft office\office12\MSACCESS.EXE.Manifest".
Dependent Assembly AceDAO,language="*",processorArchitecture="X86",type="win32",version="12.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/30/2017 04:03:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Error: (05/30/2017 04:02:06 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\WinZip Courier\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files (x86)\WinZip Courier\adxloader.dll.Manifest" on line 2.
The manifest file root element must be assembly.

Error: (05/30/2017 04:01:18 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on line 2.
The manifest file root element must be assembly.

Error: (05/29/2017 04:38:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files (x86)\microsoft office\office12\MSACCESS.EXE.Manifest".
Dependent Assembly AceDAO,language="*",processorArchitecture="X86",type="win32",version="12.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/29/2017 04:38:02 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Error: (05/29/2017 04:37:11 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\WinZip Courier\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files (x86)\WinZip Courier\adxloader.dll.Manifest" on line 2.
The manifest file root element must be assembly.

Error: (05/29/2017 04:36:35 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on line 2.
The manifest file root element must be assembly.

Error: (05/28/2017 08:47:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/28/2017 12:41:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files (x86)\microsoft office\office12\MSACCESS.EXE.Manifest".
Dependent Assembly AceDAO,language="*",processorArchitecture="X86",type="win32",version="12.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (05/30/2017 03:28:39 AM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: The activation of the CLSID {B91D5831-B1BD-4608-8198-D72E155020F7} timed out waiting for the service UsoSvc to stop.

Error: (05/29/2017 01:02:27 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/29/2017 01:02:23 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/29/2017 01:02:19 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/29/2017 01:02:10 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/29/2017 01:02:06 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/29/2017 01:02:00 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/29/2017 01:01:15 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/28/2017 08:43:47 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/28/2017 08:41:49 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

CodeIntegrity:
===================================
Date: 2017-05-31 01:27:08.406
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 01:27:08.395
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:02.125
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:02.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:00.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:00.655
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:00.642
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:12:21.393
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:12:21.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:12:21.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 910 Processor
Percentage of memory in use: 56%
Total physical RAM: 4095.05 MB
Available physical RAM: 1791.18 MB
Total Virtual: 9244.12 MB
Available Virtual: 3583.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:917.1 GB) (Free:670.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:989.71 GB) NTFS
Drive e: (FACTORY_IMAGE) (Fixed) (Total:13.97 GB) (Free:1.9 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:3.79 GB) (Free:2.11 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=917.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 3.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Sticcs · May 31, 2017

Thanks any input would be helpful. Every once in a while a lil window like a dos prompt pops up and then disappears on my screen My Windows defender says I'm clean and so does the Malwarebytes. I know its in my browser somewhere hiding. Any suggestions, I just can't take the lag anymore. Sorry I'm a noobie looking for answers, actually just looking for help, answers are too complicated, Thanks.

Broni · May 31, 2017

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

========================================

Please uninstall following unwanted program: Software Updater.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Double click on downloaded setup.exe file to install the program.
Click on Start Scan button.
Click on another Start Scan button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
Then click Finish.
Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.
The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
The tool will start to update the database if one is required.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Logfile button.
A window will open which lists the logs of your scans.
Click on the Scan tab.
Double-click the most recent scan which will be at the top of the list....the log will appear.
Review the results...see note below
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Sticcs · May 31, 2017

RogueKiller V12.11.0.0 (x64) [May 29 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : Sticcs [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 05/31/2017 13:16:51 (Duration : 02:39:25)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD10EADS-65L5B1 ATA Device +++++
--- User ---
[MBR] 1cb97a175205919d00ee357edbad4006
[BSP] ceb84c3e7b096f62a58a22cb4210973b : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 939109 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1923297280 | Size: 449 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1924217505 | Size: 14307 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD2002FAEX-007BA0 ATA Device +++++
--- User ---
[MBR] c074465a049331b64a83e62ff3ac15bd
[BSP] 542b1c9950b67d6fe021c7990e059f6f : HP MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 1907600 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: Generic- SD/MMC USB Device +++++
--- User ---
[MBR] 51ec58e675fca70fc66d47df21e28b6f
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 3882 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive5: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

Sticcs · May 31, 2017

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/31/17
Scan Time: 4:45 PM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.2062
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: PEGASUS\Sticcs

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 437738
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 27 min, 25 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

Sticcs · May 31, 2017

# AdwCleaner v6.047 - Logfile created 31/05/2017 at 18:32:55
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-31.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : Sticcs - PEGASUS
# Running from : C:\Users\Sticcs\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{20B9C05C-99C9-4BAB-B596-FB0C0E1C9F55}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnUpdater]

***** [ Web browsers ] *****

[-] Firefox preferences cleaned: "browser.search.defaultengine" - "Ask.com"
[-] Firefox preferences cleaned: "browser.search.order.1" - "Ask.com"
[-] Firefox preferences cleaned: "extensions.asktb.ff-original-keyword-url" - ""
[-] [C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pfkfdlcdbajamklbneflfbcmfgddmpae

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5003 Bytes] - [31/05/2017 18:32:55]
C:\AdwCleaner\AdwCleaner[S0].txt - [5647 Bytes] - [31/05/2017 18:31:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5149 Bytes] ##########

Sticcs · May 31, 2017

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by Sticcs (Administrator) on Wed 05/31/2017 at 19:04:41.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 5

Successfully deleted: C:\ProgramData\1482189677.bdinstall.bin (File)
Successfully deleted: C:\Users\Sticcs\AppData\Roaming\mywordtool (Folder)
Successfully deleted: C:\Users\Sticcs\AppData\Roaming\registry mechanic (Folder)
Successfully deleted: C:\Users\Sticcs\Documents\add-in express (Folder)
Successfully deleted: C:\Program Files (x86)\registry mechanic (Folder)

Registry: 4

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{85DD1E92-2A45-4FF7-97E0-D8D5456B5829} (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D31AA81-4D4B-4BFB-B3AF-B6DDD6DF43B1} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D31AA81-4D4B-4BFB-B3AF-B6DDD6DF43B1} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{7C68E87F-4487-4AE5-BBC2-C398C530DE9A} (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/31/2017 at 19:15:43.99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sticcs · May 31, 2017

Pretty sure the Virus is still here. but my pc is definitely acting nicer. Also Windows defender won't turn back on, it says there's another service running and to delete it first. Not sure which program it's referring to.

Sticcs · Jun 1, 2017

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2017
Ran by Sticcs (administrator) on PEGASUS (01-06-2017 12:20:45)
Running from C:\Users\Sticcs\Downloads
Loaded Profiles: Sticcs (Available Profiles: Sticcs & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(LULU SOFTWARE LIMITED) C:\Program Files (x86)\Soda PDF 7\creator-ws.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\WindowsApps\Microsoft.XboxApp_29.29.31001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(WinZip Computing) C:\Program Files (x86)\WinZip Courier\wzwmcgcnm.exe
(WinZip Computing) C:\Program Files (x86)\WinZip Courier\wzwmcgcnm64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [TSP100ecoOndemand] => C:\Program Files (x86)\StarMicronics\TSP100\Software\20130806\Ondemand.exe [61440 2010-02-08] (Star Micronics Co., Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2756864 2011-04-07] (Leader Technologies Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3792648 2016-02-11] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [29246632 2017-05-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2017-04-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1265256 2017-03-23] (Carbonite, Inc.)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [49730 2016-11-28] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [49730 2016-11-28] ()
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2017-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\RunOnce: [Uninstall C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Sticcs\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-03-23] (Carbonite, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-06-23]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-06-23]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Web Connector.lnk [2016-06-23]
ShortcutTarget: QuickBooks Web Connector.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBWebConnector\QBWebConnector.exe (Intuit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-06-23]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 16.0\QBW32.EXE (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-03-16]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-03-16]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e1514d00-fab3-4bce-b8eb-838524b6f624}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie64.dll [2016-08-29] (WinZip Computing)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: WinZip Courier BHO -> {A8FB70FA-0FDF-4601-9DC4-BFA1B357204F} -> C:\Program Files (x86)\WinZip Courier\wzwmcie32.dll [2016-08-29] (WinZip Computing)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-07] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: intu-help-qb9 - {C1252096-0E63-4C06-A38B-03DF9A16AA12} - C:\Program Files (x86)\Intuit\QuickBooks Enterprise Solutions 16.0\HelpAsyncPluggableProtocol.dll [2016-02-11] (Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1wf8396q.default
FF ProfilePath: C:\Users\Sticcs\AppData\Roaming\Mozilla\Firefox\Profiles\1wf8396q.default [2017-05-31]
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_7_conv@sodapdf.com] - C:\Program Files (x86)\Soda PDF 7\resources\sodapdf7firefoxextension
FF Extension: (Soda PDF 7 Creator) - C:\Program Files (x86)\Soda PDF 7\resources\sodapdf7firefoxextension [2015-07-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{74c841e3-b59f-479e-8d7a-e26a942a87c8}] - C:\Program Files (x86)\WinZip Courier\FFExt.xpi
FF Extension: (WinZip Courier) - C:\Program Files (x86)\WinZip Courier\FFExt.xpi [2016-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-06-08] (Adobe Systems)
FF Plugin-x32: Soda PDF 7 -> C:\Program Files (x86)\Soda PDF 7\np-previewer.dll [2015-07-06] (LULU SOFTWARE LIMITED)
FF Plugin HKU\S-1-5-21-3011202683-1613651232-3371837574-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Sticcs\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-04] (Citrix Online)
FF Plugin HKU\S-1-5-21-3011202683-1613651232-3371837574-1001: electronicarts.com/GameFacePlugin -> C:\Users\Sticcs\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2011-11-29] (Electronic Arts)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Sticcs · Jun 1, 2017

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default [2017-06-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-22]
CHR Extension: (WinZip Courier) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomojjnmhlhdepbfoknpkenickajcphi [2017-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-22]
CHR Extension: (Chrome Media Router) - C:\Users\Sticcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lomojjnmhlhdepbfoknpkenickajcphi] - C:\Program Files (x86)\WinZip Courier\wzwmcgc.crx [2016-08-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-30] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-30] (Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 PortEmulator; C:\Program Files\StarMicronics\TSP100\Software\20130806\portemu_umdf_tsp100.exe [204800 2012-10-15] () [File not signed]
S2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2016-02-11] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2016-02-11] (Intuit Inc.) [File not signed]
S2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2016-02-11] (Intuit Inc.) [File not signed]
S2 SODA Manager; C:\ProgramData\LULU Software\Soda Manager\Soda Manager.exe [868688 2015-01-29] (LULU Software Limited)
S3 Soda PDF 7; C:\Program Files (x86)\Soda PDF 7\ws.exe [2129688 2015-07-06] (LULU SOFTWARE LIMITED)
S3 Soda PDF 7 CrashHandler; C:\Program Files (x86)\Soda PDF 7\crash-handler-ws.exe [845080 2015-07-06] (LULU SOFTWARE LIMITED)
R2 Soda PDF 7 Creator; C:\Program Files (x86)\Soda PDF 7\creator-ws.exe [650520 2015-07-06] (LULU SOFTWARE LIMITED)
S3 TcpEmulatorTSP100LAN; C:\Program Files\StarMicronics\TSP100\Software\20130806\tcpemu_tsp100lan.exe [351744 2011-10-20] (STAR MICRONICS CO,.LTD) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-26] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-31] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-31] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-06-01] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath

