Solved Am I infected?

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.02.2018
Ran by cyber (20-02-2018 08:32:47)
Running from C:\Users\cyber\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2017-10-17 21:47:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3403886051-827337895-3073139048-500 - Administrator - Disabled)
cyber (S-1-5-21-3403886051-827337895-3073139048-1000 - Administrator - Enabled) => C:\Users\cyber
DefaultAccount (S-1-5-21-3403886051-827337895-3073139048-503 - Limited - Disabled)
Guest (S-1-5-21-3403886051-827337895-3073139048-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3403886051-827337895-3073139048-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{67CA5B4D-32DA-B54C-1851-F68ECD83262E}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.80.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.80.1 - )
CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{741CFE3A-1C0B-4A7D-8E08-5D78C911C09D}) (Version: 4.2.5.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
HydraVision (HKLM-x32\...\{CBAB2393-4F5F-CBC3-80E0-167B8B7C5437}) (Version: 4.2.128.0 - ATI Technologies Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Mozilla Firefox 58.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 58.0 (x86 en-US)) (Version: 58.0 - Mozilla)
Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3503 - CyberLink Corp.)
RAIDXpert (HKLM-x32\...\{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.5 - AMD) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.5 - AMD)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2216 - CyberLink Corp.) Hidden
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
RogueKiller version 12.11.11.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.11.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1254 - SUPERAntiSpyware.com)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
VdhCoApp 1.1.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.0 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00340B94-85D0-41F0-8FF4-4F415AB34524} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0045B293-1D67-4A8D-8222-848CCEADC25F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {0AD9CFF1-AB89-4A34-8303-494FE301F68E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {0BA6F370-CC6F-4858-A72A-5A09112D37C3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C7D65F0-68CA-4F46-BCB9-EDC7F2E8F2CC} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CE93962-F269-492D-917A-136AD33AA802} - System32\Tasks\HPCeeScheduleForcyber => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {12387CA8-0B9B-4236-9CC7-B08E7C028A29} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [2010-05-21] ()
Task: {1362087C-2C8F-48F2-BCEB-E5A4E19C241B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {17271018-41B2-4F8B-B5A4-45F179943C4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-03] (Google Inc.)
Task: {1E0038CA-9C96-4432-9439-B532021538FA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {214D4A7E-4FB0-489D-B0BE-4458280EBA19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2018-02-12] (Microsoft)
Task: {32622C34-50C7-4FFD-ADE7-BDDD3E58CE61} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-17] (PC-Doctor, Inc.)
Task: {374EB22F-E7E6-42A7-8B8F-DE9646860AA2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {3A623708-1444-497A-95F3-B264B6AEF502} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {3AFA4077-C24F-413A-B926-805BF84CF355} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {3CD99AB8-D384-4E03-B72A-38142A7DF8F2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3FD3FFF9-831D-4210-9E5E-A0FB0C01ACF0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {456A45B4-4094-4C74-8224-07607C1B5335} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5017F59C-26A3-4903-A684-C70DD5D4C054} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51F31D79-E28E-4298-B885-C6A73364A979} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {5A472AE6-0624-4EE2-8358-07ABD7066DED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A2A614B-0823-47D1-9CC5-2E079AE3796C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {6A73B8F9-1210-471D-8C61-A1733565F7DA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B5E3F3E-AAB8-4EB4-A401-7E95AA6199DF} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {7079F684-D160-48BA-B14F-638530379973} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {7CEC092E-DE9C-4FBB-9811-D61938B1EA3D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E9C9B58-007E-4412-8D0C-629246AB5682} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {83CD1566-FAEA-480A-833E-773AD67BAC57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8F770E67-1CDC-4BC0-A06E-FCC0AFEFA612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-03] (Google Inc.)
Task: {94428B73-C4DA-4C64-A213-2894038B2004} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1E783C1-AF47-44EA-B467-8E5F49BAC5E4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7ED599A-314F-47F9-A35F-2CA0985EE78E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AC51C064-0211-41D6-8E5B-A4CB638D45B2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B6862755-548C-408C-8A12-7693961677D3} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {BB5EAFD4-B028-472B-9F46-71F3E79B0AB7} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [2010-05-21] ()
Task: {BB779196-4F4E-42DD-9A80-026A0352C644} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-09-24] (Hewlett-Packard)
Task: {C687E1EB-B801-4401-B752-31515B433A2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2018-02-12] (Microsoft)
Task: {CB671D93-A2FD-41FE-A850-7D83BBCAF946} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {D9918583-5A32-465B-A890-B5E0E9DD44FE} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {DA4C19E4-47D8-48C9-83A1-3844550B01FB} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {F1BFD835-4DCD-4CF2-8D17-1899CA8DF3FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {F5F8C349-72E7-4426-9C26-8092EF1E73BB} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FE52FDD2-8708-493F-BCB8-390BCA94FE51} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForcyber.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 05:41 - 2017-09-29 05:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-24 18:44 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2009-09-19 14:38 - 2009-09-19 14:38 - 000065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2018-02-13 12:19 - 2018-02-09 20:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2009-09-14 16:17 - 2009-09-14 16:17 - 000610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2018-01-30 21:45 - 2018-01-30 21:45 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 21:45 - 2018-01-30 21:45 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 21:45 - 2018-01-30 21:45 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 21:45 - 2018-01-30 21:45 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2009-09-19 14:40 - 2009-09-19 14:40 - 000122880 _____ () C:\WINDOWS\SysWOW64\WinMsgBalloonServer.exe
2009-09-19 14:40 - 2009-09-19 14:40 - 000139264 _____ () C:\WINDOWS\SysWOW64\WinMsgBalloonClient.exe
2015-11-04 15:43 - 2015-11-04 15:43 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2018-02-01 22:02 - 2018-02-01 22:02 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-09 10:15 - 2018-02-09 10:15 - 027138048 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-02-09 10:15 - 2018-02-09 10:15 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-09 10:15 - 2018-02-09 10:15 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-25 23:16 - 2017-09-25 23:16 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-09 10:15 - 2018-02-09 10:15 - 009283072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\EntPlat.dll
2009-09-07 13:54 - 2009-09-07 13:54 - 000516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2009-10-22 18:50 - 2009-10-22 18:50 - 000931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 18:55 - 2017-11-30 18:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [135]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\1001movie.com -> 1001movie.com

