Solved Amazon assistant virus

Silverboots · May 28, 2017

Hi, really hope someone can help me.
My computer started bringing up all these blank windows with C:\Program Files (x86)\Amazon\Amazon Assistant\aa.hta in the title bar. I've done a bit of searching and turns out I'm not the only one to have this problem. But all the solutions I've found are a bit complicated for me - I'm not that tech savvy. Then I found this site and saw a post where someone had helped someone with this problem step by step and custom made a solution for them. Really hoping someone can do the same for me. As I said before, I'm really not that knowledgeable about technology and I don't trust myself/know how to do this without help. Thank you in advance xxx

Broni · May 29, 2017

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

Silverboots · May 29, 2017

Thank you. I really appreciate this (y)
So I clicked on the link you gave (https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/) and read it. I clicked on the link it gave (https://www.techspot.com/community/...ead-this-before-cleaning-or-formatting.65943/) and read it. I clicked on the two links it gave (http://www.dslreports.com/faq/10063 and http://www.dslreports.com/faq/10451) and read those.
And now my head hurts! I didn't fully understand everything and I'm a tad confused (I really do have very limited tech knowledge) but I'm gonna try to follow your instructions to the best of my ability.
It said to tell you what I use my laptop for: mainly online shopping, email, facebook, pinterest, saving images, watching catch-up tv, booking doctors appts/requesting repeat prescriptions, and occasionally online banking.
I have an Acer Aspire E 15 E5-573-32TV. Intel Core i3-5005U (2.0GHz, 3MB L3 cache). Intel HD graphics 5500 (up to 4181 MB dynamic video memory). 8GB DDR3 L memory. 2000 GB HDD. Need anymore info?
I have Avast free antivirus. I've run the smart scan and the full scan. Several times I tried it was cancelled before finishing (not by me - by itself), but I think it's done both now. I tried to find the logs but I can't seem to figure out where they'd be. Also I clicked on the virus chest and it shows the virus in there. Should I delete it or will that 'free' it? Also, where it says firewall there's a lock symbol, I think you have to pay for that, so I don't know if I have one?
The 1st step already has me confused. I know - pathetic, right? What does 'enabled pm the system' mean? and it says 'Do NOT add any of the free AV programs below.' then advises you to install an antivirus if you don't have one already, and suggests some. But if you're not supposed to add them, then........?
Help me Broni Wan Kenobi, you're my only hope

Broni · May 30, 2017

All you need to do is to read this: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/ and provide FRST logs.

Silverboots · May 30, 2017

Okay cool, here's the FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
Ran by silve (administrator) on LAPTOP-CVU8QSHV (30-05-2017 22:01:18)
Running from C:\Users\silve\Downloads
Loaded Profiles: silve (Available Profiles: silve & josle)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\Run: [GoogleChromeAutoLaunch_E5BBC1D48D1936607C8B41890094880B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\MountPoints2: {9d0543f8-02b1-11e7-8340-806e6f6e6963} - "D:\autorun.exe"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\silve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-03-23]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{6db06132-c348-4cc3-9106-0472e8853cdb}: [DhcpNameServer] 77.234.40.79
Tcpip\..\Interfaces\{a0cacfd8-88aa-48e2-8c9f-6250e84227ae}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{ada40ca5-2f16-405e-afdd-0c022b8eee3b}: [DhcpNameServer] 40.33.1.55

Internet Explorer:
==================
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3465862728-4032867992-966525347-1001 -> DefaultScope {1451F406-7038-4CB5-81BD-034C2F6E0883} URL =
SearchScopes: HKU\S-1-5-21-3465862728-4032867992-966525347-1001 -> {1451F406-7038-4CB5-81BD-034C2F6E0883} URL =
SearchScopes: HKU\S-1-5-21-3465862728-4032867992-966525347-1001 -> {A970CC88-CD63-404E-985B-6F3E1700F6D2} URL =
SearchScopes: HKU\S-1-5-21-3465862728-4032867992-966525347-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2017-03-13] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default [2017-05-30]
CHR Extension: (Google Slides) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-07]
CHR Extension: (Google Docs) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-07]
CHR Extension: (Google Drive) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-07]
CHR Extension: (Rapport) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-05-16]
CHR Extension: (YouTube) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-07]
CHR Extension: (Avast SafePrice) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-05]
CHR Extension: (Google Sheets) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-07]
CHR Extension: (Avast Online Security) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-28]
CHR Extension: (Pinterest Save Button) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-23]
CHR Extension: (FlyOrDie Backgammon) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjajfipfoldnngmddjicblncidmijama [2017-03-07]
CHR Extension: (EasyHome Homestyler) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2017-05-28]
CHR Extension: (Little Alchemy) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2017-03-07]
CHR Extension: (Google Play) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-03-07]
CHR Extension: (Do It (Tomorrow)) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2017-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Texas Holdem Poker) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbaogcpfpkhbmjmefladpimcmfggkjl [2017-03-07]
CHR Extension: (OhMyDollz) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\okigcjnedlemakbamnbgkmdoegkhdble [2017-03-07]
CHR Extension: (Gmail) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-20]
CHR Extension: (Black Black Chrome Theme Purple Highlight) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjkffljijlebgbmppbgeoikaafbbek [2017-03-07]
CHR HKU\S-1-5-21-3465862728-4032867992-966525347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [102064 2017-02-28] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2017-03-30] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-24] (Dashlane SAS)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350576 2017-03-13] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-03-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-04] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-04] (Acer Incorporated)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2401264 2017-03-01] (IBM Corp.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2017-03-06] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-10] (AVAST Software)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-04] (Acer Incorporated)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-04] (Acer Incorporated)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [382432 2017-03-01] (IBM Corp.)
R1 RapportCerberus_1804047; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys [1264776 2017-05-16] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [582208 2017-03-01] (IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [252288 2017-03-01] (IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [506016 2017-03-01] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [605024 2017-03-01] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2017-03-14] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-30 22:01 - 2017-05-30 22:02 - 00023686 _____ C:\Users\silve\Downloads\FRST.txt
2017-05-30 22:01 - 2017-05-30 22:01 - 00000000 ____D C:\FRST
2017-05-30 21:59 - 2017-05-30 22:00 - 02429952 _____ (Farbar) C:\Users\silve\Downloads\FRST64.exe
2017-05-30 03:35 - 2017-05-30 03:35 - 00000000 ___HD C:\OneDriveTemp
2017-05-28 19:57 - 2017-05-28 19:57 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-28 12:02 - 2017-05-28 12:02 - 00000000 ____D C:\Users\silve\Documents\Custom Office Templates
2017-05-18 19:36 - 2017-05-18 19:36 - 00000000 ____D C:\Users\silve\AppData\Local\HP
2017-05-18 19:19 - 2017-05-18 19:43 - 00000000 ____D C:\Users\silve\AppData\Roaming\HP
2017-05-18 19:19 - 2017-05-18 19:19 - 00000000 ____D C:\ProgramData\WEBREG
2017-05-18 19:14 - 2017-05-25 23:55 - 00000000 ____D C:\Users\silve\AppData\Roaming\HpUpdate
2017-05-18 19:13 - 2017-05-18 19:44 - 00000000 ____D C:\ProgramData\HP Photo Creations
2017-05-18 19:13 - 2017-05-18 19:13 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2017-05-18 19:13 - 2017-05-18 19:13 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2017-05-18 19:12 - 2017-05-18 19:12 - 00001402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2017-05-18 19:12 - 2017-05-18 19:12 - 00001396 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2017-05-18 19:12 - 2017-05-18 19:12 - 00000000 ____D C:\ProgramData\HP Product Assistant
2017-05-18 19:08 - 2017-05-18 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-05-18 19:06 - 2017-05-18 19:14 - 00000000 ____D C:\Program Files (x86)\HP
2017-05-18 18:56 - 2017-05-18 19:17 - 00000000 ____D C:\ProgramData\HP
2017-05-18 18:56 - 2017-05-18 19:16 - 00187699 _____ C:\WINDOWS\hpoins27.dat
2017-05-18 18:56 - 2012-09-26 15:23 - 00000584 ____N C:\WINDOWS\hpomdl27.dat
2017-05-18 18:55 - 2009-07-08 11:51 - 00938496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax7.dll
2017-05-18 18:55 - 2009-07-08 11:51 - 00740864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl6.dll