========================== Drivers MD5 =======================

C:\WINDOWS\System32\drivers\1394ohci.sys A7901875F89D011C38CF52C98ACF5B29
C:\WINDOWS\System32\drivers\3ware.sys EE1CCC54F75C24727A218F98FC5349DA
C:\WINDOWS\System32\drivers\ACPI.sys 73C73E1AA0D4D727A04AAAB120B7F56A
C:\WINDOWS\System32\drivers\AcpiDev.sys 0935496EF9624B46B935CB35ECE1F205
C:\WINDOWS\System32\Drivers\acpiex.sys D6794C31F4077B71433988787BAA926E
C:\WINDOWS\System32\drivers\acpipagr.sys FE5F656D6B35089DA39112E74EC6A85A
C:\WINDOWS\System32\drivers\acpipmi.sys 2F242941E4DFF69B883D77A16F039557
C:\WINDOWS\System32\drivers\acpitime.sys C247E35A21682DA8D0DC3AF9F025FCC5
C:\WINDOWS\System32\drivers\ADP80XX.SYS 49B9DB97AFC85DCCBDACDAB2E90085B7
C:\WINDOWS\system32\drivers\afd.sys 323AA1953ED9C01E23F740FA891FE064
C:\WINDOWS\System32\DRIVERS\ahcache.sys 23522E5D581F7722B1B5B86737CAE39C
C:\WINDOWS\System32\drivers\amdk8.sys DF21E05E41E5AC3F13F304D91457649A
C:\WINDOWS\system32\DRIVERS\atikmdag.sys E66C25946B3D9268D8E10D3769CF4719
C:\WINDOWS\system32\DRIVERS\atikmpag.sys D1D66D1D42E53B53AFC7598058E71796
C:\WINDOWS\System32\drivers\amdppm.sys 45D0AA4BB90B821DF92E8F19ABED0C5E
C:\WINDOWS\System32\drivers\amdsata.sys 74FFBC43B4B899C9A8CA06A892F2CE73
C:\WINDOWS\System32\drivers\amdsbs.sys AAB0F1D8D7E54761ABAB13AF161F1680
C:\WINDOWS\System32\drivers\amdxata.sys F91BAAC4237C40352A807000F3B716F9
C:\WINDOWS\System32\drivers\appid.sys BC121C099C6C659126AD2102AFDFF8CF
C:\WINDOWS\System32\drivers\applockerfltr.sys 68190E2BADF23BD782344970E5B5DE9E
C:\WINDOWS\System32\drivers\arcsas.sys E6AB1F0B4C3D4E0D2A88332D76FECD03
C:\WINDOWS\System32\drivers\asyncmac.sys 61C5A480C43E7E8E49C42869F49D0D3E
C:\WINDOWS\System32\drivers\atapi.sys A10F989A812B57B9695F6C305907C9C6
C:\WINDOWS\System32\drivers\athwnx.sys D03E551165C72F2A4BBDDC566EAA819E
C:\WINDOWS\System32\drivers\BasicDisplay.sys 94D6B95485BFA35D81524B0EBA0F7569
C:\WINDOWS\System32\drivers\BasicRender.sys 2E78B31C90766FD086D2B766528E9AEA
C:\WINDOWS\System32\drivers\bcmfn.sys 3F5523DCEFE42B385659C5CB46A6B810
C:\WINDOWS\System32\drivers\bcmfn2.sys 0B750A6A6D847E73CA48ADD7A0F5A393
C:\Windows\System32\Drivers\Beep.sys 0A508274355745EEF01C6BE3198D02C4
C:\WINDOWS\System32\DRIVERS\bowser.sys 9CD2A4821DE379305CACB2E99AD8953A
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 722036C26D2C4E50EC2A2EC5FD678846
C:\WINDOWS\System32\drivers\bthhfenum.sys C2E31BE025D46D189E38DD1EDF07837A
C:\WINDOWS\System32\drivers\BthHFHid.sys F7CD605FC0B0B22F3F6F247595E3A655
C:\WINDOWS\System32\drivers\bthmodem.sys 535DC41A33630AE4C262406F9E981C03
C:\WINDOWS\System32\drivers\buttonconverter.sys 23F9EF739F685E07482116425E7879AA
C:\WINDOWS\System32\drivers\capimg.sys 60EB6A4CE3E21887D302350631C16F26
C:\WINDOWS\System32\DRIVERS\cdfs.sys F8FB51B9EF6372610E9B31A1D86B62FC
C:\WINDOWS\System32\drivers\cdrom.sys 613D0137C269187FA298A157E3D14A18
C:\WINDOWS\System32\drivers\cht4sx64.sys 0AED948DA8D5F08B3D6F12E4E2089736
C:\WINDOWS\System32\drivers\cht4vx64.sys 0002A0FDE087C1657AB31CE73077539C
C:\WINDOWS\System32\drivers\circlass.sys 6B4F90A287D75CCD78694F6790C911B2
C:\WINDOWS\System32\drivers\CLFS.sys B72D26074E72A757D788FB1BEF8B2F2E
C:\WINDOWS\System32\drivers\registry.sys EEC3A4A98AE1A337E3CD1483AD6F2E15
C:\WINDOWS\System32\drivers\CmBatt.sys 429623E266EF067A44E8CF148E9DFB9B
C:\WINDOWS\System32\Drivers\cng.sys D7D1A078B0CBC042ACE81E7B0B082994
C:\WINDOWS\System32\DRIVERS\cnghwassist.sys 3DB10C59405931E2C72EFB82C1AF97D1
C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 34C935AF2A414572B412B3556586D783
C:\WINDOWS\System32\drivers\condrv.sys 44EEEB2382F566999287E13F2067693C
C:\WINDOWS\System32\drivers\dam.sys 3BBD0073265DA6D3EFBA54B26E5D8236
C:\WINDOWS\System32\drivers\dc3d.sys 60E9FF9E15FB88D5751A4529E8876DEE
C:\WINDOWS\System32\Drivers\dfsc.sys 4BC21E937E9F9F408672D2C2CBE4A153
C:\WINDOWS\System32\drivers\disk.sys 35B9D46560339A5A7F0CAC6ED702C817
C:\WINDOWS\System32\drivers\dmvsc.sys 815F45161A4571C2C44491564F3D5968
C:\WINDOWS\system32\DRIVERS\drmkaud.sys AE6BD4C879A8C849E53947C92DF3B3A0
C:\WINDOWS\System32\drivers\dxgkrnl.sys 4CECF7C7BFBF95647FEC49475555BFB2
C:\WINDOWS\System32\drivers\evbda.sys 7EC6FC0266D74BD47ABB130A328B70EC
C:\WINDOWS\System32\drivers\EhStorClass.sys 8D74B8B5D6F7C5BC4C525BAF2B083FF1
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 2A9817B5A9260D8F60D52E36BEF10443
C:\WINDOWS\System32\drivers\errdev.sys 77B60DEC7DCB4233E4A69D3F52E5DB24
C:\WINDOWS\system32\drivers\mbae64.sys 233DB99476B8D1CF61AC1177D0137036
C:\Windows\System32\Drivers\exfat.sys FCD2C63754C2E739A8EEAD9BC63F9DDC
C:\Windows\System32\Drivers\fastfat.sys FA918EC296EB410FF02867D008D02421
C:\WINDOWS\System32\drivers\fdc.sys 99598ECA5E41996E005D5B9D9FF1EFA2
C:\WINDOWS\System32\drivers\filecrypt.sys F44F666B0EACC3181544FFCF8CA0FFC7
C:\WINDOWS\System32\drivers\fileinfo.sys 78A210DDFDF2C9EC884631D2DAA573F0
C:\WINDOWS\System32\drivers\filetrace.sys 1A97DB5E701A186989F3795223C3BE39
C:\WINDOWS\System32\drivers\flpydisk.sys 46626665F0E5906E45619B4EFD6186B8
C:\WINDOWS\System32\drivers\fltmgr.sys FDA72ACA14D516D18C33AFCD0FD9260F
C:\WINDOWS\System32\drivers\FsDepends.sys B07A40B5A7A58B8C75663A572A46084C
C:\Windows\System32\Drivers\Fs_Rec.sys 6D6BB5C7363CD35FA715E826F3D029EE
C:\WINDOWS\System32\DRIVERS\fvevol.sys 8EEC4925C03E375C4EC496E45C44139A
C:\WINDOWS\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\WINDOWS\System32\drivers\vmgencounter.sys EF78034773CE506323655A868C949144
C:\WINDOWS\System32\drivers\genericusbfn.sys B55FEBC6A00DAA1FE074F020B6907516
C:\WINDOWS\System32\Drivers\msgpioclx.sys DDD8A8CDDC7F13EF57D1DAAE71865936
C:\WINDOWS\System32\drivers\gpuenergydrv.sys 7ACD8F69B5D6EC97E6D2C006E19BED88
C:\WINDOWS\system32\DRIVERS\HdAudio.sys 217230B984AB2954E2FA5E36578D7B08
C:\WINDOWS\System32\drivers\HDAudBus.sys 10E3515FE5DBA6656FA62C29342EC4A1
C:\WINDOWS\System32\drivers\HidBatt.sys B90D284B97CD4CA9DE7430AAAD887A56
C:\WINDOWS\System32\drivers\hidbth.sys B2FE11643CC6ACDEE6C247DD36018FDB
C:\WINDOWS\System32\drivers\hidi2c.sys D24355488A2D4D2323518EC1AC7A6D9E
C:\WINDOWS\System32\drivers\hidinterrupt.sys 0AF9ABBA4F3F55C6C803890D64BC3C29
C:\WINDOWS\System32\drivers\hidir.sys CDBCF8E9AB06D88A1E1191D32F320C5D
C:\WINDOWS\System32\drivers\hidusb.sys D8536CB438CC4CCDAE047B768EED22B2
C:\WINDOWS\System32\drivers\HpSAMD.sys F5CA18197B4646E04DB9EB2D6642CC4D
C:\WINDOWS\System32\drivers\HTTP.sys A10C7C1E69FC90620C7BF2E51302A01F
C:\WINDOWS\System32\drivers\hvservice.sys 74FC79C52395B10FFD0B55CF22CF88FC
C:\WINDOWS\System32\drivers\hwpolicy.sys 771EDDA9830A3079F996F34D681FB6E5
C:\WINDOWS\System32\drivers\hyperkbd.sys 3B9F315E7FA72CC25228EB097DD9C694
C:\WINDOWS\System32\drivers\i8042prt.sys B54B30992620C97230013A74461C8517
C:\WINDOWS\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F
C:\WINDOWS\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 5A0E850F8CD17791A3E6A3CF81D0CA28
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 7508F1096803385D6376BFD0BD473AC4
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
C:\WINDOWS\System32\drivers\iaStorAV.sys 97E553D03219D3D51705C7235D9EAEBD
C:\WINDOWS\System32\drivers\iaStorV.sys 8350FE3BCDE3428BC040877BB7E9EAEB
C:\WINDOWS\System32\drivers\ibbus.sys 3BA03F7C7700DDF4C383DDE9252F5817
C:\WINDOWS\System32\drivers\IndirectKmd.sys 2A01C96DF5802D3434634E55C91232D8
C:\WINDOWS\System32\drivers\intelide.sys 9F7E87F6595D065A8A200A291043045E
C:\WINDOWS\System32\drivers\intelpep.sys A6BD2E20AE1BC5CB2776C87C28E4F4CA
C:\WINDOWS\System32\drivers\intelppm.sys 2A48DA39542636DB0FA3BA915385D1B3
C:\WINDOWS\System32\drivers\iorate.sys DB32758F3A7F6CCE81A5430080A2EA65
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FE85D0A86CA7A5A99CF8CD04DE7F80AE
C:\WINDOWS\System32\drivers\IPMIDrv.sys 10D01A3657AC8E8004C83D613163DE1E
C:\WINDOWS\System32\drivers\ipnat.sys F1DAECC3B3D6399875D4F10529D6A77C
C:\WINDOWS\system32\drivers\irda.sys 7475A2903BB704B446AA6309E34D3362
C:\WINDOWS\System32\drivers\irenum.sys 9725E7F0C64CE9916A5CDABE8D6E13C3
C:\WINDOWS\System32\drivers\isapnp.sys 58040898883A96160D41739C80328BBF
C:\WINDOWS\System32\drivers\msiscsi.sys CA20F4621AB8CD3F69199DE21B5B41C4
C:\WINDOWS\System32\drivers\kbdclass.sys 210808437570BDDEE71A43535E3A2D30
C:\WINDOWS\System32\drivers\kbdhid.sys 0B779E9FC426CA2268D28181FA6C222F
C:\WINDOWS\System32\drivers\kdnic.sys 813BA3EB2CE038F2A5382DDD75CAD60B
C:\WINDOWS\System32\Drivers\ksecdd.sys 705C0F8BCCEF6E7CB704CCB454192D7E
C:\WINDOWS\System32\Drivers\ksecpkg.sys 55AD13E2BAFC5AB53A10F8C271F5D242
C:\WINDOWS\system32\drivers\ksthunk.sys 4ED115CD1A1099705F56B5E0FFF97CC6
C:\WINDOWS\System32\drivers\lltdio.sys 5933A6673F00D8255C52957E40C2D601
C:\WINDOWS\System32\drivers\lsi_sas.sys 8E1B0946948CCC0BC1FA3CB70374A795
C:\WINDOWS\System32\drivers\lsi_sas2i.sys 4F68163FC04C973500DC4DA0946917B0
C:\WINDOWS\System32\drivers\lsi_sas3i.sys E5AC5F2815938651CDCC27F425474673
C:\WINDOWS\System32\drivers\lsi_sss.sys CCF6EC9FB9B8F18E05B4253E81013E48
C:\WINDOWS\system32\drivers\luafv.sys C9579D32219E5B936AC3A48D470117EC
C:\WINDOWS\system32\drivers\MBAMChameleon.sys 4EA73F071D96F376DB3AB9EF81273B28
C:\WINDOWS\system32\drivers\farflt.sys C51267EE2726707D38C489C06DDF01ED
C:\WINDOWS\system32\drivers\mbam.sys 88BD122C3A35DE63D75D382DF75554CE
C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 53283EB9998AC9350E14C35A880989DB
C:\WINDOWS\system32\drivers\mwac.sys BBFBEFBE4598AD6D8E3E821A0FEBDE79
C:\WINDOWS\System32\drivers\megasas.sys C3CDCCF07486BD2616A7B82946E07AC0
C:\WINDOWS\System32\drivers\MegaSas2i.sys 2CF0CB2A0ED68C5455371E84C16F9627
C:\WINDOWS\System32\drivers\megasr.sys FADB2FE017E69EECE0E1BA78661C2E8C
C:\WINDOWS\System32\drivers\mlx4_bus.sys FD60818B66B2E8A5415EA840E99A9D8F
C:\WINDOWS\system32\drivers\mmcss.sys 68F6977F1CFBAAC770D940A8C0326FA1
C:\WINDOWS\System32\drivers\modem.sys 0D50B3F3AB32D416786B58D4553859CE
C:\WINDOWS\System32\drivers\monitor.sys 9CCCB7FC3EDADEBA461D78615A6011A6
C:\WINDOWS\System32\drivers\mouclass.sys 27A07B2FB2E3057DA8DAEA4F25D843C7
C:\WINDOWS\System32\drivers\mouhid.sys 7BD6E7F7C9001AB21B8362CFFEE80B25
C:\WINDOWS\System32\drivers\mountmgr.sys F5BDAEE4B7D369D4C74668DCFBA3FF10
C:\WINDOWS\System32\drivers\mpsdrv.sys 30844BD376F9D01E62C820BEF446F1F8
C:\WINDOWS\System32\drivers\mqac.sys 4FC62380457DE25B69011D3542E954AC
C:\WINDOWS\system32\drivers\mrxdav.sys 25D32BE04FE0A23FDF57FD5382757672
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys D559FF28B1AD9B1E15A4186E785E61F6
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys D4D12BC29DE0F09280868FDCA65B3474
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 0698B15E21EA1B8742F2E7BB3142B754
C:\WINDOWS\System32\drivers\bridge.sys BEF575A5A8EC38F3BA6DB68D3CFFBD9A
C:\Windows\System32\Drivers\Msfs.sys F01B849D9D4A8CEAF32D4FDBD0B83C92
C:\WINDOWS\System32\drivers\msgpiowin32.sys 22ECD8F5D1DFADF2011BBB1700CB871D
C:\WINDOWS\System32\drivers\mshidkmdf.sys FD870F6968A145E4D2BA8A8842686B03
C:\WINDOWS\System32\drivers\mshidumdf.sys 30364757963A028CE5DF0FBAAC270173
C:\WINDOWS\System32\drivers\msisadrv.sys 6BB0FEDDAE7135FA37FFAFF4D9E0E876
C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 4586CDA25B7866DD9505CEECF9DB3C74
C:\WINDOWS\System32\drivers\mslldp.sys 642CDE46351D5D2D90311E77072AB46D
C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys F2302A5CE63CA7673200FAFCEEEDB6AF
C:\WINDOWS\system32\DRIVERS\MSPQM.sys 6114512EA26E835BA522C63635429DB5
C:\Windows\System32\Drivers\MsRPC.sys AA538E16E644D00E3BA5349BBA9598EC
C:\WINDOWS\System32\drivers\mssmbios.sys 0543BEFD41EC4D25C7F7CF36409CEC7D
C:\WINDOWS\system32\DRIVERS\MSTEE.sys C1569E4DB8EFE3617847BF041A3C842F
C:\WINDOWS\System32\drivers\MTConfig.sys 130B16970154BA9876B09E5C4BAC63BE
C:\WINDOWS\system32\DRIVERS\ASACPI.sys 640617B6E682A150C36BE39D78547F6C
C:\WINDOWS\System32\Drivers\mup.sys 15D987C8F6CCD4AC94E070C5986762CB
C:\WINDOWS\System32\drivers\mvumis.sys 3D2C5B4995CA0751D32DEA0DE9FDFE44
C:\WINDOWS\System32\DRIVERS\nwifi.sys A5FA29F748BBF38FC3FAE4B54FA20A93
C:\WINDOWS\System32\drivers\ndfltr.sys 629CB21AC49C8867E0F29DF1C16DB7B4
C:\WINDOWS\System32\drivers\ndis.sys 63560E6BC9BCA978A6B72DF65F7A8930
C:\WINDOWS\System32\drivers\ndiscap.sys 6DD605338FAAF6BA17662AA874E0D162
C:\WINDOWS\System32\drivers\NdisImPlatform.sys E34196F285F8B8879E1FF36C31F7179E
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 1FAD2398673F30CEC616B89C46B7DCBA
C:\WINDOWS\System32\drivers\ndisuio.sys AEB8ECBE66CC46854066CB1F5623E179
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 7340104C2BF2F126714F7CDE85E63610
C:\WINDOWS\System32\drivers\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C
C:\WINDOWS\System32\DRIVERS\ndiswan.sys 07ADC1F8DCBEB8104D75129B11584B8C
C:\WINDOWS\System32\DRIVERS\NDProxy.sys 78A12E3DF035B5D054986949B19BE43C
C:\WINDOWS\System32\drivers\Ndu.sys 04C8859355C1DC9C0FA198D1894D71C2
C:\WINDOWS\System32\drivers\NetAdapterCx.sys 6C76780A01FC2B885BD6E957B5C36B02
C:\WINDOWS\System32\drivers\netbios.sys 5D1513BD6430307C9DB86C6E351372ED
C:\WINDOWS\System32\DRIVERS\netbt.sys 6FEBB0A847FFD5F057B9AC8889F1B9A7
C:\Windows\System32\Drivers\Npfs.sys 001CBD7A2CD45C4EB39C01C3C677EF73
C:\WINDOWS\System32\drivers\npsvctrig.sys 90F5DC9802AAA00CD0B6E2AD9E7FFADC
C:\WINDOWS\System32\drivers\nsiproxy.sys 0C6218321A09A7B51BA7FFAFBA4CCB21
C:\Windows\System32\Drivers\NTFS.sys 8DB6A6B731CEC9046CD8CA0267EC5679
C:\Windows\System32\Drivers\Null.sys 6E6DD6F9DD2A034CF85E94047DBDB992
C:\WINDOWS\System32\drivers\nvraid.sys D261DF41F0840F734856A2B4F5E072C7
C:\WINDOWS\System32\drivers\nvstor.sys 23B702B555EB0436B9DAA0BC63DA65CE
C:\WINDOWS\System32\drivers\parport.sys 6B81BF7853D161DB8AC62CD8B9C2DE6B
C:\WINDOWS\System32\drivers\partmgr.sys 0553ECB742278C8F4CFA28B43FF20EAD
C:\WINDOWS\System32\drivers\pci.sys 29AF16726F4DD84376ECA85AB6AFF2C6
C:\WINDOWS\System32\drivers\pciide.sys 214DCC87E3898F738075D1341252A552
C:\WINDOWS\System32\drivers\pcmcia.sys AED76A3333B3A31536E430020E0226FC
C:\WINDOWS\System32\drivers\pcw.sys E63FB38B6E75B39467492FBAD2CD512A
C:\WINDOWS\System32\drivers\pdc.sys CA979960D3A580C78EDB4BBD6BD3ABCC
C:\WINDOWS\System32\drivers\peauth.sys 1509A77F840AA9E72CF8247D0CF2FBDE
C:\WINDOWS\System32\drivers\percsas2i.sys 540116170E2135FCD5DDE77702166B67
C:\WINDOWS\System32\drivers\percsas3i.sys 8356F87553BF49C703CF382033815898
C:\WINDOWS\System32\drivers\point64.sys E4799B87675C59AA1F620DE5C6F113BB
C:\WINDOWS\System32\drivers\raspptp.sys 5645B9D9788CCA2C88B9534996ED2D6D
C:\WINDOWS\System32\drivers\processr.sys 372913E12677A8CBBBABDD8311894F9D
C:\WINDOWS\System32\drivers\pacer.sys FC98407B85A31161851FDE245517574F
C:\WINDOWS\system32\drivers\qwavedrv.sys 819602BBBFDB0BD46DEA3715BF0DD452
C:\WINDOWS\System32\DRIVERS\rasacd.sys CDF47037A0939F56D11F699629C276AD
C:\WINDOWS\System32\drivers\AgileVpn.sys 28C2EA278070EE12701D0EDF8CB0EC36
C:\WINDOWS\System32\drivers\rasl2tp.sys 17E565710172ED71B8531D8822E1C5D1
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 726857E441D1D67F57694A1B613ABD34
C:\WINDOWS\System32\drivers\rassstp.sys F0F4EEDEEBEE7A4244FAFB96A16B5712
C:\WINDOWS\System32\DRIVERS\rdbss.sys 1A49C9F966A04D031DAD4C73C49D5288
C:\WINDOWS\System32\drivers\rdpbus.sys 79A415E6FA915EFC00297DAB16EC2635
C:\WINDOWS\System32\drivers\rdpdr.sys 7135785C21CA79D270D11037C43D3F19
C:\WINDOWS\System32\drivers\rdpvideominiport.sys 97A61A3CB2B5CB4FC32B3224EF333448
C:\WINDOWS\System32\drivers\rdyboost.sys 69BB204AE07EE84ECFAB1BF13C4BD04B
C:\Windows\System32\Drivers\ReFSv1.sys 940D6F5A2B0A61EE4170DF84F6C95C20
C:\WINDOWS\System32\drivers\rspndr.sys 5FF28F097C9699097B473F8FC7C1AA7D
C:\WINDOWS\System32\drivers\rt640x64.sys F9265C902BB9146C6BFF97BDF35C04DE
C:\WINDOWS\System32\drivers\vms3cap.sys B5DAEE69BACA64D2BB004568E22D8756
C:\WINDOWS\System32\drivers\sbp2port.sys 5E73FB63E2DBC75FE0C17DEB0010CE0E
C:\WINDOWS\System32\DRIVERS\scfilter.sys 3D9A82B03C92D1FEC42CB171D6F57778
C:\WINDOWS\System32\drivers\scmbus.sys B8B1D49283F33E3FFFDB611E51BCA7E5
C:\WINDOWS\System32\drivers\scmdisk0101.sys B6F2363584E62960846F7C3F00124A4F
C:\WINDOWS\System32\drivers\sdbus.sys 7C3D10BEC8B0DBA00A78C78EB10B3AE2
C:\WINDOWS\System32\drivers\sdstor.sys 120DFCB71D6C502613A9E2D50E16850C
C:\WINDOWS\System32\drivers\SerCx.sys 401D706DDC0A7AF18C3DD228ADF74551
C:\WINDOWS\System32\drivers\SerCx2.sys 7084D11083F0CDCA8B5C76F9846ABF5D
C:\WINDOWS\System32\drivers\serenum.sys 3FF478A8ED32A83C36581425F6282B6C
C:\WINDOWS\System32\drivers\serial.sys 92509187AA171A80521528B36F753E1D
C:\WINDOWS\System32\drivers\sermouse.sys 433D38FF6D08B993847EA2A10EB8CB52
C:\WINDOWS\System32\drivers\sfloppy.sys 697D3EE0740AEAB62B66ABCA1C83D13B
C:\WINDOWS\System32\drivers\SiSRaid2.sys A34CE1830E45DA98932295FDE4B7908A
C:\WINDOWS\System32\drivers\sisraid4.sys A7B5C670770E908DA5FEF5BF1136E933
C:\WINDOWS\System32\drivers\spaceport.sys A265FF86BF4C03F47EC277881138675D
C:\WINDOWS\System32\drivers\SpbCx.sys E03264C4C25B568F92ED1656AD541E64
C:\WINDOWS\System32\DRIVERS\srv.sys 2E0F160AFE1EB7E8C21D6FE782FFFE0B
C:\WINDOWS\System32\DRIVERS\srv2.sys A0BDA7332A9EE59062A7037D161C8715
C:\WINDOWS\System32\DRIVERS\srvnet.sys F13EE0DB1FB1D6946AC3228D7EFCFC8F
C:\WINDOWS\System32\drivers\stexstor.sys 29D26E1347AE1BBD4201014E19880B2C
C:\WINDOWS\system32\DRIVERS\serscan.sys B11724BFE7DA1BA55903B4D849415F1A
C:\WINDOWS\System32\drivers\storahci.sys 6BC6023E866489D22CE30E18846B80D9
C:\WINDOWS\System32\drivers\vmstorfl.sys C5E0ACE4771F5575D9D5B457ABF3AD03
C:\WINDOWS\System32\drivers\stornvme.sys B66D8C75C9BC59D637177AB3B1C569A6
C:\WINDOWS\System32\drivers\storqosflt.sys BEBF85EB4D90E6996047DA027D0ED26E
C:\WINDOWS\System32\drivers\storufs.sys 8E73037A6F8938475692FFCC26EBF385
C:\WINDOWS\System32\drivers\storvsc.sys 9D9DED47DA10E845EFF2DD57C94C809B
C:\WINDOWS\System32\drivers\swenum.sys 505E0C40B5D0ADDCBB414640F59BD2E0
C:\WINDOWS\System32\drivers\Synth3dVsc.sys 32F46FB0F290D16DAA452B289C985795
C:\WINDOWS\System32\drivers\tcpip.sys F3CFBE74DAF9ABD06F0B2A037DC4C90A
C:\WINDOWS\System32\drivers\tcpip.sys F3CFBE74DAF9ABD06F0B2A037DC4C90A
C:\WINDOWS\System32\drivers\tcpipreg.sys EC9450227A4C661513661F1F9C1F7DD6
C:\WINDOWS\system32\DRIVERS\tdx.sys 0B237F8A96952BF95A14865030E131F2
C:\WINDOWS\System32\drivers\terminpt.sys 06130AFFECEB94525FC2352936576B70
C:\WINDOWS\System32\drivers\tpm.sys 46171262D0E806779DEEDFCAB2F830CC
C:\WINDOWS\System32\drivers\TsUsbFlt.sys A6F4025664C9D4BC2A9EDAB4092706D7
C:\WINDOWS\System32\drivers\TsUsbGD.sys 37A96AD493E110C0BF1EE0AC0F9E7DBD
C:\WINDOWS\System32\drivers\tunnel.sys 79E264287F17D56D768440B0270466DE
C:\WINDOWS\System32\drivers\uaspstor.sys AA65954F512BA097DD190790876DD991
C:\WINDOWS\System32\Drivers\UcmCx.sys AB6268022C3A5B529075A39C33904DA6
C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 7ED2EDA43D21C7A5F589A7960E265C52
C:\WINDOWS\System32\drivers\UcmUcsi.sys 169351463039B45F5CDED9768879F712
C:\WINDOWS\System32\drivers\ucx01000.sys 08A9E3AD29B215484FBB68CDC175DF3A
C:\WINDOWS\System32\drivers\udecx.sys DA70AEE267491AA56BC63AA0C0C96CA2
C:\WINDOWS\System32\DRIVERS\udfs.sys FBC5ECF6D5A868D0B116C2DBB02B8168
C:\WINDOWS\System32\drivers\UEFI.sys B918E40FAA9CD118CCA4AD388B748C98
C:\WINDOWS\System32\drivers\ufx01000.sys 0FD75222C1AD2687AB365BEBEA400DD4
C:\WINDOWS\System32\drivers\UfxChipidea.sys C1A78C53E01C641AE41BFA65797819F5
C:\WINDOWS\System32\drivers\ufxsynopsys.sys 767307212110EBEFB93EC9A5BE9E85B9
C:\WINDOWS\System32\drivers\umbus.sys DC460AAA18CA2342FBBFB2DF9B044472
C:\WINDOWS\System32\drivers\umpass.sys C3CF0377917ECE6D65D7623E1E61568F
C:\WINDOWS\System32\drivers\urschipidea.sys 6B46FC140C9AF68E6E7697D66D59CB4D
C:\WINDOWS\System32\drivers\urscx01000.sys B4402E7F0923F660270442CE76877ABE
C:\WINDOWS\System32\drivers\urssynopsys.sys 9DD431F1B94789CFB527E5D19261F124
C:\WINDOWS\System32\drivers\usbccgp.sys C87E32B90F085970D9637FBAD45EF6FE
C:\WINDOWS\System32\drivers\usbcir.sys 0B663856474AC41924D9E9112203858F
C:\WINDOWS\System32\drivers\usbehci.sys F83D2250256203AC5DA5E8601C1AFDD7
C:\WINDOWS\System32\drivers\usbhub.sys 7FFD26742321919590ED77FCA556D65F
C:\WINDOWS\System32\drivers\UsbHub3.sys 7A749B2863B5561BE34B39E8E249AD8F
C:\WINDOWS\System32\drivers\usbohci.sys D2109F1F4FEBF1DAC415CDC5DE876479
C:\WINDOWS\System32\drivers\usbprint.sys 29C9572F2D061CFC3C0BD48A3163E343
C:\WINDOWS\System32\drivers\usbser.sys 429477D6DEF3321FF7D3EF23CAAADA00
C:\WINDOWS\System32\drivers\USBSTOR.SYS 0CC16F7B91C57AE9A4E44425A295FDAA
C:\WINDOWS\System32\drivers\usbuhci.sys C917D09064CDBD18F75ADC9B2C48F847
C:\WINDOWS\System32\drivers\USBXHCI.SYS 95BCCEFBC40D06484CF16144FE79B8A5
C:\WINDOWS\System32\drivers\vdrvroot.sys 0CBDE344FB48E42D78E29469F202ADBC
C:\WINDOWS\System32\drivers\VerifierExt.sys 723195568C8755CAD57F7933C5F2C5C2
C:\WINDOWS\System32\drivers\vhdmp.sys F7F3E80E84E51A6F89831A6F26056A98
C:\WINDOWS\System32\drivers\vhf.sys 7929228F0E8B0C2FA0495A17A4FC27F6
C:\WINDOWS\System32\drivers\vmbus.sys AEE432ED868831B1F068E373598F6D93
C:\WINDOWS\System32\drivers\VMBusHID.sys 9444B23FC694B5F90F21B0FC7F10D8DD
C:\WINDOWS\System32\drivers\vmgid.sys 4D0287F566B36536DD812A54C015FC4A
C:\WINDOWS\System32\drivers\volmgr.sys 29075915F9BDC3437F8BED71C067D399
C:\WINDOWS\System32\drivers\volmgrx.sys 6BDB6CE6D2D9E3D3F28F1C97E12B62E2
C:\WINDOWS\System32\drivers\volsnap.sys BF2546583BB75F01DDA60A7921DFB230
C:\WINDOWS\System32\drivers\volume.sys AC2E20A74D09D24485BE8396CE04F07B
C:\WINDOWS\System32\drivers\vpci.sys 92F6E3E6D3F1795263EB34B37F74AEF7
C:\WINDOWS\System32\drivers\vsmraid.sys FD9BCB8920973CEAD4D49DC7A6D8A618
C:\WINDOWS\System32\drivers\vstxraid.sys 0C111F220798CCE80484026E06822379
C:\WINDOWS\System32\drivers\vwifibus.sys 607639716E9DB1CEF4E18B5B229293B4
C:\WINDOWS\System32\drivers\vwififlt.sys B1ED64E628763148BF84FBE23F2AD711
C:\WINDOWS\System32\drivers\vwifimp.sys B1133B813E4CBF258A392CA08255BA24
C:\WINDOWS\System32\drivers\wacompen.sys 55D00B785A7587F4263D125817871283
C:\WINDOWS\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6
C:\WINDOWS\System32\DRIVERS\wanarp.sys CEF3D306C09BEC1A800E9B4A06F859F6
C:\WINDOWS\system32\drivers\wcifs.sys E330144B97D493AA886000DCAAA8DAF5
C:\WINDOWS\system32\drivers\wcnfs.sys AEA1093B751339267D8C8C1EF3D669CF
C:\WINDOWS\System32\drivers\WdBoot.sys D520B1B849B6D4D707AB31722B952C2D
C:\WINDOWS\System32\drivers\Wdf01000.sys 5030C76047D756263093A47B82970868
C:\WINDOWS\System32\drivers\WdFilter.sys 29FF9199EDEB4F5470BB134D1A2563D2
C:\WINDOWS\System32\DRIVERS\wdiwifi.sys EDC08B8D3E67F96688774841C247B82A
C:\WINDOWS\System32\Drivers\WdNisDrv.sys 17CF416CFF408190F5A4CBD79AB12E55
C:\WINDOWS\System32\drivers\wfplwfs.sys E1785942AC51FEE6826CDF02075C5AA9
C:\WINDOWS\System32\drivers\wimmount.sys 0CF79A0EACFFBB75A50A469A27696D02
C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 0DE131733317EB4BE67028366B0CAAC6
C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 92EB5D38BDF10C790450F3E46BF93A0E
C:\WINDOWS\System32\drivers\winmad.sys F95DE20312ACCA7761446DE152BD1F7C
C:\WINDOWS\System32\drivers\WinUSB.SYS 4EFB346BFDAEEB29316AA52BBB9852B1
C:\WINDOWS\System32\drivers\winverbs.sys 8B9AFF5F08E66A6F1F1063DEC9457FB6
C:\WINDOWS\System32\drivers\wmiacpi.sys 6F4F4F5A007D1710BD76FB311DA97C07
C:\Windows\System32\Drivers\Wof.sys 43C8D087B31C592163B33A4BDA540E40
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 75A9284F01FE7CB1A7D5EAE5C1EB4F33
C:\WINDOWS\system32\drivers\ws2ifsl.sys 36D7B73ADC3E10607ED6EC874AFB5D1E
C:\WINDOWS\System32\drivers\WSDPrint.sys 696EC2EAA2A42A137CCBB9A84D6917C0
C:\WINDOWS\system32\DRIVERS\WSDScan.sys 46E4A69825A7554A5DB784A55F8AD203
C:\WINDOWS\System32\drivers\WudfPf.sys AED7FE551E8672B824A56324076183EB
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys CEFAB17FD7DFCFA515626C306262E89D
C:\WINDOWS\System32\drivers\xboxgip.sys DB77764B46D02DCB9777D9E00A3F7D63
C:\WINDOWS\System32\drivers\xinputhid.sys 63088A3361D9A308F328F11E9099DD87