There are 6091 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2009-06-10 13:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\cyber\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_2425.PNG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "PictureMover.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\StartupApproved\Run: => "SUPERAntiSpyware"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8CB6FE18-CC7C-48C4-B084-2C37D3C691C1}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{CC74E7F6-B485-45CC-B6A8-397E7E409FC3}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{A20ECECE-B568-4B76-B765-3F8178402CA7}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{4EC3D9D7-624D-421B-8862-97264B603FF0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{F727B810-A348-4B58-9ECC-7A92D7CEDC45}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{677FB34E-659F-49A1-B3CC-4977F477865D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{44134333-88CB-4BD3-AC66-7B5CD1A65152}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{82F3528D-43E3-4CAE-A5B0-FAFBCE301461}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{1234A297-7867-437E-A234-C468A503DA97}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{BFDE9683-BA52-4822-812A-EF64C46C9093}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{A896C207-3A95-4259-A804-78DF7DD0EC1C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{517919FC-3B08-472B-B784-8005E41927CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{0C1FAF66-2D3F-4B5F-8AE3-DE809F48C1DE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{D61DE30B-6AB5-456D-925C-906C3D491D99}] => (Allow) svchost.exe
FirewallRules: [{9F0A4983-18E0-4C18-B419-E000BE7D465F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{CBCDC242-6645-4341-A4A2-4DD985F19D97}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{578DE34C-6863-4BC8-AAEF-E535B11B1908}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{728600F4-F09A-46E0-BA18-CDFF8BDA431A}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{A22FBC33-9D8C-4B66-A8CE-E66FAB19A63F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{03A9E4EB-A628-44A8-BCB8-C558FEACC9BB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{EB08D090-3F9E-4CC0-8977-42E213533002}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{574931FC-1DF5-4096-8DF2-128C5CCFF9C2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{5A23F8B4-F646-48B4-8008-78ADCC5EBE85}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{DEABD766-54E3-45A2-B9F2-5F178442EC9F}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{ECA688CE-63A1-49C0-97DA-FB436E7145B8}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{2534BAD2-D2D9-4420-B9E7-149801C3EAB0}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{6CBDC6B3-7FC1-42A6-A64F-37ED22342EA4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4D044AD1-2D22-4F96-ADB6-AF91207635E5}] => (Allow) LPort=2869
FirewallRules: [{B0ECDAA8-DF32-40F5-8D6B-639DCB121CC4}] => (Allow) LPort=1900
FirewallRules: [{90D38474-9AD2-442E-88DB-2D19369FBAC9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D0B379E3-1866-47EA-B231-91BBA01E0584}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9E1B5152-01F7-4F10-B33C-50DD2082E8CE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9ADB4BE-ECB3-4B9C-BC2D-B875C156F382}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{961AC031-AA5B-47FB-ABE3-F17AE43C8C0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C6C1041D-F6B9-4A09-83C0-14F92A65A834}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6214A9B7-EE22-4241-AF9C-C59AAFF26CAA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5A33F4AA-710D-4C48-94A2-FE8493903C9B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{AA8864EC-0FC7-40FB-BE30-00004B5A5C56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDCA3BAA-1D15-4A0A-A4FE-F5DD879E2679}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CDDE9324-91C1-4612-88D2-EBD1AB7CE131}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{05293FDC-C26F-44D8-9B62-8736618ECFD7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A69E513F-530E-46E6-8C40-05C808BD78D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EFE98745-A831-4C32-8BEB-36233CC644B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56429253-46D0-453D-B2A7-2E33B10D7EAD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{8788848E-5946-4B69-AC3E-236DFC6B1387}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{08898F5C-22D4-4810-A0BC-80FC93A32F84}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{DAC9F014-A05B-42B3-869F-9B2D114E5B05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

18-02-2018 17:04:36 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2018 04:27:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: cyber-PC)
Description: Package Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (02/19/2018 06:37:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: cyber-PC)
Description: Package Microsoft.Windows.Photos_2018.18011.13110.0_x64__8wekyb3d8bbwe+App was terminated because it took too long to suspend.

Error: (02/18/2018 03:40:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 6.1.168.192.in-addr.arpa. PTR cyber-PC.local.

Error: (02/18/2018 03:40:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.6:5353 18 6.1.168.192.in-addr.arpa. PTR cyber-PC-2.local.

Error: (02/18/2018 03:11:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 6.1.168.192.in-addr.arpa. PTR cyber-PC.local.

Error: (02/18/2018 03:11:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.6:5353 18 6.1.168.192.in-addr.arpa. PTR cyber-PC-2.local.

Error: (02/17/2018 08:36:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (02/17/2018 08:33:39 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {758223de-a3f8-4ba9-9bb3-4198ca506e4b}


System errors:
=============
Error: (02/20/2018 08:27:00 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/20/2018 08:16:47 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/20/2018 06:41:30 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/20/2018 06:40:27 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/20/2018 06:20:49 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/20/2018 05:16:33 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/20/2018 04:29:40 AM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/19/2018 07:14:13 PM) (Source: DCOM) (EventID: 10016) (User: cyber-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user cyber-PC\cyber SID (S-1-5-21-3403886051-827337895-3073139048-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-02-18 16:39:08.194
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {29927504-B947-4888-9914-896924D139A0}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-18 16:08:34.194
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BC13FBA8-39A9-45DF-924F-64F63BF79E96}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-18 15:59:45.303
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7E04AA14-DF27-4746-8F36-9574742D3F99}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-11 09:10:18.448
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {120AB4C8-B5B1-4C02-9EA4-03D60F7529B3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-02-11 07:59:30.770
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {34F1D180-A3C1-4546-B311-6A10172A706E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2018-02-20 08:22:13.192
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 08:22:13.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 08:19:54.642
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 08:19:54.638
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 08:07:12.866
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 08:07:12.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 07:49:54.627
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-02-20 07:49:54.625
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X4 945 Processor
Percentage of memory in use: 42%
Total physical RAM: 8183.89 MB
Available physical RAM: 4683.18 MB
Total Virtual: 16375.89 MB
Available Virtual: 11848.64 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:919.46 GB) (Free:696.36 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:11.32 GB) (Free:1.61 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{9416fa4a-d22a-11e6-900e-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{9416fa4c-d22a-11e6-900e-806e6f6e6963}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.3 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=11.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2018
Ran by cyber (administrator) on CYBER-PC (20-02-2018 08:31:23)
Running from C:\Users\cyber\Desktop
Loaded Profiles: cyber (Available Profiles: cyber)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964080 2018-01-12] (SUPERAntiSpyware)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\MountPoints2: {f1ab480a-d22a-11e6-8840-d8d38578f2cc} - "J:\LaunchU3.exe" -a
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150016 2017-09-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2010-02-22]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e29d7a26-daf3-4f3f-8796-4482f6715ff1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fa94d0aa-568a-4dca-bb37-6e76dd2ca3f1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3403886051-827337895-3073139048-1000 -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3403886051-827337895-3073139048-1000 -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)

