Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01 Ran by HP (administrator) on D (04-05-2017 17:41:00) Running from X:\Pulpit Loaded Profiles: HP (Available Profiles: HP) Platform: Windows 10 Home Version 1607 (X64) Language: Angielski (Zjednoczone Królestwo) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe () C:\Users\HP\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BiniSoft.org) C:\Program Files\Windows Firewall Control\wfcs.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (BiniSoft.org) C:\Program Files\Windows Firewall Control\wfc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\HelpPane.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () X:\Pulpit\bg9dkvks.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) X:\Pulpit\FRST64 (1).exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2016-10-18] (Realtek Semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-06-29] (Hewlett-Packard Company) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\RunOnce: [{37F531A7-51B6-4150-A040-73E192BD3A6B}] => cmd.exe /C start /D "C:\Users\HP\AppData\Local\Temp\{37F531A7-51B6-4150-A040-73E192BD3A6B}" /B {1BDAAD32-CF8C-4CC7-94F2-D35926B596F7}.exe -accepteula -accepteulaksn -postboot <===== ATTENTION HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9108184 2016-11-07] (Piriform Ltd) HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\...\Run: [AceStream] => C:\Users\HP\AppData\Roaming\ACEStream\engine\ace_engine.exe [28024 2017-03-20] (Innovative Digital Technologies) HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group Ltd.) HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\...\Run: [Napisy24Update] => C:\Program Files (x86)\Napisy24\Napisy24Update.exe [3709896 2015-11-04] (Napisy24.pl) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Windows Firewall Control.lnk [2016-10-02] ShortcutTarget: Windows Firewall Control.lnk -> C:\Program Files\Windows Firewall Control\wfc.exe (BiniSoft.org) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 195.177.64.66 195.177.64.69 Tcpip\..\Interfaces\{b89ac56f-8f5e-4b7a-aef6-d0567cc33ebb}: [DhcpNameServer] 10.106.12.27 Tcpip\..\Interfaces\{ec867241-6578-4be5-a28b-de6ea8e1d7df}: [DhcpNameServer] 195.177.64.66 195.177.64.69 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gazeta.pl/0,0.html?p=190 HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.) FireFox: ======== FF HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\HP\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi FF Extension: (Ace Stream Web Extension) - C:\Users\HP\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2017-01-31] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-3057758775-3154587989-2935032321-1001: @acestream.net/acestreamplugin,version=3.1.12 -> C:\Users\HP\AppData\Roaming\ACEStream\player\npace_plugin.dll [2017-01-31] (Innovative Digital Technologies) Chrome: ======= CHR HomePage: Default -> hxxp://wp.pl/ CHR StartupUrls: Default -> "hxxp://www.gazeta.pl/0,0.html?p=190" CHR NewTab: Default -> Active:"chrome-extension://fdnbdgmkhikelgaohpgdpcecklddmpaj/fastdial.html" CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2017-05-04] CHR Extension: (Prezentacje Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-18] CHR Extension: (Dokumenty Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-18] CHR Extension: (Dysk Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-18] CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-18] CHR Extension: (uBlock Origin) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-04-18] CHR Extension: (Fast Dial) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdnbdgmkhikelgaohpgdpcecklddmpaj [2016-10-03] CHR Extension: (Arkusze Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-18] CHR Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-18] CHR Extension: (360 Internet Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-01-17] CHR Extension: (LastPass: Free Password Manager) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-04-01] CHR Extension: (Płatności w sklepie Chrome Web Store) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-18] CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-27] CHR HKU\S-1-5-21-3057758775-3154587989-2935032321-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] () R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2286848 2016-09-18] (Broadcom Corporation.) R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-05-03] (SurfRight B.V.) R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2017-01-13] (Intel Corporation) R2 KingoSoftService; C:\Users\HP\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [367592 2017-03-27] () R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [914344 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED) S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [308464 2016-10-18] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266872 2016-10-02] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation) R2 _wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [102912 2016-10-02] (BiniSoft.org) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U0 35464169; C:\WINDOWS\System32\drivers\80703498.sys [263448 2017-05-03] (Kaspersky Lab, Yury Parshin) R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [160768 2016-08-10] (360.cn) R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-08-10] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2016-08-10] (360.cn) R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2016-08-10] (360.cn) R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57856 2016-08-10] (360.cn) R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [400384 2016-08-10] (360.cn) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmdag.sys [26568848 2017-01-25] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309377.inf_amd64_7ab08912e1e1da0a\atikmpag.sys [536600 2017-01-25] (Advanced Micro Devices, Inc.) S1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [199680 2016-08-10] (360.cn) R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208176 2016-09-18] (Broadcom Corporation.) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7551240 2016-02-13] (Broadcom Corporation) R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2016-10-18] (Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel Corporation) R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-07-22] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.) R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [889584 2016-10-18] (Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-21] (Realsil Semiconductor Corporation) S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] () R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72824 2016-10-02] (Synaptics Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) U3 aswMBR; C:\Users\HP\AppData\Local\Temp\aswMBR.sys [62728 2017-05-03] () [File not signed] <==== ATTENTION U3 pgldapob; C:\Users\HP\AppData\Local\Temp\pgldapob.sys [56584 2017-05-04] (GMER) [File not signed] <==== ATTENTION U3 WMPNetworkSvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-03 18:15 - 2017-05-03 18:15 - 00478392 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\B0562BC4.sys 2017-05-03 18:15 - 2017-05-03 18:15 - 00085600 ____N (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\74281517.sys 2017-05-03 18:14 - 2017-05-03 18:15 - 00000000 ____D C:\KVRT_Data 2017-05-03 18:13 - 2017-05-03 18:13 - 00263448 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\80703498.sys 2017-05-03 18:13 - 2017-05-03 18:13 - 00000000 ____D C:\TDSSKiller_Quarantine 2017-05-03 18:12 - 2017-05-03 18:13 - 00266098 _____ C:\TDSSKiller.3.1.0.15_03.05.2017_18.12.08_log.txt 2017-05-03 18:12 - 2017-05-03 18:12 - 00263448 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\49627521.sys 2017-05-03 17:46 - 