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-01 12:18 - 2017-06-01 12:18 - 02431488 _____ (Farbar) C:\Users\Sticcs\Downloads\FRST64.exe
2017-06-01 12:18 - 2017-06-01 12:18 - 00000000 ____D C:\Users\Sticcs\Downloads\FRST-OlderVersion
2017-05-31 21:59 - 2017-05-31 21:59 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-05-31 19:15 - 2017-05-31 19:15 - 00001543 _____ C:\Users\Sticcs\Desktop\JRT.txt
2017-05-31 18:25 - 2017-05-31 18:32 - 00000000 ____D C:\AdwCleaner
2017-05-31 15:57 - 2017-05-31 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-31 03:29 - 2017-05-31 16:06 - 00000000 ____D C:\ProgramData\RogueKiller
2017-05-31 03:28 - 2017-05-31 03:28 - 00000905 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-05-31 03:28 - 2017-05-31 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-05-31 03:28 - 2017-05-31 03:28 - 00000000 ____D C:\Program Files\RogueKiller
2017-05-31 03:26 - 2017-05-31 18:25 - 04110280 _____ C:\Users\Sticcs\Downloads\AdwCleaner.exe
2017-05-31 03:23 - 2017-05-31 19:04 - 01663672 _____ (Malwarebytes) C:\Users\Sticcs\Downloads\JRT.exe
2017-05-31 03:23 - 2017-05-31 03:27 - 35401960 _____ (Adlice Software ) C:\Users\Sticcs\Downloads\RogueKiller_setup.exe
2017-05-31 01:43 - 2017-05-31 01:47 - 00054169 _____ C:\Users\Sticcs\Downloads\Addition.txt
2017-05-31 01:37 - 2017-06-01 12:23 - 00055049 _____ C:\Users\Sticcs\Downloads\FRST.txt
2017-05-31 01:37 - 2017-06-01 12:20 - 00000000 ____D C:\FRST
2017-05-30 03:22 - 2017-05-30 03:22 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-26 00:48 - 2017-06-01 09:49 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-26 00:48 - 2017-05-31 18:36 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-26 00:48 - 2017-05-26 00:48 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-26 00:47 - 2017-05-31 18:36 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-26 00:47 - 2017-05-31 18:35 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-26 00:47 - 2017-05-26 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-26 00:47 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-26 00:46 - 2017-05-26 00:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-26 00:46 - 2017-05-26 00:46 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-26 00:44 - 2017-05-26 00:45 - 63364552 _____ (Malwarebytes ) C:\Users\Sticcs\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-24 22:58 - 2017-05-24 22:58 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-24 22:57 - 2017-05-24 22:57 - 00002407 _____ C:\Users\Sticcs\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-15 17:15 - 2017-05-15 17:15 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-15 17:15 - 2017-05-15 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-15 17:13 - 2017-05-15 17:15 - 00000000 ____D C:\Program Files\iTunes
2017-05-15 17:13 - 2017-05-15 17:13 - 00000000 ____D C:\Program Files\iPod
2017-05-15 17:04 - 2017-05-15 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-05-11 21:17 - 2017-05-11 21:17 - 00089525 _____ C:\Users\Sticcs\Downloads\dir (2).dcr
2017-05-11 20:10 - 2017-03-28 04:11 - 00389330 __RSH C:\bootmgr
2017-05-11 20:10 - 2016-07-16 04:43 - 00000001 ___SH C:\BOOTNXT
2017-05-11 11:11 - 2017-04-28 17:59 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-05-11 11:11 - 2017-04-28 17:59 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-11 11:08 - 2017-04-27 17:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-11 11:08 - 2017-04-27 17:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-11 11:08 - 2017-04-27 16:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-11 11:08 - 2017-03-04 00:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-11 11:08 - 2017-03-03 23:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-11 11:07 - 2017-04-27 18:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-11 11:07 - 2017-04-27 17:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-11 11:07 - 2017-04-27 17:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-11 11:07 - 2017-04-27 17:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-11 11:07 - 2017-04-27 17:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-11 11:07 - 2017-04-27 17:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-11 11:07 - 2017-04-27 17:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-11 11:07 - 2017-04-27 17:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-11 11:07 - 2017-04-27 17:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-11 11:07 - 2017-04-27 17:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-11 11:07 - 2017-04-27 17:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-11 11:07 - 2017-04-27 17:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-11 11:07 - 2017-04-27 17:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-11 11:07 - 2017-04-27 17:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-11 11:07 - 2017-04-27 17:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-11 11:07 - 2017-04-27 17:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-11 11:07 - 2017-04-27 17:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-11 11:07 - 2017-04-27 17:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-11 11:07 - 2017-04-27 17:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-11 11:07 - 2017-04-27 17:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-11 11:07 - 2017-04-27 17:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-11 11:07 - 2017-04-27 17:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-11 11:07 - 2017-04-27 17:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-11 11:07 - 2017-04-27 17:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-11 11:07 - 2017-04-27 17:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-11 11:07 - 2017-04-27 17:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-11 11:07 - 2017-04-27 17:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-11 11:07 - 2017-04-27 17:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-11 11:07 - 2017-04-27 17:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-11 11:07 - 2017-04-27 17:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-11 11:07 - 2017-04-27 17:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-11 11:07 - 2017-04-27 17:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-11 11:07 - 2017-04-27 17:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-11 11:07 - 2017-04-27 17:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-11 11:07 - 2017-04-27 17:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-11 11:07 - 2017-04-27 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-11 11:07 - 2017-04-27 17:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-11 11:07 - 2017-04-27 17:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-11 11:07 - 2017-04-27 17:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-11 11:07 - 2017-04-27 17:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-11 11:07 - 2017-04-27 17:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-11 11:07 - 2017-04-27 17:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-11 11:07 - 2017-04-27 17:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-11 11:07 - 2017-04-27 17:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-11 11:07 - 2017-04-27 17:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-11 11:07 - 2017-04-27 17:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-11 11:07 - 2017-04-27 17:12 - 00262144 _____ (Microsoft Corporation)