Edge:
======
Edge Extension: (Adguard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_2.8.4.0_neutral__m055xr0c82818 [2018-01-19]
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-01-11]

FireFox:
========
FF DefaultProfile: 89kx64ot.default
FF ProfilePath: C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default [2018-02-20]
FF Homepage: Mozilla\Firefox\Profiles\89kx64ot.default -> kiro7.com
FF NetworkProxy: Mozilla\Firefox\Profiles\89kx64ot.default -> type", 0
FF Extension: (uBlock Origin) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default\Extensions\uBlock0@raymondhill.net.xpi [2018-02-14]
FF Extension: (__MSG_appName__) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2017-12-03]
FF Extension: (Video DownloadHelper) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-3403886051-827337895-3073139048-1000: @hulu.com/Hulu Desktop -> C:\Users\cyber\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-11] (Hulu LLC)
 
Chrome:
=======
CHR HomePage: Default -> hxxp://www.kiro7.com/
CHR StartupUrls: Default -> "hxxp://www.kiro7.com/"
CHR Profile: C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default [2018-02-20]
CHR Extension: (Earth and Moon) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmfhbdfjlfminjglfhcgcblgicnfcka [2018-02-17]
CHR Extension: (Google Drive) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-17]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-02-17]
CHR Extension: (YouTube) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-17]
CHR Extension: (uBlock Origin) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-02-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-17]
CHR Extension: (Gmail) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-17]
CHR Extension: (Chrome Media Router) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-09-19] (AMD) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-18] (Malwarebytes)
R1 MpKsl128962af; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A23EE34E-FE24-446E-B6D5-5292C37FA36C}\MpKsl128962af.sys [58120 2018-02-19] (Microsoft Corporation)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [23536 2009-09-16] (PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-20 08:31 - 2018-02-20 08:32 - 000015948 _____ C:\Users\cyber\Desktop\FRST.txt
2018-02-20 08:31 - 2018-02-20 08:31 - 000000000 ____D C:\Users\cyber\Desktop\FRST-OlderVersion
2018-02-20 08:30 - 2018-02-20 08:31 - 002403328 _____ (Farbar) C:\Users\cyber\Desktop\FRST64.exe
2018-02-20 08:30 - 2018-02-20 08:31 - 000000000 ____D C:\FRST
2018-02-19 17:44 - 2018-02-19 17:44 - 003196548 _____ C:\Users\cyber\Documents\tc-p42x1_en_om.pdf
2018-02-19 11:05 - 2018-02-19 11:05 - 000316793 _____ C:\Users\cyber\Documents\d03e2d94-6cbe-4f74-9526-116b9e22ee20 (1).pdf
2018-02-19 10:59 - 2018-02-19 10:59 - 000316793 _____ C:\Users\cyber\Documents\hunter.pdf
2018-02-19 10:55 - 2018-02-19 10:55 - 000316793 _____ C:\Users\cyber\Documents\d03e2d94-6cbe-4f74-9526-116b9e22ee20.pdf
2018-02-18 15:34 - 2018-02-19 17:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-17 08:51 - 2018-02-17 08:51 - 000000000 ____D C:\Users\cyber\AppData\Roaming\Google
2018-02-17 08:46 - 2018-02-17 08:46 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-13 12:19 - 2018-02-09 22:24 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 12:19 - 2018-02-09 22:22 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-13 12:19 - 2018-02-09 22:21 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-13 12:19 - 2018-02-09 22:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-13 12:19 - 2018-02-09 22:21 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-13 12:19 - 2018-02-09 22:20 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 001055640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-02-13 12:19 - 2018-02-09 22:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-13 12:19 - 2018-02-09 22:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-13 12:19 - 2018-02-09 22:17 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-13 12:19 - 2018-02-09 22:16 - 008603032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 12:19 - 2018-02-09 22:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-13 12:19 - 2018-02-09 22:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-13 12:19 - 2018-02-09 22:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-13 12:19 - 2018-02-09 22:15 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-13 12:19 - 2018-02-09 22:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-13 12:19 - 2018-02-09 22:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-13 12:19 - 2018-02-09 22:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-13 12:19 - 2018-02-09 22:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-13 12:19 - 2018-02-09 22:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-02-13 12:19 - 2018-02-09 22:13 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-02-13 12:19 - 2018-02-09 22:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-13 12:19 - 2018-02-09 22:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-02-13 12:19 - 2018-02-09 22:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-02-13 12:19 - 2018-02-09 22:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-13 12:19 - 2018-02-09 22:12 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-13 12:19 - 2018-02-09 22:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-02-13 12:19 - 2018-02-09 22:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-13 12:19 - 2018-02-09 22:11 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-13 12:19 - 2018-02-09 22:11 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-13 12:19 - 2018-02-09 22:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-13 12:19 - 2018-02-09 22:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-13 12:19 - 2018-02-09 22:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-13 12:19 - 2018-02-09 22:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-13 12:19 - 2018-02-09 22:09 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-13 12:19 - 2018-02-09 22:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-13 12:19 - 2018-02-09 22:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-13 12:19 - 2018-02-09 22:07 - 002710728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-13 12:19 - 2018-02-09 22:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-13 12:19 - 2018-02-09 22:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-02-13 12:19 - 2018-02-09 22:06 - 000519144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-13 12:19 - 2018-02-09 22:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-13 12:19 - 2018-02-09 22:06 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-13 12:19 - 2018-02-09 22:06 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-13 12:19 - 2018-02-09 22:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-13 12:19 - 2018-02-09 22:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-13 12:19 - 2018-02-09 22:05 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-02-13 12:19 - 2018-02-09 22:04 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-02-13 12:19 - 2018-02-09 22:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-02-13 12:19 - 2018-02-09 22:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-13 12:19 - 2018-02-09 22:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-13 12:19 - 2018-02-09 22:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-13 12:19 - 2018-02-09 22:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-02-13 12:19 - 2018-02-09 22:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-13 12:19 - 2018-02-09 22:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-13 12:19 - 2018-02-09 22:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-02-13 12:19 - 2018-02-09 22:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-02-13 12:19 - 2018-02-09 22:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-02-13 12:19 - 2018-02-09 21:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-13 12:19 - 2018-02-09 21:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-02-13 12:19 - 2018-02-09 21:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-13 12:19 - 2018-02-09 21:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-02-13 12:19 - 2018-02-09 21:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-13 12:19 - 2018-02-09 21:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-02-13 12:19 - 2018-02-09 21:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-02-13 12:19 - 2018-02-09 21:09 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-13 12:19 - 2018-02-09 21:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-13 12:19 - 2018-02-09 21:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-13 12:19 - 2018-02-09 21:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-02-13 12:19 - 2018-02-09 21:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-13 12:19 - 2018-02-09 21:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-02-13 12:19 - 2018-02-09 21:08 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-13 12:19 - 2018-02-09 21:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 025253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 006481640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-02-13 12:19 - 2018-02-09 21:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-02-13 12:19 - 2018-02-09 21:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-02-13 12:19 - 2018-02-09 20:50 - 003665408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-13 12:19 - 2018-02-09 20:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-13 12:19 - 2018-02-09 20:50 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-13 12:19 - 2018-02-09 20:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-02-13 12:19 - 2018-02-09 20:49 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-13 12:19 - 2018-02-09 20:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-02-13 12:19 - 2018-02-09 20:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-13 12:19 - 2018-02-09 20:49 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-13 12:19 - 2018-02-09 20:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-02-13 12:19 - 2018-02-09 20:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-13 12:19 - 2018-02-09 20:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-02-13 12:19 - 2018-02-09 20:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-02-13 12:19 - 2018-02-09 20:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-02-13 12:19 - 2018-02-09 20:44 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 018923008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 008020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-13 12:19 - 2018-02-09 20:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 023671808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 019352576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-02-13 12:19 - 2018-02-09 20:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-13 12:19 - 2018-02-09 20:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 012831744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 008110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 12:19 - 2018-02-09 20:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-02-13 12:19 - 2018-02-09 20:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-02-13 12:19 - 2018-02-09 20:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-02-13 12:19 - 2018-02-09 20:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 011925504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-02-13 12:19 - 2018-02-09 20:38 - 006567936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-13 12:19 - 2018-02-09 20:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-13 12:19 - 2018-02-09 20:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-02-13 12:19 - 2018-02-09 20:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-02-13 12:19 - 2018-02-09 20:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-13 12:19 - 2018-02-09 20:37 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003678720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-13 12:19 - 2018-02-09 20:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 12:19 - 2018-02-09 20:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-13 12:19 - 2018-02-09 20:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-13 12:19 - 2018-02-09 20:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-13 12:19 - 2018-02-09 20:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-13 12:19 - 2018-02-09 20:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-13 12:19 - 2018-02-09 20:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-13 12:19 - 2018-02-09 20:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-13 12:19 - 2018-02-08 19:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-13 12:19 - 2018-02-01 19:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 12:18 - 2018-02-09 22:22 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000387480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000272800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
 