2017-05-03 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2017-05-03 17:45 - 2017-05-03 17:53 - 00000000 ____D C:\ProgramData\HitmanPro 2017-05-03 17:45 - 2017-05-03 17:46 - 00000000 ____D C:\Program Files\HitmanPro 2017-04-27 19:49 - 2017-04-27 19:49 - 00000000 ____D C:\Users\HP\AppData\Roaming\Google 2017-04-26 21:52 - 2017-04-26 21:52 - 844010498 _____ C:\WINDOWS\MEMORY.DMP 2017-04-26 21:52 - 2017-04-26 21:52 - 00414628 _____ C:\WINDOWS\Minidump\042617-33984-01.dmp 2017-04-26 21:52 - 2017-04-26 21:52 - 00000000 ____D C:\WINDOWS\Minidump 2017-04-23 17:44 - 2017-04-23 17:44 - 00000169 _____ C:\Users\HP\AppData\Local\uts.ini 2017-04-23 17:44 - 2017-04-23 17:44 - 00000000 ____D C:\Users\HP\AppData\Local\uts 2017-04-23 17:44 - 2017-04-23 17:44 - 00000000 ____D C:\Users\HP\.android 2017-04-23 17:35 - 2017-04-23 17:35 - 00000000 ____D C:\Users\HP\AppData\Roaming\Kingosoft 2017-04-23 17:35 - 2017-04-23 17:35 - 00000000 ____D C:\Users\HP\AppData\Local\Kingosoft 2017-04-23 17:35 - 2017-04-23 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT 2017-04-23 17:34 - 2017-04-23 17:35 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT 2017-04-16 12:40 - 2017-04-23 18:33 - 00000000 ____D C:\Users\HP\AppData\Roaming\HpUpdate 2017-04-16 12:40 - 2017-04-16 12:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2017-04-16 12:40 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMB011.dll 2017-04-16 12:39 - 2017-04-16 12:42 - 00000000 ____D C:\Users\HP\AppData\Local\HP 2017-04-16 12:39 - 2017-04-16 12:39 - 00000057 _____ C:\ProgramData\Ament.ini 2017-04-16 12:39 - 2017-04-16 12:39 - 00000000 ____D C:\ProgramData\HP 2017-04-12 18:16 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-04-12 18:16 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2017-04-12 18:16 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2017-04-12 18:16 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-04-12 18:16 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-04-12 18:16 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-04-12 18:16 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2017-04-12 18:16 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2017-04-12 18:16 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-04-12 18:16 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-04-12 18:16 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-04-12 18:16 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-04-12 18:16 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-04-12 18:16 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-04-12 18:16 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-04-12 18:16 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-04-12 18:16 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2017-04-12 18:16 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2017-04-12 18:16 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-04-12 18:16 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-04-12 18:16 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-04-12 18:16 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-04-12 18:16 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-04-12 18:16 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2017-04-12 18:16 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2017-04-12 18:16 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-04-12 18:16 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-04-12 18:16 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-04-12 18:16 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2017-04-12 18:16 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-04-12 18:16 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll 2017-04-12 18:16 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2017-04-12 18:16 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-04-12 18:16 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll 2017-04-12 18:16 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll 2017-04-12 18:16 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-04-12 18:16 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll 2017-04-12 18:16 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-04-12 18:16 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll 2017-04-12 18:16 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-04-12 18:16 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-04-12 18:16 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll 2017-04-12 18:16 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys 2017-04-12 18:16 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2017-04-12 18:16 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-04-12 18:16 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-04-12 18:16 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll 2017-04-12 18:16 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-04-12 18:16 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-04-12 18:16 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-04-12 18:16 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-04-12 18:16 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-04-12 18:16 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2017-04-12 18:16 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-04-12 18:16 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-04-12 18:16 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll 2017-04-12 18:16 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-04-12 18:16 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-04-12 18:16 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-04-12 18:16 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-04-12 18:16 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-04-12 18:16 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-04-12 18:16 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2017-04-12 18:16 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-04-12 18:16 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-04-12 18:16 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll 2017-04-12 18:16 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-04-12 18:16 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-04-12 18:16 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-04-12 18:16 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-04-12 18:16 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-04-12 18:16 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-04-12 18:16 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-04-12 18:16 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2017-04-12 18:16 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-04-12 18:16 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-04-12 18:16 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-04-12 18:16 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-04-12 18:16 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2017-04-12 18:16 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-04-12 18:16 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-04-12 18:16 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2017-04-12 18:16 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-04-12 18:16 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2017-04-12 18:16 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-04-12 18:16 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-04-12 18:16 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-04-12 18:16 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-04-12 18:16 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-04-12 18:16 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-04-12 18:16 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2017-04-12 18:16 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2017-04-12 