2017-05-18 18:55 - 2009-07-08 11:51 - 00551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2017-05-18 18:55 - 2009-07-08 11:51 - 00505344 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst15.dll
2017-05-18 18:48 - 2017-05-18 18:54 - 185717360 _____ C:\Users\silve\Downloads\DJ_AIO_03_F2200_NonNet_Full_Win_WW_140_404-4.exe
2017-05-18 18:46 - 2017-05-18 18:46 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-05-17 19:45 - 2017-05-17 19:45 - 00000000 ____D C:\Users\silve\AppData\Roaming\Google
2017-05-16 17:32 - 2017-05-16 17:32 - 00000000 ____D C:\Users\josle\AppData\Local\Trusteer
2017-05-16 15:58 - 2017-05-16 16:27 - 769130553 _____ C:\Users\silve\Downloads\kaleidoscope-part-1.pdf
2017-05-16 15:58 - 2017-05-16 16:08 - 205760018 _____ C:\Users\silve\Downloads\kaleidoscope-part-2.pdf
2017-05-16 02:18 - 2017-03-01 17:26 - 00506016 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2017-05-16 02:18 - 2017-03-01 17:26 - 00252288 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2017-05-16 02:17 - 2017-05-16 02:17 - 00000000 ____D C:\Users\silve\AppData\Local\Trusteer
2017-05-16 02:17 - 2017-05-16 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2017-05-16 02:17 - 2017-05-16 02:17 - 00000000 ____D C:\Program Files (x86)\Trusteer
2017-05-16 02:15 - 2017-05-16 02:15 - 00000000 ____D C:\ProgramData\Trusteer
2017-05-16 02:14 - 2017-05-16 02:14 - 00483824 _____ (IBM Corp.) C:\Users\silve\Downloads\RapportSetup.exe
2017-05-15 22:04 - 2017-05-15 22:04 - 00000000 ___HD C:\$AV_ASW
2017-05-13 14:40 - 2017-05-13 14:40 - 00000000 ____D C:\Users\silve\Documents\My Digikits
2017-05-13 14:39 - 2017-05-13 14:39 - 00000000 ____D C:\Users\silve\AppData\Roaming\Serif
2017-05-13 14:38 - 2017-05-13 14:38 - 00002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif CraftArtist 2.lnk
2017-05-13 14:38 - 2017-05-13 14:38 - 00002220 _____ C:\Users\Public\Desktop\Serif CraftArtist 2.lnk
2017-05-13 14:38 - 2017-05-13 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications
2017-05-13 14:37 - 2017-05-13 16:00 - 00000000 ____D C:\Program Files\Serif
2017-05-12 23:00 - 2017-05-12 23:00 - 01570153 _____ C:\Users\josle\Downloads\Headlines - 12th May 2017.pdf
2017-05-10 15:50 - 2017-05-10 15:50 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-10 00:41 - 2017-04-28 01:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 00:41 - 2017-04-28 01:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 00:41 - 2017-04-28 01:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 00:41 - 2017-04-28 01:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 00:41 - 2017-04-28 01:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 00:41 - 2017-04-28 01:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 00:41 - 2017-04-28 01:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 00:41 - 2017-04-28 01:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 00:41 - 2017-04-28 01:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 00:41 - 2017-04-28 01:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 00:41 - 2017-04-28 01:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 00:41 - 2017-04-28 01:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 00:41 - 2017-04-28 01:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 00:41 - 2017-04-28 01:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 00:41 - 2017-04-28 01:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 00:41 - 2017-04-28 01:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 00:41 - 2017-04-28 01:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 00:41 - 2017-04-28 01:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 00:41 - 2017-04-28 01:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 00:41 - 2017-04-28 01:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 00:41 - 2017-04-28 01:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 00:41 - 2017-04-28 01:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 00:41 - 2017-04-28 01:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 00:41 - 2017-04-28 01:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 00:41 - 2017-04-28 01:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 00:41 - 2017-04-28 01:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 00:41 - 2017-04-28 01:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 00:41 - 2017-04-28 01:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 00:41 - 2017-04-28 01:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 00:41 - 2017-04-28 01:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 00:41 - 2017-04-28 01:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 00:41 - 2017-04-28 01:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 00:41 - 2017-04-28 01:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 00:41 - 2017-04-28 01:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 00:41 - 2017-04-28 01:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 00:41 - 2017-04-28 01:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 00:41 - 2017-04-28 01:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 00:41 - 2017-04-28 01:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 00:41 - 2017-04-28 01:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 00:41 - 2017-04-28 01:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 00:41 - 2017-04-28 01:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 00:41 - 2017-04-28 01:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 00:41 - 2017-04-28 01:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 00:41 - 2017-04-28 00:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 00:41 - 2017-04-28 00:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 00:41 - 2017-04-28 00:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 00:41 - 2017-04-28 00:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 00:41 - 2017-04-28 00:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 00:41 - 2017-04-28 00:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 00:41 - 2017-04-28 00:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 00:41 - 2017-04-28 00:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 00:41 - 2017-04-28 00:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 00:41 - 2017-04-28 00:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 00:41 - 2017-04-28 00:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 00:41 - 2017-04-28 00:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 00:41 - 2017-04-28 00:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 00:41 - 2017-04-28 00:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 00:41 - 2017-04-28 00:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 00:41 - 2017-04-28 00:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 00:41 - 2017-04-28 00:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 00:41 - 2017-04-28 00:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 00:41 - 2017-04-28 00:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 00:41 - 2017-04-28 00:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 00:41 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 00:41 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 00:41 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 00:41 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 00:41 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 00:41 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 00:40 - 2017-04-28 02:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 00:40 - 2017-04-28 01:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 00:40 - 2017-04-28 01:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 00:40 - 2017-04-28 01:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 00:40 - 2017-04-28 01:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 00:40 - 2017-04-28 01:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 00:40 - 2017-04-28 01:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 00:40 - 2017-04-28 01:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 00:40 - 2017-04-28 01:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 00:40 - 2017-04-28 01:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 00:40 - 2017-04-28 01:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 00:40 - 2017-04-28 01:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 00:40 - 2017-04-28 01:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 00:40 - 2017-04-28 01:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 00:40 - 2017-04-28 01:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 00:40 - 2017-04-28 01:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 00:40 - 2017-04-28 01:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 00:40 - 2017-04-28 01:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 00:40 - 2017-04-28 01:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 00:40 - 2017-04-28 01:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 00:40 - 2017-04-28 01:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 00:40 - 2017-04-28 01:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 00:40 - 2017-04-28 01:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 00:40 - 2017-04-28 01:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 00:40 - 2017-04-28 01:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 00:40 - 2017-04-28 01:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 00:40 - 2017-04-28 01:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 00:40 - 2017-04-28 01:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 00:40 - 2017-04-28 01:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 00:40 - 2017-04-28 01:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 00:40 - 2017-04-28 01:17 - 00095232 _____ (Microsoft Corporation)