I screwed up some where
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2018
Ran by cyber (administrator) on CYBER-PC (20-02-2018 08:31:23)
Running from C:\Users\cyber\Desktop
Loaded Profiles: cyber (Available Profiles: cyber)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-16] (PC-Doctor, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964080 2018-01-12] (SUPERAntiSpyware)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\...\MountPoints2: {f1ab480a-d22a-11e6-8840-d8d38578f2cc} - "J:\LaunchU3.exe" -a
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150016 2017-09-29] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2010-02-22]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
GroupPolicy: Restriction - Chrome <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e29d7a26-daf3-4f3f-8796-4482f6715ff1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fa94d0aa-568a-4dca-bb37-6e76dd2ca3f1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3403886051-827337895-3073139048-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3403886051-827337895-3073139048-1000 -> DefaultScope {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3403886051-827337895-3073139048-1000 -> {3412F329-7A6D-49A7-9296-1D66AB3B03F2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)

Edge:
======
Edge Extension: (Adguard AdBlocker) -> EdgeExtension_AdguardAdguardAdBlocker_m055xr0c82818 => C:\Program Files\WindowsApps\Adguard.AdguardAdBlocker_2.8.4.0_neutral__m055xr0c82818 [2018-01-19]
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.4.0.0_neutral__c1wakc4j0nefm [2018-01-11]
 