18:16 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-04-12 18:16 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2017-04-12 18:16 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-04-12 18:16 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-04-12 18:16 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-04-12 18:16 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2017-04-12 18:16 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll 2017-04-12 18:16 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-04-12 18:16 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-04-12 18:16 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-04-12 18:16 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-04-12 18:16 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-04-12 18:16 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2017-04-12 18:16 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-04-12 18:16 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-04-12 18:16 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-04-12 18:16 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2017-04-12 18:16 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-04-12 18:16 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-04-12 18:16 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-04-12 18:16 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-04-12 18:16 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-04-12 18:16 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-04-12 18:16 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-04-12 18:16 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-04-12 18:16 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2017-04-12 18:16 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-04-12 18:16 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-04-12 18:16 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-04-12 18:16 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2017-04-12 18:16 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-04-12 18:16 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-04-12 18:16 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-04-12 18:16 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-04-12 18:16 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2017-04-12 18:16 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-04-12 18:16 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-04-12 18:16 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-04-12 18:16 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-04-12 18:16 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-04-12 18:16 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-04-12 18:16 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll 2017-04-12 18:16 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-04-12 18:16 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll 2017-04-12 18:15 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2017-04-12 18:15 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-04-12 18:15 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-04-12 18:15 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2017-04-12 18:15 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2017-04-12 18:15 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-04-12 18:15 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-04-12 18:15 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2017-04-12 18:15 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-04-12 18:15 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-04-12 18:15 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll 2017-04-12 18:15 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-04-12 18:15 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-04-12 18:15 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-04-12 18:15 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-04-12 18:15 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-04-12 18:15 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-04-12 18:15 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-04-12 18:15 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll 2017-04-12 18:15 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll 2017-04-12 18:15 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-04-12 18:15 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-04-12 18:15 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-04-12 18:15 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-04-12 18:15 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll 2017-04-12 18:15 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-04-12 18:15 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-04-12 18:15 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-04-12 18:15 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-04-12 18:15 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-04-12 18:15 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2017-04-12 18:15 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-04-12 18:15 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-04-12 18:15 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-04-12 18:15 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-04-12 18:15 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-04-12 18:15 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-04-12 18:15 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-04-12 18:15 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-04-12 18:15 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-04-12 18:15 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-04-12 18:15 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-04-12 18:15 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-04-12 18:15 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2017-04-12 18:15 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-04-12 18:15 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2017-04-12 18:15 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-04-12 18:15 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-04-12 18:15 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2017-04-12 18:15 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-04-12 18:15 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-04-12 18:15 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-04-12 18:15 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-04-12 18:15 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-04-12 18:15 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2017-04-12 18:15 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2017-04-12 18:15 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-04-12 18:15 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-04-12 18:15 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-04-12 18:15 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-04-12 18:15 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2017-04-12 18:15 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-04-12 18:15 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-04-12 18:15 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-04-12 18:15 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-04-12 18:15 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2017-04-12 18:15 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-04-12 18:15 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-04-12 18:15 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-04-12 18:15 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-04-12 18:15 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-04-12 18:15 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-04-12 18:15 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-04-12 