Silverboots · May 30, 2017

Continued:

C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 00:40 - 2017-04-28 01:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 00:40 - 2017-04-28 01:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 00:40 - 2017-04-28 01:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 00:40 - 2017-04-28 01:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 00:40 - 2017-04-28 01:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 00:40 - 2017-04-28 01:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 00:40 - 2017-04-28 01:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 00:40 - 2017-04-28 01:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 00:40 - 2017-04-28 01:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 00:40 - 2017-04-28 01:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 00:40 - 2017-04-28 01:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 00:40 - 2017-04-28 01:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 00:40 - 2017-04-28 01:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 00:40 - 2017-04-28 01:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 00:40 - 2017-04-28 01:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 00:40 - 2017-04-28 01:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 00:40 - 2017-04-28 01:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 00:40 - 2017-04-28 01:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 00:40 - 2017-04-28 01:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 00:40 - 2017-04-28 01:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 00:40 - 2017-04-28 01:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 00:40 - 2017-04-28 01:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 00:40 - 2017-04-28 00:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 00:40 - 2017-04-28 00:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 00:40 - 2017-04-28 00:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 00:40 - 2017-04-28 00:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 00:40 - 2017-04-28 00:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 00:40 - 2017-04-28 00:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 00:40 - 2017-04-28 00:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 00:40 - 2017-04-28 00:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 00:40 - 2017-04-28 00:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-10 00:40 - 2017-04-28 00:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 00:40 - 2017-04-28 00:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 00:40 - 2017-04-28 00:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 00:40 - 2017-04-28 00:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 00:40 - 2017-04-28 00:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 00:40 - 2017-04-28 00:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 00:40 - 2017-04-28 00:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 00:40 - 2017-04-28 00:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 00:40 - 2017-04-28 00:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 00:40 - 2017-04-28 00:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 00:40 - 2017-04-28 00:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 00:40 - 2017-04-28 00:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 00:40 - 2017-04-28 00:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 00:40 - 2017-04-28 00:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 00:40 - 2017-04-28 00:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 00:40 - 2017-04-28 00:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 00:40 - 2017-04-28 00:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 00:40 - 2017-04-28 00:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 00:40 - 2017-04-28 00:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 00:40 - 2017-04-28 00:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 00:40 - 2017-04-28 00:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 00:40 - 2017-04-28 00:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 00:40 - 2017-04-28 00:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 00:40 - 2017-04-28 00:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 00:40 - 2017-04-28 00:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 00:40 - 2017-04-28 00:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 00:40 - 2017-04-28 00:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 00:40 - 2017-04-28 00:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 00:40 - 2017-04-28 00:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 00:40 - 2017-04-28 00:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 00:40 - 2017-04-28 00:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 00:40 - 2017-04-28 00:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 00:40 - 2017-04-28 00:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 00:40 - 2017-04-28 00:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 00:40 - 2017-04-28 00:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 00:40 - 2017-03-04 08:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 00:40 - 2017-03-04 07:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 00:40 - 2017-03-04 07:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 00:40 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 00:40 - 2017-03-04 07:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 00:40 - 2017-03-04 07:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 00:40 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 00:39 - 2017-04-28 01:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 00:39 - 2017-04-28 01:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 00:39 - 2017-04-28 01:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 00:39 - 2017-04-28 01:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 00:39 - 2017-04-28 01:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 00:39 - 2017-04-28 01:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 00:39 - 2017-04-28 01:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 00:39 - 2017-04-28 01:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 00:39 - 2017-04-28 01:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 00:39 - 2017-04-28 01:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 00:39 - 2017-04-28 01:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 00:39 - 2017-04-28 01:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 00:39 - 2017-04-28 01:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 00:39 - 2017-04-28 01:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 00:39 - 2017-04-28 01:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 00:39 - 2017-04-28 01:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 00:39 - 2017-04-28 01:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 00:39 - 2017-04-28 01:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 00:39 - 2017-04-28 00:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 00:39 - 2017-04-28 00:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 00:39 - 2017-04-28 00:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 00:39 - 2017-04-28 00:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 00:39 - 2017-04-28 00:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 00:39 - 2017-04-28 00:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 00:39 - 2017-04-28 00:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 00:39 - 2017-04-28 00:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 00:39 - 2017-04-28 00:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 00:39 - 2017-04-28 00:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 00:39 - 2017-04-28 00:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 00:39 - 2017-04-28 00:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 00:39 - 2017-04-28 00:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 00:39 - 2017-04-28 00:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 00:39 - 2017-04-28 00:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 00:39 - 2017-04-28 00:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 00:39 - 2017-04-28 00:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 00:39 - 2017-04-28 00:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 00:39 - 2017-04-28 00:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 00:39 - 2017-04-28 00:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 00:39 - 2017-04-28 00:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 00:39 - 2017-04-28 00:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 00:39 - 2017-04-28 00:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 00:39 - 2017-04-28 00:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 00:39 - 2017-04-28 00:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 00:39 - 2017-04-28 00:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 00:39 - 2017-04-28 00:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 00:39 - 2017-04-28 00:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 00:39 - 2017-04-28 00:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 00:39 - 2017-04-28 00:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 00:39 - 2017-04-28 00:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 00:39 - 2017-04-28 00:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 00:39 - 2017-04-28 00:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 00:39 - 2017-04-28 00:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 00:39 - 2017-04-28 00:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 00:39 - 2017-04-28 00:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 00:39 - 2017-04-28 00:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 00:39 - 2017-03-04 07:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 00:38 - 2017-04-28 01:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 00:38 - 2017-04-28 01:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 00:38 - 2017-04-28 01:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 00:38 - 2017-04-28 01:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 00:38 - 2017-04-28 01:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 00:38 - 2017-04-28 01:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 00:38 - 2017-04-28 01:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 00:38 - 2017-04-28 01:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 00:38 - 2017-04-28 01:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 00:38 - 2017-04-28 01:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 00:38 - 2017-04-28 01:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 00:38 - 2017-04-28 01:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 00:38 - 2017-04-28 01:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 00:38 - 2017-04-28 01:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 00:38 - 2017-04-28 01:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 00:38 - 2017-04-28 01:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 00:38 - 2017-04-28 01:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 00:38 - 2017-04-28 01:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 00:38 - 2017-04-28 01:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 00:38 - 2017-04-28 01:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 00:38 - 2017-04-28 01:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 00:38 - 2017-04-28 01:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 00:38 - 2017-04-28 01:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 00:38 - 2017-04-28 01:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 00:38 - 2017-04-28 01:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 00:38 - 2017-04-28 00:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 00:38 - 2017-04-28 00:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 00:38 - 2017-04-28 00:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 00:38 - 2017-04-28 00:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 00:38 - 2017-04-28 00:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 00:38 - 2017-04-28 00:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 00:38 - 2017-04-28 00:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 00:38 - 2017-04-28 00:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 00:38 - 2017-04-28 00:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 00:38 - 2017-04-28 00:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 00:38 - 2017-04-28 00:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 00:38 - 2017-04-28 00:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 00:38 - 2017-04-28 00:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 00:38 - 2017-04-28 00:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 00:38 - 2017-04-28 00:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 00:38 - 2017-04-28 00:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 00:38 - 2017-04-28 00:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 00:38 - 2017-04-28 00:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 00:38 - 2017-04-28 00:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 00:38 - 2017-04-28 00:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 00:38 - 2017-04-28 00:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 00:38 - 2017-04-28 00:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 00:38 - 2017-04-28 00:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 00:38 - 2017-04-28 00:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 00:38 - 2017-04-28 00:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 00:38 - 2017-04-28 00:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 00:38 - 2017-04-28 00:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 00:38 - 2017-04-28 00:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 00:38 - 2017-04-28 00:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 00:38 - 2017-04-28 00:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 00:38 - 2017-04-28 00:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 00:38 - 2017-04-28 00:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 00:38 - 2017-04-28 00:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 00:38 - 2017-03-04 07:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 00:37 - 2017-04-28 01:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 00:37 - 2017-04-28 01:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 00:37 - 2017-04-28 01:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 00:37 - 2017-04-28 01:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 00:37 - 2017-04-28 01:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 00:37 - 2017-04-28 01:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 00:37 - 2017-04-28 01:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 00:37 - 2017-04-28 01:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 00:37 - 2017-04-28 01:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 00:37 - 2017-04-28 01:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 00:37 - 2017-04-28 01:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 00:37 - 2017-04-28 01:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 00:37 - 2017-04-28 01:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 00:37 - 2017-04-28 01:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 00:37 - 2017-04-28 01:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 00:37 - 2017-04-28 01:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 00:37 - 2017-04-28 01:01 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-10 00:37 - 2017-04-28 01:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 00:37 - 2017-04-28 01:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 00:37 - 2017-04-28 01:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 00:37 - 2017-04-28 01:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 00:37 - 2017-04-28 00:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 00:37 - 2017-04-28 00:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 00:37 - 2017-04-28 00:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 00:37 - 2017-04-28 00:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 00:37 - 2017-04-28 00:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 00:37 - 2017-04-28 00:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 00:37 - 2017-04-28 00:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 00:37 - 2017-04-28 00:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 00:37 - 2017-04-28 00:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 00:37 - 2017-04-28 00:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 00:37 - 2017-04-28 00:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 00:37 - 2017-04-28 00:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 00:37 - 2017-04-28 00:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 00:37 - 2017-04-28 00:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 00:37 - 2017-04-28 00:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 00:37 - 2017-04-28 00:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 00:37 - 2017-04-28 00:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 00:37 - 2017-04-28 00:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 00:37 - 2017-04-28 00:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 00:37 - 2017-04-28 00:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 00:37 - 2017-04-28 00:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 00:37 - 2017-04-28 00:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 00:37 - 2017-04-28 00:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 00:37 - 2017-04-28 00:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 00:37 - 2017-04-28 00:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 00:37 - 2017-04-28 00:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 00:37 - 2017-04-28 00:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 00:37 - 2017-04-28 00:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 00:37 - 2017-04-28 00:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 00:37 - 2017-04-28 00:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 00:37 - 2017-04-28 00:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 00:37 - 2017-04-28 00:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 00:37 - 2017-04-28 00:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 00:37 - 2017-04-28 00:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 00:37 - 2017-04-28 00:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 00:37 - 2017-04-28 00:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 00:37 - 2017-04-28 00:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 00:37 - 2017-04-28 00:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 00:37 - 2017-04-28 00:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 00:37 - 2017-04-28 00:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 00:37 - 2017-04-28 00:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 00:37 - 2017-04-28 00:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 00:37 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-05 20:47 - 2017-05-05 20:47 - 01426918 _____ C:\Users\josle\Downloads\Headlines - 5th May 2017.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-30 21:57 - 2017-04-05 06:24 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-30 21:56 - 2016-11-22 16:22 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-30 03:35 - 2017-03-06 23:28 - 00000000 ___RD C:\Users\silve\OneDrive
2017-05-30 03:34 - 2017-04-01 17:10 - 00000000 ____D C:\Users\silve
2017-05-30 03:34 - 2017-04-01 17:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-30 03:34 - 2017-03-06 23:24 - 00000000 __SHD C:\Users\silve\IntelGraphicsProfiles
2017-05-29 17:22 - 2017-04-01 17:09 - 00000000 ____D C:\Users\josle
2017-05-29 17:22 - 2017-03-07 18:18 - 00000000 ___RD C:\Users\josle\OneDrive
2017-05-29 16:57 - 2017-03-07 18:14 - 00000000 __SHD C:\Users\josle\IntelGraphicsProfiles
2017-05-29 03:45 - 2016-11-23 00:32 - 01034634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-29 03:37 - 2016-11-23 00:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-28 14:01 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-28 12:16 - 2016-03-08 22:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-28 12:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-27 05:18 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-24 00:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-24 00:18 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-24 00:17 - 2017-03-08 20:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-24 00:13 - 2017-03-08 20:31 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-24 00:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-20 06:06 - 2015-08-31 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-20 05:51 - 2016-11-22 16:21 - 00394584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-20 05:50 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-19 05:20 - 2017-03-06 23:24 - 00000000 ____D C:\Users\silve\AppData\Local\Packages
2017-05-19 04:11 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-18 19:16 - 2015-07-10 12:04 - 00000159 _____ C:\WINDOWS\win.ini
2017-05-16 17:33 - 2017-03-07 18:15 - 00000000 ____D C:\Users\josle\AppData\Local\Google
2017-05-16 15:57 - 2017-03-07 00:14 - 00002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-13 20:21 - 2016-11-23 00:36 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-13 16:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-13 16:07 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-13 16:06 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-13 16:06 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-13 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-13 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-13 16:06 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-13 04:36 - 2017-03-07 01:39 - 00026077 _____ C:\Users\silve\Documents\Wish List Stephanie.odt
2017-05-13 03:51 - 2017-04-05 06:24 - 00158880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-05-12 23:08 - 2017-03-07 18:14 - 00000000 ____D C:\Users\josle\AppData\Local\Packages
2017-05-10 15:51 - 2017-04-05 06:31 - 00004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1491370280
2017-05-10 15:51 - 2017-04-05 06:31 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-10 15:50 - 2017-04-05 06:29 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-10 15:50 - 2017-04-05 06:24 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-10 00:02 - 2016-07-16 12:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll

==================== Files in the root of some directories =======

2017-04-01 17:06 - 2017-04-01 17:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2017-05-18 18:56 - 2017-05-18 19:16 - 0000824 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
2017-05-13 15:57 - 2017-05-13 15:59 - 61416208 _____ (Serif (Europe) Ltd) C:\Users\silve\AppData\Local\Temp\CraftArtist-2-en-GB_2.1.0.037_64-Bit_Patch-Setup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-05-30 04:53

==================== End of FRST.txt ============================

Silverboots · May 30, 2017

And here's the additional one:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-05-2017
Ran by silve (30-05-2017 22:03:27)
Running from C:\Users\silve\Downloads
Windows 10 Home Version 1607 (X64) (2017-04-01 16:37:21)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3465862728-4032867992-966525347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465862728-4032867992-966525347-503 - Limited - Disabled)
Guest (S-1-5-21-3465862728-4032867992-966525347-501 - Limited - Disabled)
josle (S-1-5-21-3465862728-4032867992-966525347-1002 - Limited - Enabled) => C:\Users\josle
silve (S-1-5-21-3465862728-4032867992-966525347-1001 - Administrator - Enabled) => C:\Users\silve