FireFox:
========
FF DefaultProfile: 89kx64ot.default
FF ProfilePath: C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default [2018-02-20]
FF Homepage: Mozilla\Firefox\Profiles\89kx64ot.default -> kiro7.com
FF NetworkProxy: Mozilla\Firefox\Profiles\89kx64ot.default -> type", 0
FF Extension: (uBlock Origin) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default\Extensions\uBlock0@raymondhill.net.xpi [2018-02-14]
FF Extension: (__MSG_appName__) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2017-12-03]
FF Extension: (Video DownloadHelper) - C:\Users\cyber\AppData\Roaming\Mozilla\Firefox\Profiles\89kx64ot.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-3403886051-827337895-3073139048-1000: @hulu.com/Hulu Desktop -> C:\Users\cyber\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-11] (Hulu LLC)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.kiro7.com/
CHR StartupUrls: Default -> "hxxp://www.kiro7.com/"
CHR Profile: C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default [2018-02-20]
CHR Extension: (Earth and Moon) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmfhbdfjlfminjglfhcgcblgicnfcka [2018-02-17]
CHR Extension: (Google Drive) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-17]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-02-17]
CHR Extension: (YouTube) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-17]
CHR Extension: (uBlock Origin) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-02-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-17]
CHR Extension: (Gmail) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-17]
CHR Extension: (Chrome Media Router) - C:\Users\cyber\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-09-19] (AMD) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [125440 2009-09-24] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-20] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-18] (Malwarebytes)
R1 MpKsl128962af; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A23EE34E-FE24-446E-B6D5-5292C37FA36C}\MpKsl128962af.sys [58120 2018-02-19] (Microsoft Corporation)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [23536 2009-09-16] (PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-20] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-20] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-20] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2009-09-17] (CyberLink Corp.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-20 08:31 - 2018-02-20 08:32 - 000015948 _____ C:\Users\cyber\Desktop\FRST.txt
2018-02-20 08:31 - 2018-02-20 08:31 - 000000000 ____D C:\Users\cyber\Desktop\FRST-OlderVersion
2018-02-20 08:30 - 2018-02-20 08:31 - 002403328 _____ (Farbar) C:\Users\cyber\Desktop\FRST64.exe
2018-02-20 08:30 - 2018-02-20 08:31 - 000000000 ____D C:\FRST
2018-02-19 17:44 - 2018-02-19 17:44 - 003196548 _____ C:\Users\cyber\Documents\tc-p42x1_en_om.pdf
2018-02-19 11:05 - 2018-02-19 11:05 - 000316793 _____ C:\Users\cyber\Documents\d03e2d94-6cbe-4f74-9526-116b9e22ee20 (1).pdf
2018-02-19 10:59 - 2018-02-19 10:59 - 000316793 _____ C:\Users\cyber\Documents\hunter.pdf
2018-02-19 10:55 - 2018-02-19 10:55 - 000316793 _____ C:\Users\cyber\Documents\d03e2d94-6cbe-4f74-9526-116b9e22ee20.pdf
2018-02-18 15:34 - 2018-02-19 17:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-17 08:51 - 2018-02-17 08:51 - 000000000 ____D C:\Users\cyber\AppData\Roaming\Google
2018-02-17 08:46 - 2018-02-17 08:46 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-13 12:19 - 2018-02-09 22:24 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-13 12:19 - 2018-02-09 22:23 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-13 12:19 - 2018-02-09 22:22 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-13 12:19 - 2018-02-09 22:21 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-13 12:19 - 2018-02-09 22:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-02-13 12:19 - 2018-02-09 22:21 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-02-13 12:19 - 2018-02-09 22:20 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 001055640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-02-13 12:19 - 2018-02-09 22:20 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-02-13 12:19 - 2018-02-09 22:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-02-13 12:19 - 2018-02-09 22:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-02-13 12:19 - 2018-02-09 22:17 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-13 12:19 - 2018-02-09 22:16 - 008603032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-13 12:19 - 2018-02-09 22:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-02-13 12:19 - 2018-02-09 22:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-02-13 12:19 - 2018-02-09 22:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-02-13 12:19 - 2018-02-09 22:15 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-13 12:19 - 2018-02-09 22:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-13 12:19 - 2018-02-09 22:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-02-13 12:19 - 2018-02-09 22:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-02-13 12:19 - 2018-02-09 22:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-02-13 12:19 - 2018-02-09 22:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-02-13 12:19 - 2018-02-09 22:13 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
 
2018-02-13 12:19 - 2018-02-09 22:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-13 12:19 - 2018-02-09 22:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2018-02-13 12:19 - 2018-02-09 22:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-02-13 12:19 - 2018-02-09 22:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-02-13 12:19 - 2018-02-09 22:12 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-02-13 12:19 - 2018-02-09 22:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-02-13 12:19 - 2018-02-09 22:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-13 12:19 - 2018-02-09 22:11 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-13 12:19 - 2018-02-09 22:11 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-02-13 12:19 - 2018-02-09 22:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-02-13 12:19 - 2018-02-09 22:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2018-02-13 12:19 - 2018-02-09 22:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-02-13 12:19 - 2018-02-09 22:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-02-13 12:19 - 2018-02-09 22:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-02-13 12:19 - 2018-02-09 22:09 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-02-13 12:19 - 2018-02-09 22:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-13 12:19 - 2018-02-09 22:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-02-13 12:19 - 2018-02-09 22:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-13 12:19 - 2018-02-09 22:07 - 002710728 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-13 12:19 - 2018-02-09 22:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-02-13 12:19 - 2018-02-09 22:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-02-13 12:19 - 2018-02-09 22:06 - 000519144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-02-13 12:19 - 2018-02-09 22:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-02-13 12:19 - 2018-02-09 22:06 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-02-13 12:19 - 2018-02-09 22:06 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2018-02-13 12:19 - 2018-02-09 22:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-02-13 12:19 - 2018-02-09 22:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-02-13 12:19 - 2018-02-09 22:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-02-13 12:19 - 2018-02-09 22:05 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-02-13 12:19 - 2018-02-09 22:04 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-02-13 12:19 - 2018-02-09 22:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-02-13 12:19 - 2018-02-09 22:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-02-13 12:19 - 2018-02-09 22:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-02-13 12:19 - 2018-02-09 22:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-13 12:19 - 2018-02-09 22:04 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-13 12:19 - 2018-02-09 22:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-02-13 12:19 - 2018-02-09 22:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-02-13 12:19 - 2018-02-09 22:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-13 12:19 - 2018-02-09 22:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-02-13 12:19 - 2018-02-09 22:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-02-13 12:19 - 2018-02-09 22:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-02-13 12:19 - 2018-02-09 21:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-02-13 12:19 - 2018-02-09 21:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-02-13 12:19 - 2018-02-09 21:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-02-13 12:19 - 2018-02-09 21:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-02-13 12:19 - 2018-02-09 21:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-02-13 12:19 - 2018-02-09 21:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2018-02-13 12:19 - 2018-02-09 21:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-02-13 12:19 - 2018-02-09 21:09 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-02-13 12:19 - 2018-02-09 21:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-02-13 12:19 - 2018-02-09 21:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-02-13 12:19 - 2018-02-09 21:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-02-13 12:19 - 2018-02-09 21:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-02-13 12:19 - 2018-02-09 21:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-02-13 12:19 - 2018-02-09 21:08 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-13 12:19 - 2018-02-09 21:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 025253376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2018-02-13 12:19 - 2018-02-09 21:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 006481640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-13 12:19 - 2018-02-09 21:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-13 12:19 - 2018-02-09 21:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-02-13 12:19 - 2018-02-09 21:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-02-13 12:19 - 2018-02-09 21:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-02-13 12:19 - 2018-02-09 20:50 - 003665408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-13 12:19 - 2018-02-09 20:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-02-13 12:19 - 2018-02-09 20:50 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-02-13 12:19 - 2018-02-09 20:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-02-13 12:19 - 2018-02-09 20:49 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-02-13 12:19 - 2018-02-09 20:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-02-13 12:19 - 2018-02-09 20:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-02-13 12:19 - 2018-02-09 20:49 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-02-13 12:19 - 2018-02-09 20:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-02-13 12:19 - 2018-02-09 20:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
 