Sticcs · Jun 1, 2017

C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-11 11:07 - 2017-04-27 17:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-11 11:07 - 2017-04-27 17:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-11 11:07 - 2017-04-27 17:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-11 11:07 - 2017-04-27 17:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-11 11:07 - 2017-04-27 17:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-11 11:07 - 2017-04-27 17:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-11 11:07 - 2017-04-27 17:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-11 11:07 - 2017-04-27 17:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-11 11:07 - 2017-04-27 17:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-11 11:07 - 2017-04-27 17:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-11 11:07 - 2017-04-27 17:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-11 11:07 - 2017-04-27 17:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-11 11:07 - 2017-04-27 17:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-11 11:07 - 2017-04-27 17:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-11 11:07 - 2017-04-27 17:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-11 11:07 - 2017-04-27 17:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-11 11:07 - 2017-04-27 16:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-11 11:07 - 2017-04-27 16:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-11 11:07 - 2017-04-27 16:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-11 11:07 - 2017-04-27 16:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-11 11:07 - 2017-04-27 16:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-11 11:07 - 2017-04-27 16:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-11 11:07 - 2017-04-27 16:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-11 11:07 - 2017-04-27 16:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-11 11:07 - 2017-04-27 16:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-11 11:07 - 2017-04-27 16:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-11 11:07 - 2017-04-27 16:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-11 11:07 - 2017-04-27 16:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-11 11:07 - 2017-04-27 16:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-11 11:07 - 2017-04-27 16:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-11 11:07 - 2017-04-27 16:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-11 11:07 - 2017-04-27 16:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-11 11:07 - 2017-03-03 23:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-11 11:07 - 2017-03-03 23:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-11 11:07 - 2017-03-03 23:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-11 11:07 - 2017-03-03 23:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-11 11:07 - 2017-03-03 23:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-11 11:06 - 2017-04-27 17:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-11 11:06 - 2017-04-27 17:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-11 11:06 - 2017-04-27 17:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-11 11:06 - 2017-04-27 17:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-11 11:06 - 2017-04-27 17:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-11 11:06 - 2017-04-27 17:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-11 11:06 - 2017-04-27 17:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-11 11:06 - 2017-04-27 17:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-11 11:06 - 2017-04-27 17:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-11 11:06 - 2017-04-27 17:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-11 11:06 - 2017-04-27 17:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-11 11:06 - 2017-04-27 17:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-11 11:06 - 2017-04-27 17:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-11 11:06 - 2017-04-27 17:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-11 11:06 - 2017-04-27 17:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-11 11:06 - 2017-04-27 17:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-11 11:06 - 2017-04-27 17:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-11 11:06 - 2017-04-27 17:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-11 11:06 - 2017-04-27 17:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-11 11:06 - 2017-04-27 17:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-11 11:06 - 2017-04-27 17:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-11 11:06 - 2017-04-27 17:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-11 11:06 - 2017-04-27 17:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-11 11:06 - 2017-04-27 17:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-11 11:06 - 2017-04-27 16:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-11 11:06 - 2017-04-27 16:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-11 11:06 - 2017-04-27 16:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-11 11:06 - 2017-04-27 16:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-11 11:06 - 2017-04-27 16:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-11 11:06 - 2017-04-27 16:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-11 11:06 - 2017-04-27 16:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-11 11:06 - 2017-04-27 16:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-11 11:06 - 2017-04-27 16:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-11 11:06 - 2017-04-27 16:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-11 11:06 - 2017-04-27 16:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-11 11:06 - 2017-04-27 16:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-11 11:06 - 2017-04-27 16:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-11 11:06 - 2017-04-27 16:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-11 11:06 - 2017-04-27 16:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-11 11:06 - 2017-04-27 16:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-11 11:06 - 2017-04-27 16:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-11 11:06 - 2017-03-03 23:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-11 11:06 - 2017-03-03 23:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-11 11:06 - 2017-03-03 23:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-11 11:05 - 2017-04-27 17:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-11 11:05 - 2017-04-27 17:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-11 11:05 - 2017-04-27 17:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-11 11:05 - 2017-04-27 17:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-11 11:05 - 2017-04-27 17:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-11 11:05 - 2017-04-27 17:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-11 11:05 - 2017-04-27 17:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-11 11:05 - 2017-04-27 17:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-11 11:05 - 2017-04-27 17:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-11 11:05 - 2017-04-27 17:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-11 11:05 - 2017-04-27 17:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-11 11:05 - 2017-04-27 17:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-11 11:05 - 2017-04-27 17:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-11 11:05 - 2017-04-27 17:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-11 11:05 - 2017-04-27 17:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-11 11:05 - 2017-04-27 17:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-11 11:05 - 2017-04-27 17:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-11 11:05 - 2017-04-27 16:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-11 11:05 - 2017-04-27 16:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-11 11:05 - 2017-04-27 16:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-11 11:05 - 2017-04-27 16:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-11 11:05 - 2017-04-27 16:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-11 11:05 - 2017-04-27 16:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-11 11:05 - 2017-04-27 16:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-11 11:05 - 2017-04-27 16:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-11 11:05 - 2017-04-27 16:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-11 11:05 - 2017-04-27 16:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-11 11:05 - 2017-04-27 16:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-11 11:05 - 2017-04-27 16:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-11 11:05 - 2017-04-27 16:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-11 11:05 - 2017-04-27 16:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-11 11:05 - 2017-04-27 16:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-11 11:05 - 2017-04-27 16:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-11 11:05 - 2017-04-27 16:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-11 11:05 - 2017-04-27 16:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-11 11:05 - 2017-04-27 16:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-11 11:05 - 2017-04-27 16:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-11 11:05 - 2017-04-27 16:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-11 11:05 - 2017-04-27 16:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-11 11:05 - 2017-04-27 16:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-11 11:05 - 2017-04-27 16:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-11 11:05 - 2017-04-27 16:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-11 11:05 - 2017-04-27 16:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-11 11:05 - 2017-04-27 16:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-11 11:05 - 2017-04-27 16:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-11 11:05 - 2017-04-27 16:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-11 11:05 - 2017-04-27 16:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-11 11:05 - 2017-04-27 16:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-11 11:05 - 2017-04-27 16:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-11 11:05 - 2017-04-27 16:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-11 11:05 - 2017-04-27 16:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-11 11:05 - 2017-04-27 16:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-11 11:05 - 2017-04-27 16:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-11 11:05 - 2017-04-27 16:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-11 11:05 - 2017-04-27 16:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-11 11:05 - 2017-03-04 00:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-11 11:05 - 2017-03-03 23:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-11 11:05 - 2017-03-03 23:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-11 11:04 - 2017-04-27 17:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-11 11:04 - 2017-04-27 17:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-11 11:04 - 2017-04-27 17:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-11 11:04 - 2017-04-27 17:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-11 11:04 - 2017-04-27 17:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-11 11:04 - 2017-04-27 17:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-11 11:04 - 2017-04-27 17:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-11 11:04 - 2017-04-27 17:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-11 11:04 - 2017-04-27 17:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-11 11:04 - 2017-04-27 17:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-11 11:04 - 2017-04-27 17:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-11 11:04 - 2017-04-27 17:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-11 11:04 - 2017-04-27 17:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-11 11:04 - 2017-04-27 17:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-11 11:04 - 2017-04-27 17:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-11 11:04 - 2017-04-27 17:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-11 11:04 - 2017-04-27 16:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-11 11:04 - 2017-04-27 16:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-11 11:04 - 2017-04-27 16:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-11 11:04 - 2017-04-27 16:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-11 11:04 - 2017-04-27 16:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-11 11:04 - 2017-04-27 16:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-11 11:04 - 2017-04-27 16:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-11 11:04 - 2017-04-27 16:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-11 11:04 - 2017-04-27 16:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-11 11:04 - 2017-04-27 16:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-11 11:04 - 2017-04-27 16:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-11 11:04 - 2017-04-27 16:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-11 11:04 - 2017-04-27 16:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-11 11:04 - 2017-04-27 16:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-11 11:04 - 2017-04-27 16:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-11 11:04 - 2017-04-27 16:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-11 11:04 - 2017-04-27 16:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-11 11:04 - 2017-04-27 16:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-11 11:04 - 2017-04-27 16:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-11 11:04 - 2017-04-27 16:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-11 11:04 - 2017-04-27 16:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-11 11:04 - 2017-04-27 16:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-11 11:04 - 2017-04-27 16:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-11 11:04 - 2017-04-27 16:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-11 11:04 - 2017-04-27 16:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-11 11:04 - 2017-04-27 16:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-11 11:04 - 2017-04-27 16:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-11 11:04 - 2017-04-27 16:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-11 11:04 - 2017-04-27 16:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-11 11:04 - 2017-04-27 16:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-11 11:04 - 2017-04-27 16:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-11 11:04 - 2017-04-27 16:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-11 11:04 - 2017-04-27 16:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-11 11:04 - 2017-04-27 16:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-11 11:04 - 2017-04-27 16:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-11 11:04 - 2017-04-27 16:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-11 11:04 - 2017-04-27 16:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-11 11:04 - 2017-04-27 16:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-11 11:04 - 2017-03-03 23:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-11 11:03 - 2017-04-27 17:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-11 11:03 - 2017-04-27 17:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-11 11:03 - 2017-04-27 17:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-11 11:03 - 2017-04-27 17:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-11 11:03 - 2017-04-27 17:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-11 11:03 - 2017-04-27 17:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-11 11:03 - 2017-04-27 17:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-11 11:03 - 2017-04-27 17:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-11 11:03 - 2017-04-27 17:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-11 11:03 - 2017-04-27 17:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-11 11:03 - 2017-04-27 17:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-11 11:03 - 2017-04-27 17:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-11 11:03 - 2017-04-27 17:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-11 11:03 - 2017-04-27 17:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-11 11:03 - 2017-04-27 17:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-11 11:03 - 2017-04-27 17:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-11 11:03 - 2017-04-27 17:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-11 11:03 - 2017-04-27 17:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-11 11:03 - 2017-04-27 17:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-11 11:03 - 2017-04-27 16:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-11 11:03 - 2017-04-27 16:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-11 11:03 - 2017-04-27 16:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-11 11:03 - 2017-04-27 16:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-11 11:03 - 2017-04-27 16:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-11 11:03 - 2017-04-27 16:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-11 11:03 - 2017-04-27 16:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-11 11:03 - 2017-04-27 16:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-11 11:03 - 2017-04-27 16:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-11 11:03 - 2017-04-27 16:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-11 11:03 - 2017-04-27 16:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-11 11:03 - 2017-04-27 16:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-11 11:03 - 2017-04-27 16:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-11 11:03 - 2017-04-27 16:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-11 11:03 - 2017-04-27 16:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-11 11:03 - 2017-04-27 16:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-11 11:03 - 2017-04-27 16:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-11 11:03 - 2017-04-27 16:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-11 11:03 - 2017-04-27 16:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-11 11:03 - 2017-04-27 16:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-11 11:03 - 2017-04-27 16:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-11 11:03 - 2017-04-27 16:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-11 11:03 - 2017-04-27 16:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-11 11:03 - 2017-04-27 16:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-11 11:03 - 2017-04-27 16:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-11 11:03 - 2017-04-27 16:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-11 11:03 - 2017-04-27 16:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-11 11:03 - 2017-04-27 16:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-11 11:03 - 2017-04-27 16:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-11 11:03 - 2017-04-27 16:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-11 11:03 - 2017-04-27 16:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-11 11:03 - 2017-04-27 16:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-11 11:03 - 2017-04-27 16:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-11 11:03 - 2017-04-27 16:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-11 11:03 - 2017-04-27 16:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-11 11:03 - 2017-03-03 23:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-11 11:02 - 2017-04-27 17:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-11 11:02 - 2017-04-27 17:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-11 11:02 - 2017-04-27 17:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-11 11:02 - 2017-04-27 17:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-11 11:02 - 2017-04-27 17:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-11 11:02 - 2017-04-27 17:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-11 11:02 - 2017-04-27 17:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-11 11:02 - 2017-04-27 17:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-11 11:02 - 2017-04-27 17:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-11 11:02 - 2017-04-27 17:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-11 11:02 - 2017-04-27 17:40 - 00146784 _____ (Microsoft Corporation)