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== ATTENTION
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 1.0.13.0 - Dashlane SAS)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F2200_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
F2200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{60D6AAC5-FDC1-49BA-867B-3135F4726156}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4268 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros QCA9377 Wireless LAN & Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.067 - Qualcomm Atheros)
Rapport (x32 Version: 3.5.1804.96 - Trusteer) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Serif CraftArtist 2 Professional (HKLM\...\{D0BE8477-6206-4588-8148-971EDAB6BBAD}) (Version: 2.1.0.37 - Serif (Europe) Ltd)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shopandscan (HKLM-x32\...\{0AE44DE7-5B32-4151-8272-0FA6DAF800E8}) (Version: 1.0.0 - Kantar WorldPanel)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1804.96 - Trusteer)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.1.1.14 - WildTangent) Hidden
Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5) (HKLM\...\245A139F08D3D69654D8822673D0B5EBFB63EF38) (Version: 06/02/2008 2.0.5.5 - OPTO ELECTRONICS CO.,LTD)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B771BC2-F1FA-487A-8DB3-E3FB4ACD4F9A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software)
Task: {15C64A89-41E0-4620-A3F0-EEA6504101D8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {3997FB30-F2B7-4CC1-B50A-77A2B3B82B36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-07] (Google Inc.)
Task: {3A950C0E-1983-4C0E-878E-FE150908BB07} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-28] ()
Task: {4DC95DD5-61FA-4BC4-A744-F373C904040A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-07] (Google Inc.)
Task: {4F117C79-2706-4FBF-A748-C0259F51CEFA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-09-04] (Acer Incorporated)
Task: {59811B4D-71ED-43CE-81E2-FFFFCF0D5369} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software)
Task: {60090FA6-15DC-48AE-AD0E-9E06E9FEA7BC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-28] (Microsoft Corporation)
Task: {692C6C28-7509-4977-874C-31E58ACA06A0} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {6A1AECEC-0766-473B-AE79-EAAA31DE758F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {6A250F7B-4F8A-4FEA-8CAE-31F28DA85202} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {932EC946-767B-4FAA-9B54-A4A4A2DF1822} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {93C99DC9-B400-40D5-A6DF-4310EAF3F1A6} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2017-03-06] (AVAST Software)
Task: {95F00CCF-03BD-4E29-9DC9-70B47FFF078F} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {AFF2DA4F-F2B9-4C45-9BD5-7178BE68D991} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {B45E2ED8-49AB-4FCB-8D9E-047271C89D5A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-28] ()
Task: {BFD32D43-BC90-4129-BD17-0225590FFF28} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {D580BF3C-83CE-4E6B-B1A1-20EB95353BC4} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {DD52E0C2-62FA-4A3C-98FD-C68E8B6A87C5} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-09-04] (Acer Incorporated)
Task: {E0C21389-EC01-402F-A776-C3731FA73825} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2017-03-06] (AVAST Software)
Task: {E249F591-42CD-4CB5-8064-A74248BCDF75} - System32\Tasks\SafeZone scheduled Autoupdate 1491370280 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {F910D065-E1B9-41B1-BFAA-0E8BDA76150D} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {FBE1992D-A1B2-44DD-9601-A1A2F799B096} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-10] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-02-28 16:19 - 2017-02-28 16:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-03-06 23:22 - 2017-03-06 23:22 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 00:39 - 2017-04-28 01:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-06 20:49 - 2017-03-06 20:49 - 00410616 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-08-31 11:56 - 2015-05-08 18:41 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-11-22 23:55 - 2016-11-22 23:55 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-04-01 20:45 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-04-01 20:45 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-04-01 20:45 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-04-01 20:45 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 00:39 - 2017-04-28 00:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-16 15:57 - 2017-05-09 10:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-16 15:57 - 2017-05-09 10:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2017-05-26 00:01 - 2017-05-26 00:03 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 00:01 - 2017-05-26 00:03 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-26 00:01 - 2017-05-26 00:03 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-26 00:01 - 2017-05-26 00:03 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2015-07-10 11:38 - 2015-07-10 11:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-03-08 23:03 - 2015-02-09 04:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-06-24 02:07 - 2015-06-24 02:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-09-09 11:51 - 2016-09-09 11:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 11:51 - 2016-09-09 11:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 19:03 - 2016-08-15 19:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 19:05 - 2016-08-15 19:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 19:04 - 2016-08-15 19:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-04-01 17:13 - 2017-04-01 17:13 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 16:09 - 2016-08-30 16:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 16:05 - 2016-08-30 16:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3465862728-4032867992-966525347-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\silve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{91692DC0-BF42-45CE-82A5-6E667F038C2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DA225F5C-C571-418A-9132-30223D45C585}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{227DE642-B4A4-40DB-B65D-741AF59B20FE}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{153D9351-68F9-4CE6-AE66-5419EB374260}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{D1449E72-5288-4FF3-88B1-34F6AC527BFF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05EBF720-9C08-4032-9F83-DDB35AB3D67E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9374E55F-F31F-454E-8D92-4D68414A5ACB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BA76611A-53EA-4E98-9240-01D77C34D7E0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{630D24AF-2087-479C-B56D-3CAEEC7642C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{8834B0E5-005E-4EC5-8C51-38321F87A388}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{205B7952-30B0-438F-8FD1-CB371B8A9233}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{7A629D02-5D5D-43D5-BC7E-990486DB454A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{6CA97F38-8D6A-427C-8D09-A5AF6669C37B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{079D344F-9F7C-4767-ADD9-2873ABFC55FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{1E6E5442-52CE-4894-8537-E915EFE7C69F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe
FirewallRules: [{83AD95D0-E03C-48D7-8DAA-DF3D42EDB6AC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe
FirewallRules: [{2AFC3D58-8684-4AA3-B70E-BEE5E5B51B21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{586E2469-4335-4CAC-88AE-84B2427A68A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{03355805-77E6-4BF9-B5E5-DE038061560B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{57F543A0-F455-430E-9CC0-3BCECF3A7B89}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{F00FF5F8-7FBF-4A8E-808A-7A4E4227BC0B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7BF0B260-FAC2-48F6-AA9A-7DDA1819E318}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{D195F53C-2A92-4C03-8E71-7A01E771CF52}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{06204624-58BF-4243-9EB9-4B20566C2C83}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{04035330-82F1-48FE-A945-4AE41FF851E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{A3D65FF7-9F75-4822-9AF9-BC6B55020B1C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{238E18E3-74FE-4E7C-ACEE-FF24C8679DFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{069E6C54-0EF9-4C4D-8458-4F4793882CA9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{B6764725-04D6-4A0A-AABA-7FEDDA1343BC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5D6681D5-FA29-4EEB-B6D8-ED477FF95BD3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2017 03:34:12 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: LAPTOP-CVU8QSHV)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (05/29/2017 04:57:34 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: LAPTOP-CVU8QSHV)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (05/29/2017 05:08:28 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: LAPTOP-CVU8QSHV)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (05/28/2017 07:56:38 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: The Windows log-on process has unexpectedly terminated.

Error: (05/28/2017 07:56:38 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: The Windows log-on process has unexpectedly terminated.

Error: (05/28/2017 07:56:38 PM) (Source: Winlogon) (EventID: 4005) (User: )
Description: The Windows log-on process has unexpectedly terminated.

Error: (05/25/2017 11:55:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-CVU8QSHV)
Description: Activation of application Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/25/2017 04:18:45 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: LAPTOP-CVU8QSHV)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018

Error: (05/25/2017 04:17:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-CVU8QSHV)
Description: Activation of application Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (05/24/2017 08:03:11 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected

System errors:
=============
Error: (05/30/2017 02:10:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 04:53:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2017 03:34:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/29/2017 05:22:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/29/2017 04:57:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/29/2017 05:27:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/29/2017 03:55:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (05/29/2017 03:42:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dashlane Upgrade Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (05/29/2017 03:42:33 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dashlane Upgrade Service service to connect.

Error: (05/29/2017 03:38:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 42%
Total physical RAM: 8107.32 MB
Available physical RAM: 4687.72 MB
Total Virtual: 9387.32 MB
Available Virtual: 5772.54 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:1862.41 GB) (Free:1756.93 GB) NTFS
Drive d: (Serif CraftArtis) (CDROM) (Total:1.76 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 29DA570E)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · May 30, 2017

Uninstall following unwanted program: Amazon Assistant.

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Double click on downloaded setup.exe file to install the program.
Click on Start Scan button.
Click on another Start Scan button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
Then click Finish.
Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.
The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
The tool will start to update the database if one is required.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Logfile button.
A window will open which lists the logs of your scans.
Click on the Scan tab.
Double-click the most recent scan which will be at the top of the list....the log will appear.
Review the results...see note below
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Silverboots · May 30, 2017

Hi, sorry I should've said earlier. I already tried to uninstall it but both the uninstall and modify buttons were greyed out and unclickable. I also tried deleting the whole amazon folder from the program files (x86) folder where it seems to be stored but it won't let me cos it says the folder or a file from it is open in another program. I closed all the windows it opened and tried deleting it again but I think it opens new windows too quickly, cos I got the same message. Tried dragging it to the recycle bin but same result. Should I go ahead and do the rest of what you said or does it need to be uninstalled first?

Broni · May 30, 2017

Yes, go ahead with other steps.

Silverboots · May 31, 2017

Cool.
Also, should I back up my files? I have a portable hard drive but if I connect it to my laptop could the virus get on it?
I did a scan with the rogue killer and it found 17 infected files and like an ***** I automatically clicked delete. I should've asked you first. Could I have deleted something important that I shouldn't have? Is there any way to know for sure? I also *****ically turned the wifi off by accident partway through and a window came up saying it couldn't connect to the internet. I don't know if this hindered the scan somehow? Here's the scan log anyway. I'm doing another one just in case. I'll try to be more careful about following your instructions from now on.

RogueKiller V12.11.0.0 (x64) [May 29 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : silve [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 05/31/2017 05:16:41 (Duration : 01:01:16)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonBrowserHelper64.dll) -> Deleted
[PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Deleted
[PUP.Gen1] (X64) HKEY_CLASSES_ROOT\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450} (C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll) -> Deleted
[PUP.Conduit|PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\Conduit -> Deleted
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer15.msn.com/?pc=ACTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer15.msn.com/?pc=ACTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer15.msn.com/?pc=ACTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer15.msn.com/?pc=ACTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ada40ca5-2f16-405e-afdd-0c022b8eee3b} | DhcpNameServer : 40.33.1.55 ([United States]) -> Replaced ()