2018-02-13 12:19 - 2018-02-09 20:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-02-13 12:19 - 2018-02-09 20:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-13 12:19 - 2018-02-09 20:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-02-13 12:19 - 2018-02-09 20:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2018-02-13 12:19 - 2018-02-09 20:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-13 12:19 - 2018-02-09 20:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2018-02-13 12:19 - 2018-02-09 20:44 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-02-13 12:19 - 2018-02-09 20:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 018923008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 008020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-02-13 12:19 - 2018-02-09 20:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2018-02-13 12:19 - 2018-02-09 20:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 023671808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-02-13 12:19 - 2018-02-09 20:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
 
2018-02-13 12:19 - 2018-02-09 20:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-13 12:19 - 2018-02-09 20:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 019352576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-02-13 12:19 - 2018-02-09 20:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-02-13 12:19 - 2018-02-09 20:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2018-02-13 12:19 - 2018-02-09 20:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 012831744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 008110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-13 12:19 - 2018-02-09 20:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2018-02-13 12:19 - 2018-02-09 20:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2018-02-13 12:19 - 2018-02-09 20:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2018-02-13 12:19 - 2018-02-09 20:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2018-02-13 12:19 - 2018-02-09 20:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 011925504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-02-13 12:19 - 2018-02-09 20:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2018-02-13 12:19 - 2018-02-09 20:38 - 006567936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-13 12:19 - 2018-02-09 20:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-13 12:19 - 2018-02-09 20:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-02-13 12:19 - 2018-02-09 20:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2018-02-13 12:19 - 2018-02-09 20:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-02-13 12:19 - 2018-02-09 20:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-02-13 12:19 - 2018-02-09 20:37 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003678720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
 
2018-02-13 12:19 - 2018-02-09 20:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2018-02-13 12:19 - 2018-02-09 20:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2018-02-13 12:19 - 2018-02-09 20:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-02-13 12:19 - 2018-02-09 20:36 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-13 12:19 - 2018-02-09 20:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-02-13 12:19 - 2018-02-09 20:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2018-02-13 12:19 - 2018-02-09 20:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2018-02-13 12:19 - 2018-02-09 20:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-02-13 12:19 - 2018-02-09 20:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2018-02-13 12:19 - 2018-02-09 20:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-02-13 12:19 - 2018-02-09 20:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-02-13 12:19 - 2018-02-09 20:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2018-02-13 12:19 - 2018-02-09 20:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2018-02-13 12:19 - 2018-02-09 20:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll
2018-02-13 12:19 - 2018-02-09 20:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2018-02-13 12:19 - 2018-02-09 20:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2018-02-13 12:19 - 2018-02-09 20:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2018-02-13 12:19 - 2018-02-08 19:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-13 12:19 - 2018-02-01 19:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-13 12:18 - 2018-02-09 22:22 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000387480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000272800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-13 12:18 - 2018-02-09 22:22 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-13 12:18 - 2018-02-09 22:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-02-13 12:18 - 2018-02-09 22:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2018-02-13 12:18 - 2018-02-09 22:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-13 12:18 - 2018-02-09 22:15 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-02-13 12:18 - 2018-02-09 22:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-13 12:18 - 2018-02-09 22:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-02-13 12:18 - 2018-02-09 22:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-13 12:18 - 2018-02-09 22:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2018-02-13 12:18 - 2018-02-09 22:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-02-13 12:18 - 2018-02-09 22:06 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-13 12:18 - 2018-02-09 22:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-13 12:18 - 2018-02-09 22:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-02-13 12:18 - 2018-02-09 22:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2018-02-13 12:18 - 2018-02-09 21:22 - 001930224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-02-13 12:18 - 2018-02-09 21:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-02-13 12:18 - 2018-02-09 21:17 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-13 12:18 - 2018-02-09 21:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-02-13 12:18 - 2018-02-09 21:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-13 12:18 - 2018-02-09 21:07 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-13 12:18 - 2018-02-09 21:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2018-02-13 12:18 - 2018-02-09 21:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2018-02-13 12:18 - 2018-02-09 20:50 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-02-13 12:18 - 2018-02-09 20:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-02-13 12:18 - 2018-02-09 20:49 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-02-13 12:18 - 2018-02-09 20:49 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-02-13 12:18 - 2018-02-09 20:49 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-02-13 12:18 - 2018-02-09 20:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-02-13 12:18 - 2018-02-09 20:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-02-13 12:18 - 2018-02-09 20:47 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-13 12:18 - 2018-02-09 20:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-02-13 12:18 - 2018-02-09 20:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-13 12:18 - 2018-02-09 20:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2018-02-13 12:18 - 2018-02-09 20:45 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-13 12:18 - 2018-02-09 20:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-02-13 12:18 - 2018-02-09 20:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll
2018-02-13 12:18 - 2018-02-09 20:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-02-13 12:18 - 2018-02-09 20:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-02-13 12:18 - 2018-02-09 20:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-13 12:18 - 2018-02-09 20:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2018-02-13 12:18 - 2018-02-09 20:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2018-02-13 12:18 - 2018-02-09 20:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
2018-02-13 12:18 - 2018-02-09 20:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2018-02-13 12:18 - 2018-02-09 20:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2018-02-13 12:18 - 2018-02-09 20:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2018-02-13 12:18 - 2018-02-09 20:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2018-02-13 12:18 - 2018-02-09 20:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2018-02-13 12:18 - 2018-02-09 20:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-02-13 12:18 - 2018-02-09 20:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2018-02-13 12:18 - 2018-02-09 20:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2018-02-13 12:18 - 2018-02-09 20:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-02-13 12:18 - 2018-02-09 20:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2018-02-13 12:18 - 2018-02-09 20:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-13 12:18 - 2018-02-09 20:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2018-02-13 12:18 - 2018-02-09 20:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2018-02-13 12:18 - 2018-02-09 20:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-02-13 12:18 - 2018-02-09 20:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-02-13 12:18 - 2018-02-09 20:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-02-13 12:18 - 2018-02-09 20:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-02-13 12:18 - 2018-02-09 20:32 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-02-13 12:18 - 2018-02-09 20:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-02-13 12:18 - 2018-02-09 20:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-13 12:18 - 2018-02-08 19:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-13 12:18 - 2018-02-01 19:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-09 09:05 - 2018-02-09 09:05 - 000000000 ____D C:\Users\cyber\AppData\Local\MetaGeek,_LLC
2018-02-02 05:17 - 2018-01-17 10:47 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-02-02 05:17 - 2018-01-17 10:47 - 000804240 _____ C:\WINDOWS\system32\locale.nls
2018-01-24 05:30 - 2018-01-24 05:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-01-24 05:30 - 2018-01-24 05:30 - 000000000 ____D C:\Program Files\iTunes
2018-01-24 05:30 - 2018-01-24 05:30 - 000000000 ____D C:\Program Files\iPod
2018-01-24 05:23 - 2018-01-24 05:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-01-24 05:23 - 2018-01-24 05:23 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-01-23 05:49 - 2018-01-23 05:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-22 11:06 - 2018-01-22 11:06 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2C5647DD.sys
 