18:15 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2017-04-12 18:15 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-04-12 18:15 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-04-12 18:15 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-04-12 18:15 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-04-12 18:15 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-04-12 18:15 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-04-12 18:15 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-04-12 18:15 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-04-12 18:15 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-04-12 18:15 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-04-12 18:15 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-04-12 18:15 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-04-12 18:15 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-04-12 18:15 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-04-12 18:15 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-04-12 18:15 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-04-12 18:14 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2017-04-12 18:14 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2017-04-12 18:14 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2017-04-12 18:14 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2017-04-12 18:14 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2017-04-12 18:14 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2017-04-12 18:14 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-04-12 18:14 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-04-12 18:14 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-04-12 18:14 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-04-12 18:14 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-04-12 18:14 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-04-12 18:14 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-04-12 18:14 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-04-12 18:14 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-04-12 18:14 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-04-12 18:14 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2017-04-12 18:14 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-04-12 18:14 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-04-12 18:14 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-04-12 18:14 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-04-12 18:14 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-04-12 18:14 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-04-12 18:14 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-04-12 18:14 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-04-12 18:14 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-04-12 18:14 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-04-12 18:14 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll 2017-04-12 18:14 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-04-12 18:14 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2017-04-12 18:14 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2017-04-12 18:14 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-04-12 18:14 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-04-12 18:14 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll 2017-04-12 18:14 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-04-12 18:14 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-04-12 18:14 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll 2017-04-12 18:14 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-04-12 18:14 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-04-12 18:14 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe 2017-04-12 18:14 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-04-12 18:14 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-04-12 18:14 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2017-04-12 18:14 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll 2017-04-12 18:14 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-04-12 18:14 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll 2017-04-12 18:14 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-04-12 18:14 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-04-12 18:14 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll 2017-04-12 18:14 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-04-12 18:14 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2017-04-12 18:14 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-04-12 18:14 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-04-12 18:14 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-04-12 18:14 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-04-12 18:14 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2017-04-12 18:14 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-04-12 18:14 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-04-12 18:14 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-04-12 18:14 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-04-12 18:14 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-04-12 18:14 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-04-12 18:14 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2017-04-12 18:14 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-04-12 18:14 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2017-04-12 18:14 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-04-12 18:14 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-04-12 18:14 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-04-12 18:14 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-04-12 18:14 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-04-12 18:14 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-04-12 18:14 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll 2017-04-12 18:14 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-04-12 18:14 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-04-12 18:14 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-04-12 18:14 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-04-12 18:14 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2017-04-12 18:14 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-04-12 18:14 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-04-12 18:14 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2017-04-12 18:14 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-04-12 18:14 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2017-04-12 18:14 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-04-12 18:14 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-04-12 18:14 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2017-04-12 18:14 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-04-12 18:14 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-04-12 18:14 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2017-04-12 18:14 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-04-12 18:14 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-04-12 18:14 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-04-12 18:14 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-04-12 18:14 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-04-12 18:14 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-04-12 18:14 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-04-12 18:14 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe 2017-04-12 18:14 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-04-12 18:14 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-04-12 18:14 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2017-04-12 18:14 