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 8 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\DriverSetupUtility -> Deleted
[PUP.Gen1][File] C:\ProgramData\DriverSetupUtility\FUB\ts.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\DriverSetupUtility\FUB -> Deleted
[PUP.Gen1][File] C:\ProgramData\DriverSetupUtility\updater2\task.bat -> Deleted
[PUP.Gen1][File] C:\ProgramData\DriverSetupUtility\updater2\ts.xml -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\DriverSetupUtility\updater2 -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Apps\4efc125e5bdfe64bf86cc73a85a9d56ebf10231c.pokki -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Apps -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\avcodec-54.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\avformat-54.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\avutil-51.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\chrome.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\chrome_100_percent.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\chrome_touch_100_percent.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\chrome_touch_140_percent.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\chrome_touch_180_percent.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\content_resources.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\D3DCompiler_43.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\d3dx9_43.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\en-US.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\HostAppService.exe -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\icudt.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\auditsPanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\AuditsPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\breadcrumbList.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\cmdevtools.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\codemirror.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\CodeMirrorTextEditor.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\cssNamedFlows.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\dataGrid.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\devTools.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\devtools.html -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\DevTools.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\devtools_extension_api.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\elementsPanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\ElementsPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\filteredItemSelectionDialog.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\heapProfiler.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\HeapSnapshotWorker.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\helpScreen.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\applicationCache.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\back.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\breakpointBorder.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\breakpointConditionalBorder.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\breakpointConditionalCounterBorder.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\breakpointCounterBorder.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\checker.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\closeButtons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\cookie.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\database.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\databaseTable.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\debuggerContinue.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\debuggerPause.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\debuggerStepInto.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\debuggerStepOut.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\debuggerStepOver.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\deleteIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallDown.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallDownBlack.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallDownWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallRight.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallRightBlack.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallRightDown.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallRightDownBlack.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallRightDownWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\disclosureTriangleSmallRightWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\domain.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\errorIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\errorMediumIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\errorRedDot.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\fileSystem.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\forward.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\frame.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\glossyHeader.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\glossyHeaderPressed.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\glossyHeaderSelected.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\glossyHeaderSelectedPressed.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\goArrow.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\graphLabelCalloutLeft.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\graphLabelCalloutRight.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\indexedDB.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\indexedDBIndex.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\indexedDBObjectStore.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\localStorage.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\namedFlowOverflow.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\navigatorShowHideButton.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneAddButtons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneBottomGrow.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneBottomGrowActive.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneElementStateButtons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneFilterButtons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneGrowHandleLine.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneRefreshButtons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\paneSettingsButtons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\popoverArrows.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\popoverBackground.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\profileGroupIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\profileIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\profileSmallIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\profilesSilhouette.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\programCounterBorder.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\radioDot.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\regionEmpty.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\regionFit.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\regionOverset.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourceCSSIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourceDocumentIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourceDocumentIconSmall.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourceJSIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourcePlainIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourcePlainIconSmall.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourcesSizeGraphIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\resourcesTimeGraphIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\scriptsSilhouette.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\searchNext.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\searchPrev.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\searchSmallBlue.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\searchSmallBrightBlue.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\searchSmallGray.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\searchSmallWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segment.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentChromium.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentEnd.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentHover.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentHoverChromium.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentHoverEnd.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentHoverEndChromium.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentSelected.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentSelectedChromium.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentSelectedEnd.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\segmentSelectedEndChromium.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\sessionStorage.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\spinner.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\spinnerActive.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\spinnerActiveSelected.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\spinnerInactive.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\spinnerInactiveSelected.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\splitviewDimple.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\splitviewDividerBackground.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\statusbarButtonGlyphs.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\statusbarButtonGlyphs2x.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\statusbarResizerHorizontal.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\statusbarResizerVertical.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\successGreenDot.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\thumbActiveHoriz.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\thumbActiveVert.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\thumbHoriz.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\thumbHoverHoriz.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\thumbHoverVert.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\thumbVert.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\tickMark.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillBlue.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillGray.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillGreen.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillOrange.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillPurple.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillRed.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelineHollowPillYellow.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillBlue.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillGray.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillGreen.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillOrange.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillPurple.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillRed.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\timelinePillYellow.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\toolbarIcons.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\toolbarIconsSmall.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\toolbarItemSelected.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\trackHoriz.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\trackVert.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\treeDownTriangleBlack.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\treeDownTriangleWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\treeRightTriangleBlack.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\treeRightTriangleWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\treeUpTriangleBlack.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\treeUpTriangleWhite.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\userInputIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\userInputPreviousIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\userInputResultIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\warningIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\warningMediumIcon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\warningOrangeDot.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images\warningsErrors.png -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\Images -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\indexedDBViews.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\inspectorCommon.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\nativeMemoryProfiler.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\navigatorView.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\networkLogView.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\networkPanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\NetworkPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\panelEnablerView.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\profilesPanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\ProfilesPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\resourcesPanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\ResourcesPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\resourceView.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\revisionHistory.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\ScriptFormatterWorker.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\scriptsPanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\ScriptsPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\splitView.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\tabbedPane.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\textEditor.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\textPrompt.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\timelinePanel.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\TimelinePanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector\webGLProfiler.css -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\inspector -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\libEGL.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\libGLESv2.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\libPokki.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\Microsoft.VC90.CRT\msvcr90.dll -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\Microsoft.VC90.CRT -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\nacl_irt_x86_32.nexe -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\nacl_irt_x86_64.nexe -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\ppGoogleNaClPluginChrome.dll -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\resources.pak -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\build\build -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\build\Gruntfile.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\build\package.json -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\build\README.md -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\build -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\color-auto.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\history-blank-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\history-blank-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\history-blank-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\history-blank-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic1-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic1-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic1-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic1b-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic1b-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic1b-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic2-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic2-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic2-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic2b-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic2b-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic2b-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic3-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic3-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark\updates-graphic3-96.png -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\dark -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\default-program-icon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\favoriter-close.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folder-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folder-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folder-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folder-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folder-fullscreen.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folders-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folders-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folders-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\folders-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\generic-folder-19.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\generic-folder-42.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-blank-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-blank-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-blank-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-blank-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-clear-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-clear-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-clear-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\history-clear-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\home-icon-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\home-icon-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\home-icon-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\home-icon-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\icon-options.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\label-close-icon-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\label-close-icon-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\label-close-icon-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\label-info-icon-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\label-info-icon-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\label-info-icon-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\metro-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\metro-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\modern-ui-folder-icon-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\modern-ui-folder-icon-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\modern-ui-folder-icon-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\get-started-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\get-started-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\get-started-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-120.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-144.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-96.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-static-120.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-static-144.gif -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo\onboarding-static-96.gif -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem\lenovo -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\oem -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\popular_apps-icon.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\prompt-close-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\prompt-close-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\prompt-close-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\prompt-close-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\samplebg.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\search-close-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\search-close-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\search-close-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\search-close-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\star-120.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\star-144.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\star-192.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\star-96.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-1.25x.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-1.5x.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-1x.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-2.5x.png -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\sticky_banner\close-x-2x.png -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images\sticky_banner -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\images -> Deleted

Silverboots · May 31, 2017

[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\config.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\chroma.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\ember-1.0.0-pre.2.min.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\handlebars-1.0.rc.1.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\handlebars.runtime-1.0.rc.1.min.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\html5sql.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\intel-2in1.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\intel-display.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\intel-technologyaccess.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\jquery-1.8.2.min.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\jquery.mobile.custom.min.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\LocalStore.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\md5.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\SmoothScroll.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib\util.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\lib -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\controllers\favorites.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\controllers\menu.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\controllers\recommended.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\controllers\search.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\controllers\settings.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\controllers -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models\app.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models\favorite.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models\folder.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models\language.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models\notification.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models\shortcut.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\models.concat.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\app.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\appIcon.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\appNotifications.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\appPage.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\appResults.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\appResultsByTopLevel.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\appResultsGridByTopLevel.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\bubbleLayout.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\confirmAnalytics.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\confirmSettings.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\customSelectColor.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\favorite.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\favorites.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\favoritesFull.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\folder.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\folderGrid.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\folderIcon.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\fullscreenLayout.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\launcher.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\launcherFull.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\notification.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\oemOnboarding.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\promptBubble.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\recommendedApp.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\recommendedApps.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\search.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\searchFull.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\settings.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\shortcut.handlebars -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates\updates.handlebars -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\templates.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\allApps.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\app.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\appIcon.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\appNotifications.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\appPage.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\appScroller.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\bubble.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\confirmAnalytics.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\confirmSettings.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\controlPanel.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\customSelectColor.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\favorite.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\favoriteFull.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\favorites.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\favoritesFull.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\folder.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\fullScreen.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\menu.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\menuFull.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\notification.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\promptBubble.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\search.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\settings.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\shortcut.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views\updates.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform\views.concat.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\platform.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar\StickyToast.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar\test.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar\Toast.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar\Toasts.js -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar\util.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts\sidebar.js -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\scripts -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\apps.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi120.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi120fullscreen.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi144.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi192.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi192fullscreen.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi240fullscreen.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\dpi96fullscreen.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\fullscreen.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\sidebar.css -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\themes\dark.css -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles\themes -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\styles -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\arrow-sm.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\arrow.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\caution.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\checkmark.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\mag-120.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\mag-144.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\mag-96.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\mag-fs-150.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\metro-icon.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\notifications-120.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\notifications-144.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\notifications-96.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\option-arrow.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\page-left.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\page-right.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\powerbutton-150.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\scroll-down.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\scroll-up.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\showmore-150.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\toast-close.svg -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg\x-fs-150.svg -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets\svg -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\assets -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\da\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\da -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\de\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\de -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\en-US\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\en-US -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\es\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\es -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\es-419\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\es-419 -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\fi\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\fi -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\fr\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\fr -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\it\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\it -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\ja\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\ja -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\ko\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\ko -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\no\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\no -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\pt-BR\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\pt-BR -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\ru\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\ru -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\sv\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\sv -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\zh-CN\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\zh-CN -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\zh-TW\strings.txt -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages\zh-TW -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\languages -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications\sidebar.html -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps\notifications -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine\sysapps -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Engine\wow_helper.exe -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\Engine -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\IconCache\persistent\App Explorer.ico -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\IconCache\persistent -> Deleted
[PUP.Gen1][Folder] C:\Users\silve\AppData\Local\Host App Service\IconCache -> Deleted
[PUP.Gen1][File] C:\Users\silve\AppData\Local\Host App Service\Uninstall.exe -> Deleted
[PUP.Gen1][Folder] C:\ProgramData\DriverSetupUtility -> ERROR [3]
[PUP.Gen1][File] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk [LNK@] C:\Users\silve\AppData\Local\HOSTAP~1\Engine\HOSTAP~2.EXE /OPEN"4efc125e5bdfe64bf86cc73a85a9d56ebf10231c" -> Deleted
[PUP.Gen1][File] C:\$RECYCLE.BIN\S-1-5-21-3465862728-4032867992-966525347-1002\$RBV92E8.lnk [LNK@] C:\Users\silve\AppData\Local\HOSTAP~1\Engine\HOSTAP~2.EXE /OPEN"4efc125e5bdfe64bf86cc73a85a9d56ebf10231c" -> Deleted
[PUP.Gen1][Folder] C:\Program Files\Booking.COM -> Deleted
[PUP.Gen1][File] C:\Program Files\Booking.COM\Booking.com.lnk -> Deleted
[PUP.Gen1][File] C:\Program Files\Booking.COM\Booking.ico -> Deleted
[PUP.Gen1][File] C:\Program Files\Booking.COM\StartURL.exe -> Deleted
[PUP.Gen1][File] C:\Program Files\Booking.COM\Version.txt -> Deleted
[PUP.Gen1][Folder] C:\Program Files\DriverSetupUtility -> Removed at reboot [91]
[PUP.Gen1][Folder] C:\Program Files\DriverSetupUtility\FUB -> ERROR [5]
[PUP.Gen1][File] C:\Users\Default\Desktop\App Explorer.lnk [LNK@] C:\Users\silve\AppData\Local\HOSTAP~1\Engine\HOSTAP~2.EXE /OPEN"4efc125e5bdfe64bf86cc73a85a9d56ebf10231c" -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST2000LM003 HN-M201RAD +++++
--- User ---
[MBR] b04e8027592359fdb2d2581e6316d5cb
[BSP] c2c44d0d4c5921c8538f65c88f916a6d : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 239616 | Size: 1907112 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 3906004992 | Size: 500 MB
User = LL1 ... OK
User = LL2 ... OK

Silverboots · May 31, 2017

Just looked back over my reply and noticed the word *I*d*I*o*t* is not showing. Is that a no-no word? Good job I didn't swear then

(though I've done plenty of that since this bloody virus showed up!)