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-20 08:16 - 2017-10-17 13:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-20 07:08 - 2017-10-17 13:43 - 000004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FA1DAFDB-EB48-4904-97A2-507C085DC2CF}
2018-02-20 06:12 - 2017-06-19 06:54 - 000002089 _____ C:\Users\cyber\Desktop\FileHippo App Manager.lnk
2018-02-20 05:16 - 2017-09-29 05:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-20 05:16 - 2017-01-18 08:09 - 000000000 ____D C:\Users\cyber\AppData\Roaming\MPC-HC
2018-02-20 04:29 - 2017-02-04 22:48 - 000000000 ____D C:\Users\cyber\AppData\Roaming\vlc
2018-02-19 16:28 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-19 15:21 - 2017-01-03 21:01 - 000000000 ____D C:\Users\cyber\AppData\LocalLow\Mozilla
2018-02-19 14:47 - 2017-10-17 13:43 - 000003242 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForcyber
2018-02-19 14:47 - 2017-01-03 19:20 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForcyber.job
2018-02-19 14:04 - 2018-01-09 11:45 - 000000000 ____D C:\Users\cyber\AppData\Local\PlaceholderTileLogoFolder
2018-02-18 19:19 - 2017-09-16 06:37 - 000000000 ____D C:\Users\cyber\Desktop\MY TUNES
2018-02-18 19:19 - 2017-01-12 10:28 - 000000000 ____D C:\Users\cyber\Documents\New folder
2018-02-18 15:53 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-18 15:48 - 2017-10-17 13:18 - 000000000 ____D C:\Users\cyber\AppData\Local\Packages
2018-02-18 15:47 - 2017-09-29 05:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-18 15:41 - 2017-10-17 13:41 - 001461130 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-18 15:34 - 2017-12-08 18:22 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-02-18 15:34 - 2017-10-17 13:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-18 15:33 - 2017-09-29 00:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-17 13:27 - 2017-01-04 08:56 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-02-17 11:10 - 2017-12-10 10:11 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-02-17 08:46 - 2017-01-03 20:54 - 000000000 ____D C:\Users\cyber\AppData\Local\Google
2018-02-17 08:46 - 2017-01-03 20:54 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-15 10:25 - 2017-01-09 11:39 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-02-15 10:25 - 2017-01-04 05:45 - 000000000 ____D C:\Users\cyber\Desktop\SECURITY
2018-02-15 04:51 - 2017-07-11 08:16 - 000000000 ____D C:\Users\cyber\Documents\My Filehippo Downloads
2018-02-14 20:02 - 2017-02-26 19:59 - 000000000 ____D C:\Users\cyber\AppData\Local\ElevatedDiagnostics
2018-02-14 19:45 - 2017-10-13 16:17 - 000000000 ____D C:\ProgramData\AVAST Software
2018-02-14 10:04 - 2017-10-13 16:23 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-14 10:00 - 2018-01-19 05:58 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-14 08:02 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-13 18:36 - 2017-07-13 11:20 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2018-02-13 18:36 - 2017-01-04 05:41 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-02-13 18:36 - 2010-02-22 18:38 - 000000000 ____D C:\ProgramData\Temp
2018-02-13 14:01 - 2017-07-18 10:48 - 000000000 ___RD C:\Users\cyber\3D Objects
2018-02-13 14:01 - 2017-01-04 20:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-13 13:59 - 2017-10-17 13:10 - 000303752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-13 13:55 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-02-13 12:36 - 2017-01-03 20:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-13 12:32 - 2017-10-11 08:22 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-13 12:32 - 2017-01-03 20:21 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-13 12:31 - 2017-09-29 05:41 - 001043352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-02-13 12:30 - 2017-09-29 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-13 12:23 - 2017-09-29 05:41 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-09 18:27 - 2017-01-04 07:44 - 000000000 ____D C:\Users\cyber\AppData\Local\CrashDumps
2018-02-09 09:13 - 2017-01-05 09:49 - 000000000 ____D C:\Users\cyber\AppData\Roaming\Apple Computer
2018-02-09 09:12 - 2017-10-17 13:17 - 000000000 ____D C:\Users\cyber
2018-02-09 09:12 - 2017-07-21 05:19 - 000000000 ____D C:\Users\cyber\AppData\Local\Apple Inc
2018-02-08 10:48 - 2017-01-04 09:42 - 000000000 ____D C:\Users\cyber\dwhelper
2018-02-08 09:52 - 2017-12-03 07:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-08 09:52 - 2017-12-03 07:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-08 09:52 - 2017-07-03 05:28 - 000000000 ____D C:\Users\cyber\AppData\Local\FSDART
2018-02-08 09:07 - 2017-07-03 05:28 - 000000000 ____D C:\ProgramData\F-Secure
2018-02-08 05:57 - 2017-12-03 07:24 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-07 06:13 - 2017-05-17 04:15 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-02-06 08:54 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 08:54 - 2017-09-29 05:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-05 18:49 - 2017-09-29 05:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-05 18:49 - 2017-09-29 05:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-05 08:46 - 2017-05-07 14:26 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-01-30 16:36 - 2017-10-17 13:43 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3403886051-827337895-3073139048-1000
2018-01-30 16:36 - 2017-01-04 20:30 - 000002365 _____ C:\Users\cyber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 16:36 - 2017-01-04 20:30 - 000000000 ___RD C:\Users\cyber\OneDrive
2018-01-24 05:41 - 2017-01-03 19:27 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 05:23 - 2017-01-05 09:47 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
 