Sticcs · Jun 1, 2017

C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-11 11:02 - 2017-04-27 17:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-11 11:02 - 2017-04-27 17:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-11 11:02 - 2017-04-27 17:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-11 11:02 - 2017-04-27 17:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-11 11:02 - 2017-04-27 17:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-11 11:02 - 2017-04-27 17:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-11 11:02 - 2017-04-27 17:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-11 11:02 - 2017-04-27 17:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-11 11:02 - 2017-04-27 17:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-11 11:02 - 2017-04-27 17:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-11 11:02 - 2017-04-27 17:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-11 11:02 - 2017-04-27 17:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-11 11:02 - 2017-04-27 17:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-11 11:02 - 2017-04-27 17:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-11 11:02 - 2017-04-27 17:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-11 11:02 - 2017-04-27 17:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-11 11:02 - 2017-04-27 17:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-11 11:02 - 2017-04-27 16:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-11 11:02 - 2017-04-27 16:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-11 11:02 - 2017-04-27 16:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-11 11:02 - 2017-04-27 16:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-11 11:02 - 2017-04-27 16:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-11 11:02 - 2017-04-27 16:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-11 11:02 - 2017-04-27 16:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-11 11:02 - 2017-04-27 16:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-11 11:02 - 2017-04-27 16:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-11 11:02 - 2017-04-27 16:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-11 11:02 - 2017-04-27 16:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-11 11:02 - 2017-04-27 16:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-11 11:02 - 2017-04-27 16:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-11 11:02 - 2017-04-27 16:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-11 11:02 - 2017-04-27 16:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-11 11:02 - 2017-04-27 16:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-11 11:02 - 2017-04-27 16:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-11 11:02 - 2017-04-27 16:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-11 11:02 - 2017-04-27 16:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-11 11:02 - 2017-04-27 16:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-11 11:02 - 2017-04-27 16:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-11 11:02 - 2017-04-27 16:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-11 11:02 - 2017-04-27 16:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-11 11:02 - 2017-04-27 16:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-11 11:02 - 2017-04-27 16:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-11 11:02 - 2017-04-27 16:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-11 11:02 - 2017-04-27 16:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-11 11:02 - 2017-04-27 16:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-11 11:02 - 2017-04-27 16:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-11 11:02 - 2017-04-27 16:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-11 11:02 - 2017-04-27 16:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-11 11:02 - 2017-04-27 16:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-11 11:02 - 2017-04-27 16:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-11 11:02 - 2017-04-27 16:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-11 11:02 - 2017-04-27 16:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-11 11:02 - 2017-04-27 16:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-11 11:02 - 2017-04-27 16:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-11 11:02 - 2017-04-27 16:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-11 11:02 - 2017-04-27 16:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-11 11:02 - 2017-04-27 16:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-11 11:02 - 2017-04-27 16:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-11 11:02 - 2017-04-27 16:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-11 11:02 - 2017-04-27 16:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-11 11:02 - 2016-12-21 00:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-11 10:09 - 2017-05-11 10:09 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-10 17:17 - 2017-05-10 17:17 - 00089525 _____ C:\Users\Sticcs\Downloads\dir.dcr
2017-05-10 17:17 - 2017-05-10 17:17 - 00089525 _____ C:\Users\Sticcs\Downloads\dir (1).dcr
2017-05-10 13:53 - 2017-05-10 17:09 - 00004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-05-06 09:22 - 2017-05-11 20:07 - 00000652 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job
2017-05-06 09:22 - 2017-05-11 20:07 - 00000556 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job
2017-05-04 22:01 - 2017-05-04 22:01 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-22 12:35 - 2017-04-22 12:35 - 00002211 _____ C:\Users\Public\Desktop\Carbonite.lnk
2017-04-22 12:35 - 2017-04-22 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
2017-04-13 22:02 - 2017-04-13 22:02 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-04-12 22:33 - 2017-04-12 22:33 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-04-12 22:33 - 2017-04-12 22:33 - 00002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-04-11 17:50 - 2017-03-27 23:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-11 17:50 - 2017-03-27 22:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-11 17:50 - 2017-03-27 22:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-11 17:50 - 2017-03-27 22:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-11 17:50 - 2017-03-27 22:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-11 17:50 - 2017-03-27 22:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-11 17:50 - 2017-03-27 22:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-11 17:50 - 2017-03-27 22:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-11 17:50 - 2017-03-27 22:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-11 17:50 - 2017-03-27 22:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-11 17:50 - 2017-03-27 22:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-11 17:50 - 2017-03-27 22:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-11 17:50 - 2017-03-27 22:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 17:50 - 2017-03-27 22:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-11 17:50 - 2017-03-27 22:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-11 17:50 - 2017-03-27 22:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-11 17:50 - 2017-03-27 22:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-11 17:50 - 2017-03-27 22:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-11 17:50 - 2017-03-27 22:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-11 17:50 - 2017-03-27 22:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-11 17:50 - 2017-03-27 22:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-11 17:50 - 2017-03-27 22:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-11 17:50 - 2017-03-27 22:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-11 17:50 - 2017-03-27 22:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-11 17:50 - 2017-03-27 22:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-11 17:50 - 2017-03-27 22:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-11 17:50 - 2017-03-27 22:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-11 17:50 - 2017-03-27 22:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-11 17:50 - 2017-03-27 22:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-11 17:50 - 2017-03-27 22:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-11 17:50 - 2017-03-27 22:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-11 17:49 - 2017-03-28 00:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-11 17:49 - 2017-03-27 23:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-11 17:49 - 2017-03-27 23:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-11 17:49 - 2017-03-27 22:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-11 17:49 - 2017-03-27 22:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-11 17:49 - 2017-03-27 22:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-11 17:49 - 2017-03-27 22:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-11 17:49 - 2017-03-27 22:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-11 17:49 - 2017-03-27 22:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-11 17:49 - 2017-03-27 22:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-11 17:49 - 2017-03-27 22:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-11 17:49 - 2017-03-27 22:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-11 17:49 - 2017-03-27 22:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-11 17:49 - 2017-03-27 22:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-11 17:49 - 2017-03-27 22:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-11 17:49 - 2017-03-27 22:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-11 17:49 - 2017-03-15 21:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-11 17:39 - 2017-03-27 22:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-11 17:39 - 2017-03-27 22:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-11 17:39 - 2017-03-27 22:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-11 17:39 - 2017-03-27 22:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-11 17:39 - 2017-03-27 22:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-11 17:39 - 2017-03-27 22:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-11 17:39 - 2017-03-27 22:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-11 17:39 - 2017-03-27 22:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-11 17:39 - 2017-03-27 22:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-11 17:39 - 2017-03-27 22:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-11 17:39 - 2017-03-27 22:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-11 17:38 - 2017-03-27 23:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-11 17:38 - 2017-03-27 23:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-11 17:38 - 2017-03-27 23:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-11 17:38 - 2017-03-27 23:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-11 17:38 - 2017-03-27 23:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-11 17:38 - 2017-03-27 23:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-11 17:38 - 2017-03-27 22:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-11 17:38 - 2017-03-27 22:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-11 17:38 - 2017-03-27 22:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-11 17:38 - 2017-03-27 22:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-11 17:38 - 2017-03-27 22:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-11 17:38 - 2017-03-27 22:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-11 17:38 - 2017-03-27 22:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-11 17:38 - 2017-03-27 22:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-11 17:38 - 2017-03-27 22:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-11 17:38 - 2017-03-27 22:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-11 17:38 - 2017-03-27 22:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-11 17:38 - 2017-03-27 22:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-11 17:38 - 2017-03-27 22:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-11 17:38 - 2017-03-27 22:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-11 17:38 - 2017-03-27 22:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-11 17:38 - 2017-03-27 22:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-11 17:38 - 2017-03-27 22:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-11 17:38 - 2017-03-27 22:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-11 17:38 - 2017-03-27 22:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-11 17:38 - 2017-03-27 22:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-11 17:38 - 2017-03-27 22:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-11 17:38 - 2017-03-27 22:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-11 17:37 - 2017-03-27 23:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-11 17:37 - 2017-03-27 23:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-11 17:37 - 2017-03-27 23:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-11 17:37 - 2017-03-27 23:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-11 17:37 - 2017-03-27 23:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-11 17:37 - 2017-03-27 23:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-11 17:37 - 2017-03-27 22:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-11 17:37 - 2017-03-27 22:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-11 17:37 - 2017-03-27 22:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-11 17:37 - 2017-03-27 22:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-11 17:37 - 2017-03-27 22:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-11 17:37 - 2017-03-27 22:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-11 17:37 - 2017-03-27 22:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-11 17:37 - 2017-03-27 22:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-11 17:37 - 2017-03-27 22:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-11 17:37 - 2017-03-27 22:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-11 17:37 - 2017-03-27 22:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-11 17:37 - 2017-03-27 22:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-11 17:37 - 2017-03-27 22:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-11 17:37 - 2017-03-27 22:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-11 17:37 - 2017-03-27 22:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-11 17:36 - 2017-03-27 23:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-11 17:36 - 2017-03-27 23:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-11 17:36 - 2017-03-27 23:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-11 17:36 - 2017-03-27 23:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-11 17:36 - 2017-03-27 23:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-11 17:36 - 2017-03-27 23:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-11 17:36 - 2017-03-27 23:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-11 17:36 - 2017-03-27 22:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-11 17:36 - 2017-03-27 22:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-11 17:36 - 2017-03-27 22:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-11 17:36 - 2017-03-27 22:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-11 17:36 - 2017-03-27 22:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-11 17:36 - 2017-03-27 22:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-11 17:36 - 2017-03-18 09:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-11 17:36 - 2017-03-18 09:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-11 17:36 - 2017-03-15 21:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-11 16:50 - 2017-05-15 19:34 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-11 16:36 - 2017-04-11 16:36 - 01129376 _____ (Google Inc.) C:\Users\Sticcs\Downloads\ChromeSetup.exe
2017-04-03 12:23 - 2017-04-03 12:23 - 00048414 _____ C:\Users\Sticcs\Downloads\archive.zip
2017-03-27 14:21 - 2017-03-27 14:21 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-03-27 14:21 - 2017-03-27 14:21 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-03-27 14:21 - 2017-03-27 14:21 - 00045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-03-21 23:40 - 2017-03-21 23:40 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-03-21 23:40 - 2017-03-21 23:40 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-03-21 23:40 - 2017-03-21 23:40 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-03-16 19:20 - 2017-03-16 19:20 - 00000000 ____D C:\ProgramData\WinZipEC
2017-03-16 19:19 - 2017-03-16 19:19 - 00000000 ____D C:\Users\Sticcs\AppData\Local\WinZip Courier
2017-03-16 19:19 - 2017-03-16 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Courier
2017-03-16 19:19 - 2017-03-16 19:19 - 00000000 ____D C:\Program Files (x86)\WinZip Courier
2017-03-16 19:16 - 2017-03-16 19:16 - 00003606 _____ C:\WINDOWS\System32\Tasks\WinZipBackGroundToolsTask
2017-03-16 19:15 - 2017-03-16 19:15 - 00003502 _____ C:\WINDOWS\System32\Tasks\WinZip Update Notifier
2017-03-16 19:15 - 2017-03-16 19:15 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2017-03-16 19:15 - 2017-03-16 19:15 - 00002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip Background Tools.lnk
2017-03-16 19:15 - 2017-03-16 19:15 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2017-03-16 19:15 - 2017-03-16 19:15 - 00002109 _____ C:\Users\Public\Desktop\WinZip.lnk
2017-03-16 19:14 - 2017-03-16 19:41 - 00000000 ____D C:\Users\Sticcs\AppData\Local\WinZip
2017-03-16 19:12 - 2017-03-16 19:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-03-16 19:12 - 2017-03-16 19:13 - 00000000 ____D C:\Program Files\WinZip
2017-03-16 18:40 - 2017-03-16 19:17 - 48303104 _____ C:\Users\Sticcs\Downloads\wzcourier70EN.msi
2017-03-16 18:40 - 2017-03-16 18:41 - 146922080 _____ C:\Users\Sticcs\Downloads\winzip210.exe
2017-03-16 18:34 - 2017-03-16 19:38 - 71709442 _____ C:\Users\Sticcs\Downloads\drive-download-20170317T013418Z-001.zip
2017-03-15 10:44 - 2017-03-03 23:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 10:44 - 2017-03-03 23:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 10:44 - 2017-03-03 23:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 10:44 - 2017-03-03 23:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 10:44 - 2017-03-03 23:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 10:44 - 2017-03-03 23:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 10:44 - 2017-03-03 23:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 10:44 - 2017-03-03 23:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 10:44 - 2017-03-03 23:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 10:44 - 2017-03-03 23:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 10:44 - 2017-03-03 23:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 10:44 - 2017-03-03 23:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 10:44 - 2017-03-03 23:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 10:44 - 2017-03-03 23:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 10:44 - 2017-03-03 23:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 10:44 - 2017-03-03 23:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 10:44 - 2017-03-03 23:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 10:44 - 2017-03-03 23:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 10:44 - 2017-03-03 23:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 10:44 - 2017-03-03 23:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 10:44 - 2017-03-03 23:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 10:44 - 2017-03-03 23:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 10:44 - 2017-03-03 23:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 10:44 - 2017-03-03 23:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 10:44 - 2017-03-03 23:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 10:44 - 2017-03-03 23:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 10:44 - 2017-03-03 23:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 10:44 - 2017-03-03 23:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 10:44 - 2017-03-03 23:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 10:44 - 2017-03-03 23:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 10:44 - 2017-03-03 23:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 10:44 - 2017-03-03 23:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 10:44 - 2017-03-03 23:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 10:44 - 2017-03-03 23:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 10:44 - 2017-03-03 23:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 10:43 - 2017-03-04 00:09 - 02206496 _____ (Microsoft Corporation)