Silverboots · May 31, 2017

Oh but bloody is allowed? lol

Silverboots · May 31, 2017

Here's the result of the second scan:
RogueKiller V12.11.0.0 (x64) [May 29 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.14393) 64 bits version
Started in : Normal mode
User : silve [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 05/31/2017 06:21:24 (Duration : 00:59:52)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[PUP.Gen1][Folder] C:\Program Files\DriverSetupUtility -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST2000LM003 HN-M201RAD +++++
--- User ---
[MBR] b04e8027592359fdb2d2581e6316d5cb
[BSP] c2c44d0d4c5921c8538f65c88f916a6d : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 239616 | Size: 1907112 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 3906004992 | Size: 500 MB
User = LL1 ... OK
User = LL2 ... OK

Silverboots · May 31, 2017

Just realised that your instructions did actually say to delete the infected files. Sorry. Must've left my brain in my other handbag.

Silverboots · May 31, 2017

Just remembered. Earlier, while one of the scans was running, (can't remember which one) a bow came up wanting me to put my PIN in (my computer can be logged onto with either a password or a PIN). Can't remember exactly what it said but I remember seeing something about Windows and my email address, maybe confirming....? My first thought was that it was like an administrator permission thing but I wasn't convinced (I forget why), so I clicked cancel, the box went away and nothing else happened. Was I wrong?

Silverboots · May 31, 2017

Done the Malwarebytes scan. It found 3. It had a quarantine button rather than remove threats button. I pressed it but when I looked in the quarantine there was nothing there. Is that supposed to happen? I've started another scan just in case.
I haven't been prompted to restart my computer. Is that bad?
Couldn't find history but I think I've found an alternative way to get the logs. Here's the first:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/31/17
Scan Time: 7:37 AM
Log File: scan 1.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.2056
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: LAPTOP-CVU8QSHV\silve

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399064
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 6 min, 21 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.Amazon1Button, HKCR\\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO, Quarantined, [1467], [386607],1.0.2056
PUP.Optional.Amazon1Button, HKCR\\Amazon1ButtonRuntime.Amazon1ButtonRuntime, Quarantined, [1467], [386607],1.0.2056
PUP.Optional.Amazon1Button, HKCR\\Amazon1ButtonRuntime.AmazonRuntimeServer, Quarantined, [1467], [386607],1.0.2056

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

And here's the second scan log:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/31/17
Scan Time: 7:48 AM
Log File: scan 2.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.122
Update Package Version: 1.0.2056
License: Trial

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: LAPTOP-CVU8QSHV\silve

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 399071
Threats Detected: 3
Threats Quarantined: 3
Time Elapsed: 5 min, 24 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.Amazon1Button, HKCR\\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO, Quarantined, [1467], [386607],1.0.2056
PUP.Optional.Amazon1Button, HKCR\\Amazon1ButtonRuntime.Amazon1ButtonRuntime, Quarantined, [1467], [386607],1.0.2056
PUP.Optional.Amazon1Button, HKCR\\Amazon1ButtonRuntime.AmazonRuntimeServer, Quarantined, [1467], [386607],1.0.2056

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

(end)

Silverboots · May 31, 2017

Here are the AdwCleaner results for the scan:

# AdwCleaner v6.047 - Logfile created 31/05/2017 at 08:15:44
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-30.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : silve - LAPTOP-CVU8QSHV
# Running from : C:\Users\silve\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Folder Found: C:\Users\josle\AppData\Local\Host App Service
Folder Found: C:\Users\Default\AppData\Local\Host App Service

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious keys found.

***** [ Shortcuts ] *****

No infected shortcut found.

***** [ Scheduled Tasks ] *****

No malicious task found.

***** [ Registry ] *****

Key Found: HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.AABroker
Key Found: HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.Messenger
Key Found: HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
Key Found: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
Key Found: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
Key Found: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
Key Found: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
Key Found: [x64] HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.AABroker
Key Found: [x64] HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.Messenger
Key Found: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
Key Found: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
Key Found: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
Key Found: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
Key Found: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
Key Found: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
Key Found: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Key Found: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Key Found: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Key Found: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Key Found: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Key Found: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Key Found: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Key Found: HKU\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Found: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
Key Found: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL

***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found: [C:\Users\josle\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com
Chrome pref Found: [C:\Users\josle\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.searchnow.com

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [4371 Bytes] - [31/05/2017 08:15:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4444 Bytes] ##########

Silverboots · May 31, 2017

And the cleaning log:

# AdwCleaner v6.047 - Logfile created 31/05/2017 at 08:21:23
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-30.2 [Server]
# Operating System : Windows 10 Home (X64)
# Username : silve - LAPTOP-CVU8QSHV
# Running from : C:\Users\silve\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\josle\AppData\Local\Host App Service
[-] Folder deleted: C:\Users\Default\AppData\Local\Host App Service

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.AABroker
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.Messenger
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Key deleted: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.AABroker
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon.AmazonAssistant.Messenger
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.AppGateway
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\AmazonAppIE.GadgetGateway
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
[-] Key deleted: HKU\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL

***** [ Web browsers ] *****

[-] [C:\Users\josle\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com
[-] [C:\Users\josle\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.searchnow.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4337 Bytes] - [31/05/2017 08:21:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [4579 Bytes] - [31/05/2017 08:15:44]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4483 Bytes] ##########

Silverboots · May 31, 2017

And here's the junkware removal file:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64
Ran by silve (Administrator) on 31/05/2017 at 8:35:48.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E5BBC1D48D1936607C8B41890094880B (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1451F406-7038-4CB5-81BD-034C2F6E0883} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A970CC88-CD63-404E-985B-6F3E1700F6D2} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31/05/2017 at 8:42:32.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Silverboots · May 31, 2017

What's next oh wise one?

Broni · May 31, 2017

Regular backup is always recommended but in this case you can wait until your computer is clean.