==================== Files in the root of some directories =======

2017-07-03 04:45 - 2017-08-30 15:21 - 000317970 _____ () C:\Users\cyber\AppData\Local\ars.cache
2017-07-03 04:47 - 2017-08-30 15:21 - 000995774 _____ () C:\Users\cyber\AppData\Local\census.cache
2017-01-04 10:34 - 2017-04-05 16:19 - 000009216 _____ () C:\Users\cyber\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-03 04:17 - 2017-07-03 04:17 - 000000036 _____ () C:\Users\cyber\AppData\Local\housecall.guid.cache
2017-01-09 15:48 - 2017-01-09 15:48 - 000000017 _____ () C:\Users\cyber\AppData\Local\resmon.resmoncfg
2017-07-03 04:28 - 2017-08-24 11:44 - 000000010 _____ () C:\Users\cyber\AppData\Local\sponge.last.runtime.cache
2017-08-14 09:56 - 2017-08-14 09:56 - 000201912 _____ () C:\Users\cyber\AppData\Local\tmp20800122_10214544184302195_6285184043554644274_N.0
2017-08-14 09:56 - 2017-08-14 09:56 - 000205283 _____ () C:\Users\cyber\AppData\Local\tmp20800122_10214544184302195_6285184043554644274_N.JPG
2017-05-19 14:24 - 2017-05-19 14:24 - 001964430 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0013.0
2017-05-19 14:24 - 2017-05-19 14:24 - 000720616 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0013.JPG
2017-09-10 07:03 - 2017-09-10 07:03 - 002284623 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0240.0
2017-09-10 07:03 - 2017-09-10 07:03 - 000825384 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0240.JPG
2017-05-02 19:20 - 2018-01-19 09:11 - 002070671 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0446.0
2018-01-19 09:11 - 2018-01-19 09:11 - 000700450 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0446.JPG
2017-05-02 19:21 - 2017-05-02 19:21 - 001991227 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0463.0
2017-05-02 19:21 - 2017-05-02 19:21 - 000714361 _____ () C:\Users\cyber\AppData\Local\tmpIMG_0463.JPG
2017-05-03 06:53 - 2017-05-03 06:53 - 002578507 _____ () C:\Users\cyber\AppData\Local\tmpIMG_1655.0
2017-05-03 06:53 - 2017-05-03 06:53 - 000998864 _____ () C:\Users\cyber\AppData\Local\tmpIMG_1655.JPG
2018-01-19 06:44 - 2018-01-19 06:44 - 002781954 _____ () C:\Users\cyber\AppData\Local\tmpIMG_1675.0
2018-01-19 06:44 - 2018-01-19 06:44 - 001130281 _____ () C:\Users\cyber\AppData\Local\tmpIMG_1675.JPG
2017-05-13 17:47 - 2017-05-13 17:47 - 001722921 _____ () C:\Users\cyber\AppData\Local\tmpIMG_2289.0
2017-05-13 17:47 - 2017-05-13 17:47 - 000554494 _____ () C:\Users\cyber\AppData\Local\tmpIMG_2289.JPG
2017-03-07 18:07 - 2017-05-08 05:02 - 000093781 _____ () C:\Users\cyber\AppData\Local\tmpIMG_4267.0
2017-03-07 18:07 - 2017-05-08 05:02 - 000043673 _____ () C:\Users\cyber\AppData\Local\tmpIMG_4267.1
2017-03-07 18:07 - 2017-05-08 05:02 - 000043498 _____ () C:\Users\cyber\AppData\Local\tmpIMG_4267.JPG
2017-02-24 05:18 - 2017-02-24 05:18 - 002587802 _____ () C:\Users\cyber\AppData\Local\tmpPHOTO 2.JPG

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-15 03:51
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

Does the issue happen only when one of your browser is open or regardless?

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
You asked "Does the issue happen only when one of your browser is open or regardless?", only once the browser is open. Scans follow.
 
# AdwCleaner 7.0.8.0 - Logfile created on Wed Feb 21 03:56:05 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 02-16-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DriverDoc, [Key] - HKLM\SOFTWARE\MimarSinan


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2017/11/30 22:59:55]
C:/AdwCleaner/AdwCleaner[S1].txt - [1013 B] - [2018/1/10 14:29:1]


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.02.2018
Ran by cyber (20-02-2018 20:22:39)
Running from C:\Users\cyber\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2017-10-17 21:47:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3403886051-827337895-3073139048-500 - Administrator - Disabled)
cyber (S-1-5-21-3403886051-827337895-3073139048-1000 - Administrator - Enabled) => C:\Users\cyber
DefaultAccount (S-1-5-21-3403886051-827337895-3073139048-503 - Limited - Disabled)
Guest (S-1-5-21-3403886051-827337895-3073139048-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3403886051-827337895-3073139048-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{67CA5B4D-32DA-B54C-1851-F68ECD83262E}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.80.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.80.1 - )
CPUID HWMonitor 1.32 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.32 - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
 
Back