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-04-12 18:14 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-04-12 18:14 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-04-12 18:14 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-04-12 18:14 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-04-12 18:14 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-04-12 18:14 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-04-12 18:14 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-04-12 18:14 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-04-12 18:14 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-04-12 18:14 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-04-12 18:14 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-04-12 18:14 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-04-12 18:14 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-04-12 18:14 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-04-12 18:14 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-04-12 18:14 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-04-12 18:14 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2017-04-12 18:14 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-04-12 18:14 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-04-12 18:14 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2017-04-12 18:14 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-04-12 18:14 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2017-04-12 18:14 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2017-04-12 18:14 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2017-04-12 18:14 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-04-12 18:14 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-04-12 18:14 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-04-12 18:14 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-04-12 18:14 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-04-12 18:14 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll 2017-04-12 18:13 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-04-12 18:13 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll 2017-04-12 18:13 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-04-12 18:13 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2017-04-12 18:13 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-04-12 18:13 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll 2017-04-12 18:13 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll 2017-04-12 18:13 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-04-12 18:13 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-04-12 18:13 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-04-12 18:13 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll 2017-04-12 18:13 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-04-12 18:13 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-04-12 18:13 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-04-12 18:13 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-04-12 18:13 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-04-12 18:13 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-04-12 18:13 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-04-12 18:13 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-04-12 18:13 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-04-12 18:13 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll 2017-04-12 18:13 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2017-04-12 18:13 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-04-12 18:13 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll 2017-04-12 18:13 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-04-12 18:13 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2017-04-09 10:38 - 2017-04-09 10:38 - 00000000 ____D C:\Users\HP\AppData\Local\ElevatedDiagnostics ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-04 17:41 - 2016-12-15 18:49 - 00000000 ____D C:\FRST 2017-05-04 17:31 - 2016-10-02 19:52 - 00000000 ____D C:\Users\HP\AppData\LocalLow\360WD 2017-05-04 15:49 - 2016-10-09 20:31 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-03 04:56 - 2016-09-18 13:42 - 00002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-02 23:27 - 2016-10-10 05:53 - 00003204 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForHP 2017-05-02 23:27 - 2016-10-03 10:33 - 00000324 _____ C:\WINDOWS\Tasks\HPCeeScheduleForHP.job 2017-05-02 01:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-02 01:29 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-04-30 00:30 - 2016-10-10 09:29 - 00000000 __SHD C:\Users\HP\IntelGraphicsProfiles 2017-04-30 00:29 - 2016-10-09 20:40 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-04-30 00:27 - 2016-10-10 05:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-04-29 20:06 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI 2017-04-29 13:38 - 2016-11-12 18:16 - 00004702 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-04-29 13:38 - 2016-11-12 18:16 - 00000000 ____D C:\Users\HP\AppData\Local\Adobe 2017-04-29 13:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-04-29 13:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2017-04-28 23:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-04-28 23:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-04-27 20:47 - 2016-11-19 19:38 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2017-04-27 19:56 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-04-27 19:50 - 2016-10-09 21:30 - 00000000 ____D C:\Users\HP 2017-04-27 19:50 - 2016-10-02 19:52 - 00000000 _RSHD C:\360SANDBOX 2017-04-27 19:49 - 2016-10-10 05:53 - 00003566 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-27 19:49 - 2016-10-10 05:53 - 00003442 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-26 21:53 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2017-04-24 17:47 - 2016-09-18 17:24 - 00000000 ____D C:\Users\HP\AppData\Roaming\uTorrent 2017-04-21 18:27 - 2016-10-03 11:53 - 00000000 __SHD C:\ProgramData\360Quarant 2017-04-21 18:27 - 2016-10-03 11:53 - 00000000 __SHD C:\$360Section 2017-04-16 18:11 - 2016-10-09 22:04 - 01036760 _____ C:\WINDOWS\system32\perfh015.dat 2017-04-16 18:11 - 2016-10-09 22:04 - 00258598 _____ C:\WINDOWS\system32\perfc015.dat 2017-04-16 18:11 - 2016-10-09 20:45 - 02694176 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-04-16 12:40 - 2016-02-13 02:35 - 00000000 ____D C:\Program Files (x86)\HP 2017-04-16 12:39 - 2016-02-13 02:31 - 00000000 ____D C:\Program Files\HP 2017-04-15 09:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2017-04-13 05:27 - 2015-07-16 08:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-04-13 00:08 - 2016-12-03 21:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-04-13 00:08 - 2016-12-03 21:06 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-04-13 00:08 - 2016-10-09 20:31 - 00215800 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-04-13 00:07 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-04-13 00:07 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2017-04-12 19:16 - 2016-10-02 20:19 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-04-12 19:14 - 2016-12-03 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-04-12 19:14 - 2016-10-02 20:17 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2017-04-23 17:44 - 2017-04-23 17:44 - 0000169 _____ () C:\Users\HP\AppData\Local\uts.ini 2017-04-16 12:39 - 2017-04-16 12:39 - 0000057 _____ () C:\ProgramData\Ament.ini Some zero byte size files/folders: ========================== C:\Windows\SysWOW64\dnscmmc.dll C:\Windows\SysWOW64\dpnaddr.dll C:\Windows\System32\clrhost.dll C:\Windows\System32\dpnsvr.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-04-26 20:43 ==================== End of FRST.txt ============================