Sticcs · Jun 1, 2017

C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 10:43 - 2017-03-04 00:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 10:43 - 2017-03-04 00:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 10:43 - 2017-03-04 00:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 10:43 - 2017-03-03 23:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 10:43 - 2017-03-03 23:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 10:43 - 2017-03-03 23:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 10:43 - 2017-03-03 23:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 10:43 - 2017-03-03 23:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 10:43 - 2017-03-03 23:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 10:43 - 2017-03-03 23:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 10:43 - 2017-03-03 23:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 10:43 - 2017-03-03 23:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 10:43 - 2017-03-03 23:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 10:43 - 2017-03-03 23:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 10:43 - 2017-03-03 23:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 10:43 - 2017-03-03 23:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 10:43 - 2017-03-03 23:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 10:43 - 2017-03-03 23:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 10:43 - 2017-03-03 23:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 10:43 - 2017-03-03 23:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 10:43 - 2017-03-03 23:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 10:43 - 2017-03-03 23:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 10:43 - 2017-03-03 23:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 10:43 - 2017-03-03 23:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 10:43 - 2017-03-03 23:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 10:43 - 2017-03-03 23:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 10:43 - 2017-03-03 23:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 10:43 - 2017-03-03 23:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 10:43 - 2017-03-03 23:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 10:43 - 2017-03-03 23:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 10:43 - 2017-03-03 23:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 10:43 - 2017-03-03 23:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 10:43 - 2017-03-03 23:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 10:43 - 2017-03-03 23:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 10:43 - 2017-03-03 23:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 10:43 - 2017-03-03 23:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 10:43 - 2017-03-03 23:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 10:43 - 2017-03-03 23:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 10:43 - 2017-03-03 23:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 10:43 - 2017-03-03 23:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 10:43 - 2017-03-03 23:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 10:43 - 2017-03-03 23:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 10:43 - 2017-03-03 23:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 10:43 - 2017-03-03 23:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 10:43 - 2017-03-03 23:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 10:43 - 2017-03-03 23:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 10:43 - 2017-03-03 23:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 10:43 - 2017-03-03 23:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 10:43 - 2017-03-03 23:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 10:43 - 2017-03-03 23:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 10:43 - 2017-03-03 23:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 10:43 - 2017-03-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 10:43 - 2017-03-03 23:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 10:43 - 2017-03-03 23:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 10:43 - 2017-03-03 23:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 10:43 - 2017-03-03 23:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 10:43 - 2017-03-03 23:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 10:43 - 2017-03-03 23:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 10:43 - 2017-03-03 23:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 10:43 - 2017-03-03 23:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 10:43 - 2017-03-03 23:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 10:43 - 2017-03-03 23:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 10:43 - 2017-03-03 23:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 10:43 - 2017-03-03 23:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 10:43 - 2017-03-03 23:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 10:43 - 2017-03-03 23:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 10:43 - 2017-03-03 23:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 10:43 - 2017-03-03 23:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 10:43 - 2017-03-03 23:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 10:43 - 2017-03-03 23:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 10:43 - 2017-03-03 23:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 10:43 - 2017-03-03 23:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 10:43 - 2017-03-03 23:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 10:43 - 2017-03-03 23:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 10:43 - 2017-03-03 23:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 10:43 - 2017-03-03 23:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 10:43 - 2017-03-03 23:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 10:43 - 2017-03-03 23:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 10:43 - 2017-03-03 23:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 10:43 - 2017-03-03 23:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 10:43 - 2017-03-03 22:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 10:43 - 2017-03-03 22:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 10:43 - 2017-03-03 22:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 10:43 - 2016-05-29 11:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-15 10:42 - 2017-03-04 00:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 10:42 - 2017-03-04 00:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 10:42 - 2017-03-03 23:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 10:42 - 2017-03-03 23:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 10:42 - 2017-03-03 23:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 10:42 - 2017-03-03 23:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 10:42 - 2017-03-03 23:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 10:42 - 2017-03-03 23:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 10:42 - 2017-03-03 23:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 10:42 - 2017-03-03 23:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 10:42 - 2017-03-03 23:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 10:42 - 2017-03-03 23:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 10:42 - 2017-03-03 23:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 10:42 - 2017-03-03 23:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 10:42 - 2017-03-03 23:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 10:42 - 2017-03-03 23:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 10:42 - 2017-03-03 23:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 10:31 - 2017-03-04 00:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 10:31 - 2017-03-03 23:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 10:31 - 2017-03-03 23:36 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PJLMON.DLL
2017-03-15 10:31 - 2017-03-03 23:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 10:31 - 2017-03-03 23:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 10:31 - 2017-03-03 23:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 10:31 - 2017-03-03 23:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 10:31 - 2017-03-03 23:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 10:31 - 2017-03-03 23:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 10:31 - 2017-03-03 23:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 10:31 - 2017-03-03 23:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 10:31 - 2017-03-03 23:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 10:31 - 2017-03-03 23:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 10:31 - 2017-03-03 23:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 10:31 - 2017-03-03 23:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 10:31 - 2017-03-03 23:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 10:31 - 2017-03-03 23:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 10:31 - 2017-03-03 23:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 10:30 - 2017-03-04 00:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 10:30 - 2017-03-04 00:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 10:30 - 2017-03-04 00:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 10:30 - 2017-03-04 00:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 10:30 - 2017-03-04 00:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 10:30 - 2017-03-04 00:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 10:30 - 2017-03-04 00:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 10:30 - 2017-03-04 00:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 10:30 - 2017-03-03 23:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 10:30 - 2017-03-03 23:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 10:30 - 2017-03-03 23:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 10:30 - 2017-03-03 23:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 10:30 - 2017-03-03 23:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 10:30 - 2017-03-03 23:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 10:30 - 2017-03-03 23:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 10:30 - 2017-03-03 23:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 10:30 - 2017-03-03 23:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 10:30 - 2017-03-03 23:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 10:30 - 2017-03-03 23:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 10:30 - 2017-03-03 23:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 10:30 - 2017-03-03 23:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 10:30 - 2017-03-03 23:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 10:30 - 2017-03-03 23:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 10:30 - 2017-03-03 23:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 10:30 - 2017-03-03 23:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 10:30 - 2017-03-03 23:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 10:30 - 2017-03-03 23:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 10:30 - 2017-03-03 23:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 10:30 - 2017-03-03 23:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 10:30 - 2017-03-03 23:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 10:30 - 2017-03-03 23:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 10:30 - 2017-03-03 23:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 10:30 - 2017-03-03 23:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 10:30 - 2017-03-03 23:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 10:30 - 2017-03-03 23:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 10:30 - 2017-03-03 23:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 10:30 - 2017-03-03 23:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 10:30 - 2017-03-03 23:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 10:30 - 2017-03-03 23:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 10:30 - 2017-03-03 23:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 10:30 - 2017-03-03 23:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 10:30 - 2017-03-03 23:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 10:30 - 2017-03-03 23:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 10:30 - 2017-03-03 23:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 10:30 - 2017-03-03 23:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 10:30 - 2017-03-03 23:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 10:30 - 2017-03-03 23:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 10:30 - 2017-02-21 19:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 10:30 - 2016-07-15 19:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 10:30 - 2016-07-15 19:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 10:30 - 2016-07-15 19:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 10:29 - 2017-03-04 00:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 10:29 - 2017-03-04 00:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 10:29 - 2017-03-04 00:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 10:29 - 2017-03-04 00:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 10:29 - 2017-03-04 00:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 10:29 - 2017-03-04 00:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 10:29 - 2017-03-04 00:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-15 10:29 - 2017-03-04 00:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 10:29 - 2017-03-04 00:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 10:29 - 2017-03-04 00:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 10:29 - 2017-03-04 00:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 10:29 - 2017-03-04 00:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 10:29 - 2017-03-04 00:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 10:29 - 2017-03-04 00:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 10:29 - 2017-03-03 23:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 10:29 - 2017-03-03 23:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 10:29 - 2017-03-03 23:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 10:29 - 2017-03-03 23:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 10:29 - 2017-03-03 23:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 10:29 - 2017-03-03 23:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 10:29 - 2017-03-03 23:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 10:29 - 2017-03-03 23:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 10:29 - 2017-03-03 23:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 10:29 - 2017-03-03 23:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 10:29 - 2017-03-03 23:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 10:29 - 2017-03-03 23:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 10:29 - 2017-03-03 23:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 10:29 - 2017-03-03 23:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 10:29 - 2017-03-03 23:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 10:29 - 2017-03-03 23:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 10:29 - 2017-03-03 23:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 10:29 - 2017-03-03 23:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 10:29 - 2017-03-03 23:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 10:29 - 2017-03-03 23:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 10:29 - 2017-03-03 23:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 10:29 - 2017-03-03 23:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 10:29 - 2017-03-03 23:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 10:29 - 2017-03-03 23:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 10:29 - 2017-03-03 23:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 10:29 - 2017-03-03 23:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 10:29 - 2017-03-03 23:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 10:29 - 2017-03-03 23:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 10:29 - 2017-03-03 23:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 10:29 - 2017-03-03 23:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 10:29 - 2017-03-03 23:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 10:29 - 2017-03-03 23:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 10:29 - 2017-03-03 23:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 10:29 - 2017-03-03 23:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 10:29 - 2017-03-03 23:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 10:29 - 2017-03-03 23:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 10:29 - 2017-03-03 23:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 10:29 - 2017-03-03 23:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 10:29 - 2017-03-03 23:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 10:29 - 2017-03-03 23:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 10:29 - 2017-03-03 23:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 10:29 - 2017-03-03 23:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 10:29 - 2017-03-03 23:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 10:29 - 2017-03-03 23:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 10:29 - 2017-03-03 23:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 10:29 - 2017-03-03 23:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 10:29 - 2017-03-03 23:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 10:29 - 2017-03-03 23:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 10:29 - 2017-03-03 23:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 10:29 - 2017-03-03 23:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 10:29 - 2017-03-03 23:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 10:29 - 2017-03-03 23:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 10:29 - 2017-03-03 23:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 10:29 - 2017-03-03 23:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 10:29 - 2017-03-03 23:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 10:29 - 2017-03-03 23:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 10:29 - 2017-03-03 23:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 10:29 - 2017-03-03 23:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 10:29 - 2017-03-03 23:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 10:29 - 2017-03-03 23:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 10:28 - 2017-03-04 00:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 10:28 - 2017-03-04 00:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 10:28 - 2017-03-04 00:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 10:28 - 2017-03-04 00:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 10:28 - 2017-03-04 00:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 10:28 - 2017-03-04 00:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 10:28 - 2017-03-04 00:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 10:28 - 2017-03-04 00:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 10:28 - 2017-03-04 00:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 10:28 - 2017-03-03 23:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 10:28 - 2017-03-03 23:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 10:28 - 2017-03-03 23:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 10:28 - 2017-03-03 23:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 10:28 - 2017-03-03 23:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 10:28 - 2017-03-03 23:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 10:28 - 2017-03-03 23:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 10:28 - 2017-03-03 23:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 10:28 - 2017-03-03 23:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 10:28 - 2017-03-03 23:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 10:28 - 2017-03-03 23:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 10:28 - 2017-03-03 23:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 10:28 - 2017-03-03 23:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 10:28 - 2017-03-03 23:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 10:28 - 2017-03-03 23:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 10:28 - 2017-03-03 23:20 - 01414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 10:28 - 2017-03-03 23:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 10:28 - 2017-03-03 23:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 10:28 - 2017-03-03 23:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 10:28 - 2017-03-03 23:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 10:28 - 2017-03-03 23:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 10:28 - 2017-03-03 23:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 10:28 - 2017-03-03 23:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 10:28 - 2017-03-03 23:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 10:28 - 2017-03-03 23:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 10:28 - 2017-03-03 23:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 10:28 - 2017-03-03 23:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 10:28 - 2017-03-03 23:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 10:28 - 2017-03-03 23:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 10:28 - 2017-03-03 23:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 10:28 - 2017-03-03 23:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 10:28 - 2017-03-03 23:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 10:27 - 2017-03-04 00:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 10:27 - 2017-03-04 00:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 10:27 - 2017-03-04 00:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 10:27 - 2017-03-04 00:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 10:27 - 2017-03-04 00:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 10:27 - 2017-03-04 00:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 10:27 - 2017-03-04 00:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 10:27 - 2017-03-04 00:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 10:27 - 2017-03-04 00:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 10:27 - 2017-03-04 00:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 10:27 - 2017-03-04 00:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 10:27 - 2017-03-04 00:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 10:27 - 2017-03-04 00:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 10:27 - 2017-03-04 00:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 10:27 - 2017-03-03 23:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 10:27 - 2017-03-03 23:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 10:27 - 2017-03-03 23:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 10:27 - 2017-03-03 23:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 10:27 - 2017-03-03 23:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 10:27 - 2017-03-03 23:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 10:27 - 2017-03-03 23:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 10:27 - 2017-03-03 23:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 10:27 - 2017-03-03 23:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 10:27 - 2017-03-03 23:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 10:27 - 2017-03-03 23:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 10:27 - 2017-03-03 23:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 10:27 - 2017-03-03 23:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 10:27 - 2017-03-03 23:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 10:27 - 2017-03-03 23:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 10:27 - 2017-03-03 23:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 10:27 - 2017-03-03 23:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 10:27 - 2017-03-03 23:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 10:27 - 2017-03-03 23:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 10:27 - 2017-03-03 23:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 10:27 - 2017-03-03 23:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 10:27 - 2017-03-03 23:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 10:27 - 2017-03-03 23:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 10:26 - 2017-03-04 00:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 10:26 - 2017-03-04 00:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 10:26 - 2017-03-04 00:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 10:26 - 2017-03-04 00:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 10:26 - 2017-03-04 00:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 10:26 - 2017-03-04 00:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 10:26 - 2017-03-03 23:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 10:26 - 2017-03-03 23:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 10:26 - 2017-03-03 23:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 10:26 - 2017-03-03 23:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 10:26 - 2017-03-03 23:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 10:26 - 2017-03-03 23:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 10:26 - 2017-03-03 23:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 10:26 - 2017-03-03 23:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 10:26 - 2017-03-03 23:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 10:26 - 2017-03-03 23:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 10:26 - 2017-03-03 23:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 10:26 - 2017-03-03 23:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 10:25 - 2017-03-04 00:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 10:25 - 2017-03-04 00:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 10:25 - 2017-03-04 00:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 10:25 - 2017-03-04 00:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 10:25 - 2017-03-04 00:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 10:25 - 2017-03-03 23:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 10:25 - 2017-03-03 23:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 10:25 - 2017-03-03 23:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll

Sticcs · Jun 1, 2017

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-01 11:33 - 2016-09-28 13:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-01 11:12 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-01 11:12 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-01 02:00 - 2014-08-24 12:17 - 00000000 ____D C:\Users\Sticcs\AppData\Local\Adobe
2017-05-31 21:59 - 2015-10-23 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-05-31 21:57 - 2015-11-28 19:21 - 00000000 ____D C:\Users\Sticcs\AppData\Local\Packages
2017-05-31 19:27 - 2016-07-15 23:04 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-31 18:35 - 2016-09-28 14:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-31 18:34 - 2016-07-15 23:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 15:59 - 2016-06-30 11:30 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-05-31 13:11 - 2013-08-01 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-05-31 13:11 - 2013-08-01 20:44 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2017-05-31 06:21 - 2009-07-13 20:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-31 02:34 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-31 02:34 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-31 02:02 - 2010-11-20 20:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-31 01:47 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-26 03:12 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 03:05 - 2011-08-29 02:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-24 22:57 - 2014-07-27 22:37 - 00000000 ___RD C:\Users\Sticcs\OneDrive
2017-05-22 23:27 - 2013-07-16 03:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 23:16 - 2011-08-28 01:37 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-15 19:34 - 2011-08-27 02:20 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-14 16:05 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 21:16 - 2015-11-28 19:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 20:13 - 2016-09-28 13:56 - 01179284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-11 20:07 - 2016-09-28 13:48 - 00373504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-11 20:03 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-11 20:03 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 17:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-10 17:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-06 09:22 - 2016-09-28 14:34 - 00003812 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001
2017-05-06 09:22 - 2016-09-28 14:34 - 00003716 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001

==================== Files in the root of some directories =======

2014-11-27 00:35 - 2015-09-12 03:04 - 0000112 _____ () C:\Users\Sticcs\AppData\Roaming\JP2K CS6 Prefs
2014-10-14 09:52 - 2014-12-21 17:20 - 0001456 _____ () C:\Users\Sticcs\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-05 12:08 - 2014-10-05 12:08 - 0002143 _____ () C:\Users\Sticcs\AppData\Local\recently-used.xbel
2011-12-22 19:17 - 2011-12-22 19:17 - 0000000 _____ () C:\Users\Sticcs\AppData\Local\{63360EDD-FB10-487E-AC49-99680D734EC2}
2014-02-14 06:28 - 2014-02-14 06:28 - 0002416 _____ () C:\ProgramData\.ico
2016-12-19 16:23 - 2016-12-19 16:23 - 0029042 _____ () C:\ProgramData\agent.1482189824.bdinstall.bin
2015-10-23 21:43 - 2015-10-23 21:43 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
2017-05-31 03:29 - 2016-11-11 03:13 - 1886344 _____ (Microsoft Corporation) C:\Users\Sticcs\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {72caf626-85c4-11e6-ae55-deacfc6ae717}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {35896ca3-9638-11e5-8b1b-cc9f5e2b6d4d}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{35896ca4-9638-11e5-8b1b-cc9f5e2b6d4d}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{35896ca4-9638-11e5-8b1b-cc9f5e2b6d4d}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale en-US
inherit {bootloadersettings}
recoverysequence {ec6aeaae-85c4-11e6-ae55-deacfc6ae717}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {72caf626-85c4-11e6-ae55-deacfc6ae717}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {7b397ca5-d0f3-11e0-bfdd-a73c362cf0dc}
device ramdisk=[C:]\Recovery\7b397ca5-d0f3-11e0-bfdd-a73c362cf0dc\Winre.wim,{7b397ca6-d0f3-11e0-bfdd-a73c362cf0dc}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\7b397ca5-d0f3-11e0-bfdd-a73c362cf0dc\Winre.wim,{7b397ca6-d0f3-11e0-bfdd-a73c362cf0dc}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {ec6aeaae-85c4-11e6-ae55-deacfc6ae717}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{ec6aeaaf-85c4-11e6-ae55-deacfc6ae717}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{ec6aeaaf-85c4-11e6-ae55-deacfc6ae717}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {f75d4240-b20f-11e5-9bca-ab588b729f45}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{f75d4241-b20f-11e5-9bca-ab588b729f45}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{f75d4241-b20f-11e5-9bca-ab588b729f45}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {7225479f-b20f-11e5-9bca-ab588b729f45}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {f75d4240-b20f-11e5-9bca-ab588b729f45}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {72caf626-85c4-11e6-ae55-deacfc6ae717}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {ec6aeaae-85c4-11e6-ae55-deacfc6ae717}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {7b397ca3-d0f3-11e0-bfdd-a73c362cf0dc}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {d957f37d-9637-11e5-8b1b-cc9f5e2b6d4d}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {35896ca3-9638-11e5-8b1b-cc9f5e2b6d4d}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {1535ecc6-b20a-11e5-9bc4-f46d04efdf2e}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Device options
--------------
identifier {35896ca4-9638-11e5-8b1b-cc9f5e2b6d4d}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier {7b397ca6-d0f3-11e0-bfdd-a73c362cf0dc}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\7b397ca5-d0f3-11e0-bfdd-a73c362cf0dc\boot.sdi

Device options
--------------
identifier {7b397ca7-d0f3-11e0-bfdd-a73c362cf0dc}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Device options
--------------
identifier {ec6aeaaf-85c4-11e6-ae55-deacfc6ae717}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Device options
--------------
identifier {f24443ad-85b6-11e6-9bdc-f46d04efdf2e}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Device options
--------------
identifier {f75d4241-b20f-11e5-9bca-ab588b729f45}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi

LastRegBack: 2017-05-27 17:38

==================== End of FRST.txt ============================

Sticcs · Jun 1, 2017

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-05-2017
Ran by Sticcs (01-06-2017 12:25:55)
Running from C:\Users\Sticcs\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-28 21:39:24)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3011202683-1613651232-3371837574-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3011202683-1613651232-3371837574-503 - Limited - Disabled)
Guest (S-1-5-21-3011202683-1613651232-3371837574-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3011202683-1613651232-3371837574-1003 - Limited - Enabled)
Sticcs (S-1-5-21-3011202683-1613651232-3371837574-1001 - Administrator - Enabled) => C:\Users\Sticcs

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.6 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0) (Version: 17.0.0 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Carbonite (HKLM-x32\...\{543E55B3-8630-49A9-9BB0-DA68F079FF36}) (Version: 6.2.3 build 6861 (Mar-23-2017) - Carbonite)
Citrix Online Launcher (HKLM-x32\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix)
Dropbox (HKLM-x32\...\Dropbox) (Version: 27.4.22 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
EA SPORTS Game Face Browser Plugin 1.5.3.0 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.5.3.0 - Electronic Arts)
FileZilla Client 3.14.1 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FinalTorrent 2012 (HKLM-x32\...\FinalTorrent_is1) (Version: 2012.12.09.27 - Bitberry Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GoToMeeting 8.5.0.6956 (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\GoToMeeting) (Version: 8.5.0.6956 - CitrixOnline)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8610 Basic Device Software (HKLM\...\{39DA3F40-0B9E-4002-8E01-108FEC9EFE43}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Help (HKLM-x32\...\{F9569D00-4576-46C8-B6C7-207A4FD39745}) (Version: 32.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}) (Version: 6.2.2.39 - Apple Inc.)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Mobile Drivers Installation 5.2.0 (HKLM\...\{1CCF1727-A817-4FEE-A028-5466FB542934}) (Version: 5.2.0 - Motorola Inc.)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
QuickBooks (x32 Version: 26.0.4005.2607 - Intuit Inc.) Hidden
QuickBooks Enterprise Solutions: Mfg and Whsle Edition 16.0 (HKLM-x32\...\{E201B39C-FFFF-46D5-A5FB-081A503221C3}) (Version: 26.0.4005.2607 - Intuit Inc.)
QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RogueKiller version 12.11.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.0.0 - Adlice Software)
RSDLite (HKLM-x32\...\{F4943DDC-2FF8-486B-B354-87571D401222}) (Version: 5.5 - Motorola)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Soda Manager (x32 Version: 7.0.0.21720 - LULU Software Limited) Hidden
Soda PDF 7 (HKLM-x32\...\Soda7) (Version: 7.3.9.23867 - LULU Software Limited)
Soda PDF 7 Asian Fonts Pack (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Convert Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Create Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Edit Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Forms Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Insert Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 OCR Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Review Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 Secure Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
Soda PDF 7 View Module (x32 Version: 7.3.9.23791 - LULU Software Limited) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
TSP100 Setup Version 5.5.0 (HKLM\...\{31ACC706-01DA-4D97-A90E-F770A55D5916}) (Version: 5.5.0 - Star Micronics)
TuneUp 3.0.7.0 (HKLM-x32\...\TuneUpMedia) (Version: 3.0.7.0 - TuneUp Media, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
WinZip Courier (HKLM-x32\...\{D011655B-0753-4C2A-B870-946C5B02F54F}) (Version: 7.0.0 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F1FC536CDDF0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{943F19B2-32F9-4373-8D4C-DBE62B95F2CF}\InprocServer32 -> C:\Program Files (x86)\WinZip Courier\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013C10F0-A859-4A1B-BA64-A11EC00BCC7A} - System32\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupdate.exe [2017-05-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {02F2B260-5D6C-4150-9442-526810CB032E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {03A2DD48-F7D8-4E9D-ABE5-110B29B3C749} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {07797901-E6C1-4E0A-B26B-075BA5D5BEEC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {08A04474-75FD-43C1-A3B1-85BC97FE4E1C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {098E9B75-DA2A-48D9-9CA1-6EB46D21D9A1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {0A40A369-D39C-48EB-A220-F896BC216BFE} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8bf46a908ed6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {0E59D367-2CF6-4594-8545-4AC968C548A3} - System32\Tasks\AdobeAAMUpdater-1.0-PEGASUS-Sticcs => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {1158522E-4D87-40F6-AB7B-5E0477E535DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {19670B32-5938-4052-B583-CD574FAB3619} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8bf46e56578a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {1C6C0739-C492-4D8C-B373-E539929BF044} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {27A9C3D4-10F3-4CAC-85C7-38593206CC5B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {28757728-73FE-413C-8FA5-8AAB323F7762} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {28DB202A-0B04-4867-85CC-987B324ED271} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-02-10] (WinZip)
Task: {2FCAA06C-E4B7-4A11-ACFD-19E8487B9741} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3287231C-2C63-4FAE-A67D-FA063380A3A6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3E79F3FC-E553-469E-A8C4-576ED41C6399} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {453A38AD-60C4-4A89-B817-048AFFEC8568} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4637146B-443F-4E6E-8C0E-9450D599F50C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {473E7468-227C-4F77-A0E1-674D1200E44C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {4A8EAF1E-E635-4AB3-9E19-FC46F3B323D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {4C2A3E50-5F7C-4130-99E1-3B51AA61B5DA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5051C1DD-E3FA-4ED9-85DD-4F84517B50F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {517E5EF0-1D37-482C-8EFD-F617B2DB70AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {51C9966A-DA4C-4E4E-962B-32DCE4348A33} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {52961676-3AD2-404B-8B49-31AFC0549EEC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5740183E-4BF2-43D3-93DC-7D0DD2B3B03E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {59FE3600-A363-46AC-84D5-9C5247D03DF8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {609479A1-FFB8-428D-9186-162F91906BEE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6688F733-BE49-464F-AFE6-090D1BAE8E86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {696416CC-D7FB-4083-BD5D-8135661849C4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {69A4BEB8-2FD9-4453-B8BC-9C40274CBEBD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {6B550E4A-EC35-4CBC-910F-272B74A0BC45} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {6BC5D775-CB95-4A16-8C87-26880ACBB8C5} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2017-02-10] (WinZip Computing, S.L.)
Task: {71E07A34-1E9F-45E3-9F3D-0A8192FF491B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {741A79F1-71FE-4DCC-AF3D-850A34626A3C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7E76D4A5-B455-4712-A848-8584D0261457} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {80608C90-F742-47AB-8903-B7774157D9DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {83CB4DE9-458D-4651-8C81-1BD59B601015} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {87290DB9-99DB-42DE-A278-2C8D841C426E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-30] (Dropbox, Inc.)
Task: {893C1780-8C69-4FB8-8056-9520D6B70FCE} - System32\Tasks\{C7F0C6CE-2690-419B-B803-A3F8A8A76F8C} => pcalua.exe -a C:\Users\Sticcs\AppData\Local\TNT2\2.0.0.1676\TNT2User.exe -c /UNINSTALL PARTNER=10753
Task: {8A99F3C3-A930-4113-9098-D1D1FB19DF46} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {8AE114FF-6AD3-4C75-8448-354B0555EAE1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {8B32D6B0-5A92-433E-A159-E26434FCFDB3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {8EC7E5D9-3AA2-4E2B-8FDD-3F16C55B8F80} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {95D9E775-0DDD-4866-B097-9F436032300E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {97ADDEDD-F4FD-4F68-9B54-EE0624B808E1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {9AC18200-C08B-4167-B072-9CB266F03A7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9BEDD5BF-BF3D-41E2-8AC8-3E47A24C9E34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {A1EB4A89-99EF-497A-98BB-9FAAC57F8F86} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {B2A9E16D-4BB7-47F4-9E43-7283AB6C2F4E} - System32\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupload.exe [2017-05-06] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B46A80EB-E293-40EA-AB15-536F92743709} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-22] (Microsoft Corporation)
Task: {B66E8B69-614E-46F8-940C-EE7ED557A7C9} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {BAE31544-4B2A-4096-A6BB-081E9CE5B951} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-30] (Dropbox, Inc.)
Task: {C031E3FB-70DA-4A04-B55E-BE2895A6CFDD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-h_sticcs@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C5FE8148-966D-4523-A3C3-F5E7C3EBAA6A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C75A7FEE-B959-46B5-AA31-8718BB647472} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {C804145D-B04E-40F5-BAE3-710F3C0C6A80} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {CD664968-5283-49B6-8E8C-CEE335E61C4F} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D4062A1B-A014-4C40-936C-F70CEB917039} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D5B5C27B-717E-460F-A02F-D26D97EE85D3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {D73FA222-9BEF-4FE4-8CE8-9D47C07ECA74} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {DA221EFA-9435-4B25-90C8-EE812FC557FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {ED2683AF-2635-4F83-9182-22C93BABCA36} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {F1E524AC-5B6A-4B01-9FA8-40DD0097BF87} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {F63B0AB3-620C-4E6B-A3BB-EDC6C9AEDCFD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {FAA56E5E-A86E-49DE-8458-857F01072EAE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {FEBBEC4F-663C-4080-9BF9-2681B1391913} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe

Sticcs · Jun 1, 2017

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3011202683-1613651232-3371837574-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\6956\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 04:42 - 2016-07-16 04:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 11:04 - 2017-04-27 17:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-26 00:47 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-03-15 10:27 - 2017-03-03 23:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 10:26 - 2017-03-03 23:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 10:27 - 2017-03-03 23:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-11 11:03 - 2017-04-27 16:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 11:03 - 2017-04-27 16:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-28 14:39 - 2016-09-28 14:39 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 10:30 - 2017-03-03 23:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-10-16 03:02 - 2015-10-16 03:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-06-01 11:11 - 2017-06-01 11:11 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_29.29.31001.0_x64__8wekyb3d8bbwe\XboxApp.exe
2017-06-01 11:11 - 2017-06-01 11:11 - 33855488 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_29.29.31001.0_x64__8wekyb3d8bbwe\XboxApp.dll
2016-07-30 11:34 - 2016-07-30 11:35 - 01651112 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_29.29.31001.0_x64__8wekyb3d8bbwe\winsdkfb.dll
2017-05-15 19:34 - 2017-05-09 02:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-15 19:34 - 2017-05-09 02:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP

1B5B4F1 [294]
AlternateDataStreams: C:\ProgramData\TEMP

FC5A2B2 [105]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Sticcs\Downloads\chromeinstall-7u65.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\CreativeCloudSet-Up (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\CreativeCloudSet-Up.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\DivXInstaller (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\DropboxInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\FileZilla_3.14.1_win64-setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\GoogleChromeSetup-21409441.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPPSdr (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPPSdr.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\install_flashplayer14x32au_ltr5x64d_awc_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\MicrosoftFixit.Printing.Run.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup.X86.en-US_O365HomePremRetail_e5a9a73f-ddd7-45cf-abb0-d8954c856657_TX_PR_.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Soda_PDF_7_Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\TeamViewer_Setup_en-khm.exe:BDU [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-01-11 18:46 - 2016-12-19 15:53 - 00000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sticcs\AppData\Local\Microsoft\Windows\Themes\NASA Spac\DesktopBackground\3_sunrise_in_space.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: PCTools FGuard =>
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Web Connector.lnk"
HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TSP100ecoOndemand"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "LTCM Client"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\StartupFolder: => "PlutoTV.lnk"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "Bitdefender Wallet Application Agent"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "Bitdefender Wallet Agent"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "HP Officejet Pro 8610 (NET)"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BDC7FA48-27EF-46C7-B214-09E871F9DF07}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0E37A815-CAB7-40C8-905E-098C6FBEC4B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D259F768-AB4B-473A-BBEF-82774FAE5D7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FDD07FE5-B397-4B9E-A980-FF932488B3DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{339AE67C-72C0-4802-A609-5AFAC31BD972}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90C69118-99F4-4803-93A6-86240E3EC73E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A140D7D9-1980-4745-92BF-A76F7A2EFD10}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22382CCD-EE50-4D9C-8D45-4128384ADB6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9BB40D75-7604-4C72-8322-E4C8E3B6B288}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2A723A2A-848F-4F4E-A681-8C409D7F8668}] => (Allow) LPort=5357
FirewallRules: [{39838AA4-861C-4D6E-BCE9-EB2EC2CFB598}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\Bin\DeviceSetup.exe
FirewallRules: [{1B32C502-34AB-47A9-B044-4036365DE0AD}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\SendAFax.exe
FirewallRules: [{1D8117D1-E650-408E-B019-06EED98F0F9D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\DigitalWizards.exe
FirewallRules: [{D9233A11-37E6-47FA-9586-3EBC831ED26D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8610\bin\FaxApplications.exe
FirewallRules: [{666EDD3F-DBD0-4C25-84D0-F60F3A6EEB51}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FE35B98-4C8C-4105-AF17-470DCA7DB92F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AA34A70A-5C5E-498F-834B-E19332390181}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{3D55B340-683F-4ABB-8220-3F54DBEA0D8D}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{535213C5-EB1E-467C-9DBC-B20787E40B93}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1C49C25E-F6F2-4E71-83DD-9486779BE795}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{65FD38FB-8E09-4D2B-9819-56F5801749BD}] => (Allow) G:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{BE498799-698B-4644-B61F-FEB0FD084F5F}] => (Allow) G:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{1967688B-4770-47A6-BB8D-75EC6EA2BF30}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C344FD89-1EA5-4405-B8E6-742596325ABF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{49662046-428B-4472-96C2-8BF7447559E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8489778E-A8E3-4EE7-BF62-96F9D78BB6CC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{89510009-8EA4-4EBC-A77C-21C03E6EE682}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

28-05-2017 20:47:28 Scheduled Checkpoint
31-05-2017 13:08:57 Removed Software Updater
31-05-2017 19:04:45 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2017 04:31:00 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\program files (x86)\microsoft office\office12\MSACCESS.EXE.Manifest".
Dependent Assembly AceDAO,language="*",processorArchitecture="X86",type="win32",version="12.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/01/2017 04:30:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Error: (06/01/2017 04:29:55 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\WinZip Courier\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files (x86)\WinZip Courier\adxloader.dll.Manifest" on line 2.
The manifest file root element must be assembly.

Error: (06/01/2017 04:29:08 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files\WinZip\adxloader.dll.Manifest".Error in manifest or policy file "C:\Program Files\WinZip\adxloader.dll.Manifest" on line 2.
The manifest file root element must be assembly.

Error: (05/31/2017 11:43:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2
Faulting module name: msvcrt.dll, version: 7.0.14393.0, time stamp: 0x57899b47
Exception code: 0xc0000005
Fault offset: 0x000000000005b1bd
Faulting process id: 0x1864
Faulting application start time: 0x01d2daa236d983cf
Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Faulting module path: C:\WINDOWS\System32\msvcrt.dll
Report Id: 78531c35-6c45-4601-9a27-598e61380ca9
Faulting package full name:
Faulting package-relative application ID:

Error: (05/31/2017 07:05:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/31/2017 03:58:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2
Faulting module name: NetEventPacketCapture.dll, version: 10.0.14393.953, time stamp: 0x58ba5f01
Exception code: 0xc0000005
Fault offset: 0x00000000000160d3
Faulting process id: 0x63c
Faulting application start time: 0x01d2da60dbeba471
Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Faulting module path: C:\WINDOWS\system32\wbem\NetEventPacketCapture.dll
Report Id: 5451d906-39c5-4be0-991d-b1cb4a34f09f
Faulting package full name:
Faulting package-relative application ID:

Error: (05/31/2017 01:09:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/31/2017 12:58:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PEGASUS)
Description: Package Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe+MicrosoftEdge was terminated because it took too long to suspend.

Error: (05/31/2017 06:22:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.14393.0, time stamp: 0x57899ab2
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f
Exception code: 0xc0000374
Fault offset: 0x00000000000f8283
Faulting process id: 0x1050
Faulting application start time: 0x01d2da10bdcefad6
Faulting application path: C:\WINDOWS\system32\wbem\wmiprvse.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 1d502e41-cb64-4324-8b7e-cb89c7ec7b16
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (06/01/2017 05:34:48 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/01/2017 05:34:40 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/01/2017 05:34:09 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/01/2017 05:33:22 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/01/2017 05:30:42 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/01/2017 05:30:39 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (06/01/2017 05:30:36 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (05/31/2017 06:53:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/31/2017 06:35:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CarboniteService service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (05/31/2017 06:35:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the CarboniteService service to connect.

CodeIntegrity:
===================================
Date: 2017-05-31 01:27:08.406
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-31 01:27:08.395
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:02.125
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:02.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:00.657
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:00.655
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-21 19:25:00.642
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:12:21.393
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:12:21.388
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-01-17 21:12:21.356
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 910 Processor
Percentage of memory in use: 47%
Total physical RAM: 4095.05 MB
Available physical RAM: 2146.5 MB
Total Virtual: 8191.05 MB
Available Virtual: 6105.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:917.1 GB) (Free:668.4 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:989.71 GB) NTFS
Drive e: (FACTORY_IMAGE) (Fixed) (Total:13.97 GB) (Free:1.9 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:3.79 GB) (Free:2.11 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=917.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Size: 3.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · Jun 1, 2017

Pretty sure the Virus is still here

What actual virus are you referring to?

Version 3.x of MBAM is a full AV program. That's probably the reason Windows Defender doesn't want to run.
If you still wish to run both see here: https://forums.malwarebytes.com/topic/200162-exclusions-for-windows-defender-users/

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Sticcs · Jun 4, 2017

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by Sticcs (04-06-2017 00:31:21) Run:1
Running from C:\Users\Sticcs\Desktop
Loaded Profiles: Sticcs (Available Profiles: Sticcs & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001 -> No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; no ImagePath
2014-11-27 00:35 - 2015-09-12 03:04 - 0000112 _____ () C:\Users\Sticcs\AppData\Roaming\JP2K CS6 Prefs
2014-10-14 09:52 - 2014-12-21 17:20 - 0001456 _____ () C:\Users\Sticcs\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-05 12:08 - 2014-10-05 12:08 - 0002143 _____ () C:\Users\Sticcs\AppData\Local\recently-used.xbel
2011-12-22 19:17 - 2011-12-22 19:17 - 0000000 _____ () C:\Users\Sticcs\AppData\Local\{63360EDD-FB10-487E-AC49-99680D734EC2}
2014-02-14 06:28 - 2014-02-14 06:28 - 0002416 _____ () C:\ProgramData\.ico
2016-12-19 16:23 - 2016-12-19 16:23 - 0029042 _____ () C:\ProgramData\agent.1482189824.bdinstall.bin
2015-10-23 21:43 - 2015-10-23 21:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-05-31 03:29 - 2016-11-11 03:13 - 1886344 _____ (Microsoft Corporation) C:\Users\Sticcs\AppData\Local\Temp\dllnt_dump.dll
CustomCLSID: HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F1FC536CDDF0}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {07797901-E6C1-4E0A-B26B-075BA5D5BEEC} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1158522E-4D87-40F6-AB7B-5E0477E535DE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {28757728-73FE-413C-8FA5-8AAB323F7762} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {2FCAA06C-E4B7-4A11-ACFD-19E8487B9741} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {3287231C-2C63-4FAE-A67D-FA063380A3A6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {453A38AD-60C4-4A89-B817-048AFFEC8568} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4C2A3E50-5F7C-4130-99E1-3B51AA61B5DA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5051C1DD-E3FA-4ED9-85DD-4F84517B50F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {52961676-3AD2-404B-8B49-31AFC0549EEC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {71E07A34-1E9F-45E3-9F3D-0A8192FF491B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9AC18200-C08B-4167-B072-9CB266F03A7A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D4062A1B-A014-4C40-936C-F70CEB917039} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 [127]
AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 [244]
AlternateDataStreams: C:\ProgramData\TEMP

1B5B4F1 [294]
AlternateDataStreams: C:\ProgramData\TEMP

FC5A2B2 [105]
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Sticcs\Downloads\chromeinstall-7u65.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\CreativeCloudSet-Up (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\CreativeCloudSet-Up.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\DivXInstaller (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\DropboxInstaller.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\FileZilla_3.14.1_win64-setup.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\GoogleChromeSetup-21409441.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPPSdr (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPPSdr.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\install_flashplayer14x32au_ltr5x64d_awc_aih.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\MicrosoftFixit.Printing.Run.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup.X86.en-US_O365HomePremRetail_e5a9a73f-ddd7-45cf-abb0-d8954c856657_TX_PR_.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial (1).exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\Soda_PDF_7_Installer.exe:BDU [0]
AlternateDataStreams: C:\Users\Sticcs\Downloads\TeamViewer_Setup_en-khm.exe:BDU [0]

*****************

HKLM\SOFTWARE\Policies\Google => key removed successfully
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} => value removed successfully
HKCR\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825} => key not found.
HKLM\System\CurrentControlSet\Services\b06bdrv => key removed successfully
b06bdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\dbx => key removed successfully
dbx => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\Users\Sticcs\AppData\Roaming\JP2K CS6 Prefs => moved successfully
C:\Users\Sticcs\AppData\Local\Adobe Save for Web 13.0 Prefs => moved successfully
C:\Users\Sticcs\AppData\Local\recently-used.xbel => moved successfully
C:\Users\Sticcs\AppData\Local\{63360EDD-FB10-487E-AC49-99680D734EC2} => moved successfully
C:\ProgramData\.ico => moved successfully
C:\ProgramData\agent.1482189824.bdinstall.bin => moved successfully
C:\ProgramData\Ament.ini => moved successfully
C:\Users\Sticcs\AppData\Local\Temp\dllnt_dump.dll => moved successfully
HKU\S-1-5-21-3011202683-1613651232-3371837574-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-F1FC536CDDF0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07797901-E6C1-4E0A-B26B-075BA5D5BEEC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07797901-E6C1-4E0A-B26B-075BA5D5BEEC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1158522E-4D87-40F6-AB7B-5E0477E535DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1158522E-4D87-40F6-AB7B-5E0477E535DE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28757728-73FE-413C-8FA5-8AAB323F7762} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28757728-73FE-413C-8FA5-8AAB323F7762} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FCAA06C-E4B7-4A11-ACFD-19E8487B9741} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FCAA06C-E4B7-4A11-ACFD-19E8487B9741} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3287231C-2C63-4FAE-A67D-FA063380A3A6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3287231C-2C63-4FAE-A67D-FA063380A3A6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{453A38AD-60C4-4A89-B817-048AFFEC8568} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{453A38AD-60C4-4A89-B817-048AFFEC8568} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C2A3E50-5F7C-4130-99E1-3B51AA61B5DA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C2A3E50-5F7C-4130-99E1-3B51AA61B5DA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5051C1DD-E3FA-4ED9-85DD-4F84517B50F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5051C1DD-E3FA-4ED9-85DD-4F84517B50F3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{52961676-3AD2-404B-8B49-31AFC0549EEC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52961676-3AD2-404B-8B49-31AFC0549EEC} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71E07A34-1E9F-45E3-9F3D-0A8192FF491B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71E07A34-1E9F-45E3-9F3D-0A8192FF491B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9AC18200-C08B-4167-B072-9CB266F03A7A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AC18200-C08B-4167-B072-9CB266F03A7A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4062A1B-A014-4C40-936C-F70CEB917039} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4062A1B-A014-4C40-936C-F70CEB917039} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":430C6D84" ADS removed successfully.
C:\ProgramData\TEMP => ":C31F31E6" ADS removed successfully.
C:\ProgramData\TEMP => "

1B5B4F1" ADS removed successfully.
C:\ProgramData\TEMP => "

FC5A2B2" ADS removed successfully.
C:\Users\Public\.DS_Store => ":AFP_AfpInfo" ADS removed successfully.
C:\Users\Sticcs\Downloads\chromeinstall-7u65.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\CreativeCloudSet-Up (1).exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\CreativeCloudSet-Up.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\DivXInstaller (1).exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\DropboxInstaller.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\FileZilla_3.14.1_win64-setup.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\GoogleChromeSetup-21409441.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\HPPSdr (1).exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\HPPSdr.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\install_flashplayer14x32au_ltr5x64d_awc_aih.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\MicrosoftFixit.Printing.Run.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\Setup.X86.en-US_O365HomePremRetail_e5a9a73f-ddd7-45cf-abb0-d8954c856657_TX_PR_.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial (1).exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\Setup_QuickBooksEnterprise16Trial.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\Soda_PDF_7_Installer.exe => ":BDU" ADS removed successfully.
C:\Users\Sticcs\Downloads\TeamViewer_Setup_en-khm.exe => ":BDU" ADS removed successfully.

==== End of Fixlog 00:31:27 ====

Sticcs · Jun 4, 2017

Not sure which virus it is but I believe it lives and breathes within my chrome browser. It is always spinning the refresh symbol and on certain websites like yahoo it causes the green lock to change into an I with a circle around it. If that helps. I just know it's constantly slowing down my web searches and lags my videos especially on yahoo news.

Solved Unmoveable virus

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 56,041 +516

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 31 +0

Posts: 56,041 +516

Attachments

Posts: 31 +0

Posts: 31 +0

Similar threads