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

Silverboots · May 31, 2017

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-05-2017
Ran by silve (administrator) on LAPTOP-CVU8QSHV (01-06-2017 02:50:30)
Running from C:\Users\silve\Downloads
Loaded Profiles: silve (Available Profiles: silve & josle)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\Run: [GoogleChromeAutoLaunch_E5BBC1D48D1936607C8B41890094880B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].txt [4618 2017-05-31] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\silve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-03-23]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{6db06132-c348-4cc3-9106-0472e8853cdb}: [DhcpNameServer] 77.234.40.79
Tcpip\..\Interfaces\{a0cacfd8-88aa-48e2-8c9f-6250e84227ae}: [DhcpNameServer] 192.168.1.254 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-3465862728-4032867992-966525347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKU\S-1-5-21-3465862728-4032867992-966525347-1001 -> DefaultScope {1451F406-7038-4CB5-81BD-034C2F6E0883} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-28] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2017-03-13] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default [2017-06-01]
CHR Extension: (Google Slides) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-07]
CHR Extension: (Google Docs) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-07]
CHR Extension: (Google Drive) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-07]
CHR Extension: (Rapport) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-05-16]
CHR Extension: (YouTube) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-07]
CHR Extension: (Google Sheets) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-07]
CHR Extension: (Avast Online Security) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-28]
CHR Extension: (Pinterest Save Button) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2017-04-23]
CHR Extension: (FlyOrDie Backgammon) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjajfipfoldnngmddjicblncidmijama [2017-03-07]
CHR Extension: (EasyHome Homestyler) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2017-05-28]
CHR Extension: (Little Alchemy) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2017-03-07]
CHR Extension: (Google Play) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2017-03-07]
CHR Extension: (Do It (Tomorrow)) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2017-03-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Texas Holdem Poker) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojbaogcpfpkhbmjmefladpimcmfggkjl [2017-03-07]
CHR Extension: (OhMyDollz) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\okigcjnedlemakbamnbgkmdoegkhdble [2017-03-07]
CHR Extension: (Gmail) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-20]
CHR Extension: (Black Black Chrome Theme Purple Highlight) - C:\Users\silve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhjkffljijlebgbmppbgeoikaafbbek [2017-03-07]
CHR HKU\S-1-5-21-3465862728-4032867992-966525347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [102064 2017-02-28] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2017-03-30] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-24] (Dashlane SAS)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350576 2017-03-13] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-03-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-04] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-04] (Acer Incorporated)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2401264 2017-03-01] (IBM Corp.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2017-03-06] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158880 2017-05-13] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-10] (AVAST Software)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-04] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-31] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-31] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-31] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-31] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-31] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-04] (Acer Incorporated)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [382432 2017-03-01] (IBM Corp.)
R1 RapportCerberus_1804047; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys [1264776 2017-05-16] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [582208 2017-03-01] (IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [252288 2017-03-01] (IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [506016 2017-03-01] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [605024 2017-03-01] (IBM Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2017-03-14] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-01 02:50 - 2017-06-01 02:50 - 00000000 ____D C:\Users\silve\Downloads\FRST-OlderVersion
2017-05-31 08:42 - 2017-05-31 08:42 - 00000960 _____ C:\Users\silve\Desktop\JRT.txt
2017-05-31 08:34 - 2017-05-31 08:35 - 01663672 _____ (Malwarebytes) C:\Users\silve\Downloads\JRT.exe
2017-05-31 08:25 - 2017-05-31 08:25 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-31 08:20 - 2017-05-31 08:20 - 00001014 _____ C:\Users\silve\Desktop\AdwCleaner - Shortcut.lnk
2017-05-31 08:08 - 2017-05-31 08:27 - 00000000 ____D C:\AdwCleaner
2017-05-31 08:08 - 2017-05-31 08:08 - 04110280 _____ C:\Users\silve\Downloads\AdwCleaner.exe
2017-05-31 08:01 - 2017-05-31 08:01 - 00000000 ____D C:\Users\silve\Documents\Scan logs
2017-05-31 07:35 - 2017-05-31 18:11 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-31 07:35 - 2017-05-31 17:58 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-31 07:35 - 2017-05-31 17:58 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-31 07:35 - 2017-05-31 17:57 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-31 07:35 - 2017-05-31 07:35 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-31 07:35 - 2017-05-31 07:35 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-31 07:35 - 2017-05-31 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-31 07:35 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-31 07:34 - 2017-05-31 07:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-31 07:34 - 2017-05-31 07:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-31 07:29 - 2017-05-31 07:34 - 63364552 _____ (Malwarebytes ) C:\Users\silve\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-31 05:16 - 2017-05-31 05:16 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-05-31 05:14 - 2017-05-31 07:30 - 00000000 ____D C:\ProgramData\RogueKiller
2017-05-31 05:14 - 2017-05-31 05:14 - 00000903 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-05-31 05:14 - 2017-05-31 05:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-05-31 05:14 - 2017-05-31 05:14 - 00000000 ____D C:\Program Files\RogueKiller
2017-05-31 05:10 - 2017-05-31 05:13 - 35401960 _____ (Adlice Software ) C:\Users\silve\Downloads\RogueKiller_setup.exe
2017-05-30 22:06 - 2017-05-30 22:06 - 00000976 _____ C:\Users\silve\Desktop\FRST64 - Shortcut.lnk
2017-05-30 22:03 - 2017-05-30 22:04 - 00034582 _____ C:\Users\silve\Downloads\Addition.txt
2017-05-30 22:01 - 2017-06-01 02:52 - 00022165 _____ C:\Users\silve\Downloads\FRST.txt
2017-05-30 22:01 - 2017-06-01 02:50 - 00000000 ____D C:\FRST
2017-05-30 21:59 - 2017-06-01 02:50 - 02431488 _____ (Farbar) C:\Users\silve\Downloads\FRST64.exe
2017-05-30 03:35 - 2017-05-30 03:35 - 00000000 ___HD C:\OneDriveTemp
2017-05-28 12:02 - 2017-05-28 12:02 - 00000000 ____D C:\Users\silve\Documents\Custom Office Templates
2017-05-18 19:36 - 2017-05-18 19:36 - 00000000 ____D C:\Users\silve\AppData\Local\HP
2017-05-18 19:19 - 2017-05-18 19:43 - 00000000 ____D C:\Users\silve\AppData\Roaming\HP
2017-05-18 19:19 - 2017-05-18 19:19 - 00000000 ____D C:\ProgramData\WEBREG
2017-05-18 19:14 - 2017-05-25 23:55 - 00000000 ____D C:\Users\silve\AppData\Roaming\HpUpdate
2017-05-18 19:13 - 2017-05-18 19:44 - 00000000 ____D C:\ProgramData\HP Photo Creations
2017-05-18 19:13 - 2017-05-18 19:13 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2017-05-18 19:13 - 2017-05-18 19:13 - 00000000 ____D C:\Program Files (x86)\HP Photo Creations
2017-05-18 19:12 - 2017-05-18 19:12 - 00001402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2017-05-18 19:12 - 2017-05-18 19:12 - 00001396 _____ C:\Users\Public\Desktop\HP Solution Center.lnk
2017-05-18 19:12 - 2017-05-18 19:12 - 00000000 ____D C:\ProgramData\HP Product Assistant
2017-05-18 19:08 - 2017-05-18 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-05-18 19:06 - 2017-05-18 19:14 - 00000000 ____D C:\Program Files (x86)\HP
2017-05-18 18:56 - 2017-05-18 19:17 - 00000000 ____D C:\ProgramData\HP
2017-05-18 18:56 - 2017-05-18 19:16 - 00187699 _____ C:\WINDOWS\hpoins27.dat
2017-05-18 18:56 - 2012-09-26 15:23 - 00000584 ____N C:\WINDOWS\hpomdl27.dat
2017-05-18 18:55 - 2009-07-08 11:51 - 00938496 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiax7.dll
2017-05-18 18:55 - 2009-07-08 11:51 - 00740864 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl6.dll
2017-05-18 18:55 - 2009-07-08 11:51 - 00551424 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppldcoi.dll
2017-05-18 18:55 - 2009-07-08 11:51 - 00505344 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst15.dll
2017-05-18 18:48 - 2017-05-18 18:54 - 185717360 _____ C:\Users\silve\Downloads\DJ_AIO_03_F2200_NonNet_Full_Win_WW_140_404-4.exe
2017-05-18 18:46 - 2017-05-18 18:46 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-05-17 19:45 - 2017-05-17 19:45 - 00000000 ____D C:\Users\silve\AppData\Roaming\Google
2017-05-16 17:32 - 2017-05-16 17:32 - 00000000 ____D C:\Users\josle\AppData\Local\Trusteer
2017-05-16 02:18 - 2017-03-01 17:26 - 00506016 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2017-05-16 02:18 - 2017-03-01 17:26 - 00252288 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2017-05-16 02:17 - 2017-05-16 02:17 - 00000000 ____D C:\Users\silve\AppData\Local\Trusteer
2017-05-16 02:17 - 2017-05-16 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2017-05-16 02:17 - 2017-05-16 02:17 - 00000000 ____D C:\Program Files (x86)\Trusteer
2017-05-16 02:15 - 2017-05-16 02:15 - 00000000 ____D C:\ProgramData\Trusteer
2017-05-16 02:14 - 2017-05-16 02:14 - 00483824 _____ (IBM Corp.) C:\Users\silve\Downloads\RapportSetup.exe
2017-05-15 22:04 - 2017-05-15 22:04 - 00000000 ___HD C:\$AV_ASW
2017-05-13 14:40 - 2017-05-13 14:40 - 00000000 ____D C:\Users\silve\Documents\My Digikits
2017-05-13 14:39 - 2017-05-13 14:39 - 00000000 ____D C:\Users\silve\AppData\Roaming\Serif
2017-05-13 14:38 - 2017-05-13 14:38 - 00002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif CraftArtist 2.lnk
2017-05-13 14:38 - 2017-05-13 14:38 - 00002220 _____ C:\Users\Public\Desktop\Serif CraftArtist 2.lnk
2017-05-13 14:38 - 2017-05-13 14:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications
2017-05-13 14:37 - 2017-05-13 16:00 - 00000000 ____D C:\Program Files\Serif
2017-05-12 23:00 - 2017-05-12 23:00 - 01570153 _____ C:\Users\josle\Downloads\Headlines - 12th May 2017.pdf
2017-05-10 15:50 - 2017-05-10 15:50 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-10 00:41 - 2017-04-28 01:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 00:41 - 2017-04-28 01:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 00:41 - 2017-04-28 01:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 00:41 - 2017-04-28 01:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 00:41 - 2017-04-28 01:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 00:41 - 2017-04-28 01:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 00:41 - 2017-04-28 01:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 00:41 - 2017-04-28 01:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 00:41 - 2017-04-28 01:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 00:41 - 2017-04-28 01:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 00:41 - 2017-04-28 01:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 00:41 - 2017-04-28 01:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 00:41 - 2017-04-28 01:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 00:41 - 2017-04-28 01:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 00:41 - 2017-04-28 01:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 00:41 - 2017-04-28 01:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 00:41 - 2017-04-28 01:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 00:41 - 2017-04-28 01:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 00:41 - 2017-04-28 01:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 00:41 - 2017-04-28 01:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 00:41 - 2017-04-28 01:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 00:41 - 2017-04-28 01:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 00:41 - 2017-04-28 01:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 00:41 - 2017-04-28 01:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 00:41 - 2017-04-28 01:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 00:41 - 2017-04-28 01:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 00:41 - 2017-04-28 01:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 00:41 - 2017-04-28 01:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 00:41 - 2017-04-28 01:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 00:41 - 2017-04-28 01:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 00:41 - 2017-04-28 01:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 00:41 - 2017-04-28 01:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 00:41 - 2017-04-28 01:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 00:41 - 2017-04-28 01:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 00:41 - 2017-04-28 01:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 00:41 - 2017-04-28 01:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 00:41 - 2017-04-28 01:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 00:41 - 2017-04-28 01:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 00:41 - 2017-04-28 01:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 00:41 - 2017-04-28 01:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 00:41 - 2017-04-28 01:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 00:41 - 2017-04-28 01:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 00:41 - 2017-04-28 01:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 00:41 - 2017-04-28 01:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 00:41 - 2017-04-28 01:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 00:41 - 2017-04-28 01:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 00:41 - 2017-04-28 01:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 00:41 - 2017-04-28 01:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 00:41 - 2017-04-28 01:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 00:41 - 2017-04-28 01:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 00:41 - 2017-04-28 01:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 00:41 - 2017-04-28 01:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 00:41 - 2017-04-28 00:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 00:41 - 2017-04-28 00:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 00:41 - 2017-04-28 00:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 00:41 - 2017-04-28 00:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 00:41 - 2017-04-28 00:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 00:41 - 2017-04-28 00:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 00:41 - 2017-04-28 00:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 00:41 - 2017-04-28 00:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 00:41 - 2017-04-28 00:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 00:41 - 2017-04-28 00:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 00:41 - 2017-04-28 00:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 00:41 - 2017-04-28 00:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 00:41 - 2017-04-28 00:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 00:41 - 2017-04-28 00:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 00:41 - 2017-04-28 00:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 00:41 - 2017-04-28 00:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 00:41 - 2017-04-28 00:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 00:41 - 2017-04-28 00:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 00:41 - 2017-04-28 00:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 00:41 - 2017-04-28 00:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 00:41 - 2017-04-28 00:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 00:41 - 2017-04-28 00:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 00:41 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 00:41 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 00:41 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 00:41 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 00:41 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 00:41 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 00:40 - 2017-04-28 02:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 00:40 - 2017-04-28 01:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 00:40 - 2017-04-28 01:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 00:40 - 2017-04-28 01:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 00:40 - 2017-04-28 01:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 00:40 - 2017-04-28 01:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 00:40 - 2017-04-28 01:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 00:40 - 2017-04-28 01:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 00:40 - 2017-04-28 01:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 00:40 - 2017-04-28 01:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 00:40 - 2017-04-28 01:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 00:40 - 2017-04-28 01:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 00:40 - 2017-04-28 01:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 00:40 - 2017-04-28 01:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 00:40 - 2017-04-28 01:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 00:40 - 2017-04-28 01:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 00:40 - 2017-04-28 01:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 00:40 - 2017-04-28 01:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 00:40 - 2017-04-28 01:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 00:40 - 2017-04-28 01:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 00:40 - 2017-04-28 01:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 08170600 _____ (Microsoft Corporation)

Silverboots · May 31, 2017

C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 00:40 - 2017-04-28 01:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 00:40 - 2017-04-28 01:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 00:40 - 2017-04-28 01:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 00:40 - 2017-04-28 01:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 00:40 - 2017-04-28 01:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 00:40 - 2017-04-28 01:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 00:40 - 2017-04-28 01:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 00:40 - 2017-04-28 01:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 00:40 - 2017-04-28 01:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 00:40 - 2017-04-28 01:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 00:40 - 2017-04-28 01:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 00:40 - 2017-04-28 01:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 00:40 - 2017-04-28 01:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 00:40 - 2017-04-28 01:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 00:40 - 2017-04-28 01:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 00:40 - 2017-04-28 01:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 00:40 - 2017-04-28 01:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 00:40 - 2017-04-28 01:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 00:40 - 2017-04-28 01:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 00:40 - 2017-04-28 01:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 00:40 - 2017-04-28 01:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 00:40 - 2017-04-28 01:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 00:40 - 2017-04-28 01:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 00:40 - 2017-04-28 01:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 00:40 - 2017-04-28 01:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 00:40 - 2017-04-28 01:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 00:40 - 2017-04-28 01:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 00:40 - 2017-04-28 01:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 00:40 - 2017-04-28 01:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 00:40 - 2017-04-28 01:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 00:40 - 2017-04-28 01:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 00:40 - 2017-04-28 01:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 00:40 - 2017-04-28 01:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 00:40 - 2017-04-28 01:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 00:40 - 2017-04-28 01:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 00:40 - 2017-04-28 01:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 00:40 - 2017-04-28 01:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 00:40 - 2017-04-28 01:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 00:40 - 2017-04-28 00:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 00:40 - 2017-04-28 00:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 00:40 - 2017-04-28 00:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 00:40 - 2017-04-28 00:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 00:40 - 2017-04-28 00:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 00:40 - 2017-04-28 00:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 00:40 - 2017-04-28 00:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 00:40 - 2017-04-28 00:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 00:40 - 2017-04-28 00:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 00:40 - 2017-04-28 00:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 00:40 - 2017-04-28 00:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-10 00:40 - 2017-04-28 00:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 00:40 - 2017-04-28 00:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 00:40 - 2017-04-28 00:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 00:40 - 2017-04-28 00:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 00:40 - 2017-04-28 00:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 00:40 - 2017-04-28 00:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 00:40 - 2017-04-28 00:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 00:40 - 2017-04-28 00:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 00:40 - 2017-04-28 00:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 00:40 - 2017-04-28 00:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 00:40 - 2017-04-28 00:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 00:40 - 2017-04-28 00:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 00:40 - 2017-04-28 00:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 00:40 - 2017-04-28 00:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 00:40 - 2017-04-28 00:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 00:40 - 2017-04-28 00:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 00:40 - 2017-04-28 00:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 00:40 - 2017-04-28 00:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 00:40 - 2017-04-28 00:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 00:40 - 2017-04-28 00:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 00:40 - 2017-04-28 00:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 00:40 - 2017-04-28 00:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 00:40 - 2017-04-28 00:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 00:40 - 2017-04-28 00:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 00:40 - 2017-04-28 00:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 00:40 - 2017-04-28 00:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 00:40 - 2017-04-28 00:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 00:40 - 2017-04-28 00:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 00:40 - 2017-04-28 00:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 00:40 - 2017-04-28 00:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 00:40 - 2017-04-28 00:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 00:40 - 2017-04-28 00:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 00:40 - 2017-04-28 00:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 00:40 - 2017-04-28 00:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 00:40 - 2017-04-28 00:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 00:40 - 2017-04-28 00:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 00:40 - 2017-04-28 00:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 00:40 - 2017-03-04 08:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 00:40 - 2017-03-04 07:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 00:40 - 2017-03-04 07:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 00:40 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 00:40 - 2017-03-04 07:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 00:40 - 2017-03-04 07:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 00:40 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 00:39 - 2017-04-28 01:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 00:39 - 2017-04-28 01:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 00:39 - 2017-04-28 01:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 00:39 - 2017-04-28 01:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 00:39 - 2017-04-28 01:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 00:39 - 2017-04-28 01:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 00:39 - 2017-04-28 01:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 00:39 - 2017-04-28 01:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 00:39 - 2017-04-28 01:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 00:39 - 2017-04-28 01:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 00:39 - 2017-04-28 01:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 00:39 - 2017-04-28 01:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 00:39 - 2017-04-28 01:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 00:39 - 2017-04-28 01:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 00:39 - 2017-04-28 01:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 00:39 - 2017-04-28 01:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 00:39 - 2017-04-28 01:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 00:39 - 2017-04-28 01:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 00:39 - 2017-04-28 01:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 00:39 - 2017-04-28 00:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 00:39 - 2017-04-28 00:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 00:39 - 2017-04-28 00:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 00:39 - 2017-04-28 00:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 00:39 - 2017-04-28 00:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 00:39 - 2017-04-28 00:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 00:39 - 2017-04-28 00:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 00:39 - 2017-04-28 00:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 00:39 - 2017-04-28 00:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 00:39 - 2017-04-28 00:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 00:39 - 2017-04-28 00:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 00:39 - 2017-04-28 00:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 00:39 - 2017-04-28 00:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 00:39 - 2017-04-28 00:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 00:39 - 2017-04-28 00:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 00:39 - 2017-04-28 00:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 00:39 - 2017-04-28 00:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 00:39 - 2017-04-28 00:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 00:39 - 2017-04-28 00:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 00:39 - 2017-04-28 00:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 00:39 - 2017-04-28 00:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 00:39 - 2017-04-28 00:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 00:39 - 2017-04-28 00:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 00:39 - 2017-04-28 00:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 00:39 - 2017-04-28 00:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 00:39 - 2017-04-28 00:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 00:39 - 2017-04-28 00:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 00:39 - 2017-04-28 00:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 00:39 - 2017-04-28 00:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 00:39 - 2017-04-28 00:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 00:39 - 2017-04-28 00:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 00:39 - 2017-04-28 00:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 00:39 - 2017-04-28 00:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 00:39 - 2017-04-28 00:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 00:39 - 2017-04-28 00:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 00:39 - 2017-04-28 00:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 00:39 - 2017-04-28 00:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 00:39 - 2017-04-28 00:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 00:39 - 2017-04-28 00:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 00:39 - 2017-04-28 00:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 00:39 - 2017-04-28 00:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 00:39 - 2017-04-28 00:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 00:39 - 2017-04-28 00:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 00:39 - 2017-03-04 07:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 00:38 - 2017-04-28 01:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 00:38 - 2017-04-28 01:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 00:38 - 2017-04-28 01:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 00:38 - 2017-04-28 01:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 00:38 - 2017-04-28 01:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 00:38 - 2017-04-28 01:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 00:38 - 2017-04-28 01:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 00:38 - 2017-04-28 01:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 00:38 - 2017-04-28 01:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 00:38 - 2017-04-28 01:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 00:38 - 2017-04-28 01:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 00:38 - 2017-04-28 01:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 00:38 - 2017-04-28 01:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 00:38 - 2017-04-28 01:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 00:38 - 2017-04-28 01:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 00:38 - 2017-04-28 01:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 00:38 - 2017-04-28 01:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 00:38 - 2017-04-28 01:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 00:38 - 2017-04-28 01:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 00:38 - 2017-04-28 01:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 00:38 - 2017-04-28 01:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 00:38 - 2017-04-28 01:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 00:38 - 2017-04-28 01:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 00:38 - 2017-04-28 01:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 00:38 - 2017-04-28 01:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 00:38 - 2017-04-28 01:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 00:38 - 2017-04-28 00:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 00:38 - 2017-04-28 00:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 00:38 - 2017-04-28 00:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 00:38 - 2017-04-28 00:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 00:38 - 2017-04-28 00:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 00:38 - 2017-04-28 00:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 00:38 - 2017-04-28 00:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 00:38 - 2017-04-28 00:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 00:38 - 2017-04-28 00:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 00:38 - 2017-04-28 00:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 00:38 - 2017-04-28 00:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 00:38 - 2017-04-28 00:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 00:38 - 2017-04-28 00:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 00:38 - 2017-04-28 00:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 00:38 - 2017-04-28 00:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 00:38 - 2017-04-28 00:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 00:38 - 2017-04-28 00:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 00:38 - 2017-04-28 00:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 00:38 - 2017-04-28 00:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 00:38 - 2017-04-28 00:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 00:38 - 2017-04-28 00:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 00:38 - 2017-04-28 00:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 00:38 - 2017-04-28 00:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 00:38 - 2017-04-28 00:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 00:38 - 2017-04-28 00:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 00:38 - 2017-04-28 00:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 00:38 - 2017-04-28 00:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 00:38 - 2017-04-28 00:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 00:38 - 2017-04-28 00:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 00:38 - 2017-04-28 00:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 00:38 - 2017-04-28 00:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 00:38 - 2017-04-28 00:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 00:38 - 2017-04-28 00:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 00:38 - 2017-04-28 00:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 00:38 - 2017-04-28 00:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 00:38 - 2017-04-28 00:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 00:38 - 2017-04-28 00:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 00:38 - 2017-04-28 00:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 00:38 - 2017-04-28 00:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 00:38 - 2017-03-04 07:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 00:37 - 2017-04-28 01:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 00:37 - 2017-04-28 01:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 00:37 - 2017-04-28 01:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 00:37 - 2017-04-28 01:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 00:37 - 2017-04-28 01:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 00:37 - 2017-04-28 01:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 00:37 - 2017-04-28 01:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 00:37 - 2017-04-28 01:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 00:37 - 2017-04-28 01:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 00:37 - 2017-04-28 01:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 00:37 - 2017-04-28 01:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 00:37 - 2017-04-28 01:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 00:37 - 2017-04-28 01:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 00:37 - 2017-04-28 01:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 00:37 - 2017-04-28 01:02 - 00019456 _____ (Microsoft Corporation)

Solved Amazon assistant virus

Posts: 39 +0

Posts: 56,041 +516

Posts: 39 +0

Posts: 56,041 +516

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 56,041 +516

Posts: 39 +0

Posts: 56,041 +516

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 39 +0

Posts: 56,041 +516

Posts: 39 +0

Posts: 39 +0

Similar threads