Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2017 Ran by louisa-jeaninne (23-05-2017 10:43:49) Running from C:\Users\louisa-jeaninne\Desktop Windows 10 Home Version 1607 (X64) (2016-09-29 21:49:39) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-547428184-218225385-153729512-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-547428184-218225385-153729512-503 - Limited - Disabled) Guest (S-1-5-21-547428184-218225385-153729512-501 - Limited - Disabled) louisa-jeaninne (S-1-5-21-547428184-218225385-153729512-1001 - Administrator - Enabled) => C:\Users\louisa-jeaninne ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.0.0.1138 - 360 Security Center) 7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.) Alien Skin Xenofex 2 (HKLM\...\Alien Skin Xenofex 2) (Version: - Alien Skin Software) AMD Catalyst Install Manager (HKLM\...\{B2179A5A-A467-55D7-1EB7-BE1AE40757FA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - ) Canon MP520 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series) (Version: - ) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) Corel PaintShop Pro X9 (HKLM-x32\...\_{998717E5-1031-4D28-A143-48ADAF062E5F}) (Version: 19.2.0.7 - Corel Corporation) Corel PaintShop Pro X9 (x32 Version: 19.0.0.96 - Corel Corporation) Hidden Corel Update Manager (x32 Version: 2.3.160 - Corel corporation) Hidden Creative Content (x32 Version: 1.0.0.130 - Corel Corporation) Hidden Creative Content (x32 Version: 1.0.0.130 - Uw bedrijfsnaam) Hidden CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6307 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.5109 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.6.5109 - Uw bedrijfsnaam) Hidden DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) FM Patcher 1.01 (HKLM-x32\...\FM Patcher_is1) (Version: - AFH Systems & The Plugin Site) Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.) Google Chrome (HKLM-x32\...\{0CCF3C48-E676-36F2-B17B-B890488DEB34}) (Version: 58.0.3029.110 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP) HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.34.7 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.5.32.37 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.10 - HP Inc.) HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.) ICA (x32 Version: 19.0.0.96 - Corel Corporation) Hidden Intel(R) Chipset Device Software (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1174 - Intel Corporation) Intel(R) PRO/Wireless Driver (HKLM\...\{8736f7db-10ee-4722-b588-3a7296eafc38}) (Version: 18.40.0000.4099 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel(R) Ready Mode Technology (HKLM\...\{B61BD6D2-0B9F-49BF-9987-4038E3F748EA}) (Version: 1.1.70.520 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{719A511C-68F1-48C5-A5DE-0F9D4CDCA41C}) (Version: 18.1.1611.3223 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) IPM_PSP_COM (x32 Version: 19.0.0.96 - Corel Corporation) Hidden Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Uw bedrijfsnaam) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2161 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7967.2161 - Microsoft Corporation) Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.7967.2161 - Microsoft Corporation) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7967.2161 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla) Mozilla Thunderbird 45.3.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 nl)) (Version: 45.3.0 - Mozilla) MysticThumbs (HKLM\...\{79A7A51A-CC11-48C2-866D-105E35439F05}) (Version: 2.3.2 - MysticCoder) OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden PSPPContent (x32 Version: 19.0.0.96 - Corel Corporation) Hidden PSPPHelp (x32 Version: 19.0.0.96 - Corel Corporation) Hidden PSPPro64 (Version: 19.0.0.96 - Corel Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7743 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) Setup (x32 Version: 19.0.0.96 - Uw bedrijfsnaam) Hidden Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.) Splat! 1.0 Demo (HKLM-x32\...\Splat) (Version: - ) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer) Ulead GIF-X.Plugin 2.0 (HKLM-x32\...\Ulead GIF-X.Plugin 2.0) (Version: - ) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-547428184-218225385-153729512-1001\...\ChromeHTML: -> C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0FE2089E-FFB4-4F11-BABF-DAFF88EF9823} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {279F7C2C-FECE-4D8B-8A43-E35BF006ED5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {6B9603D7-B03E-455B-922F-FFD2C0278A74} - System32\Tasks\HPCeeScheduleForlouisa-jeaninne => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {775F4355-330B-4387-AD3C-16DC3B608F56} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-04-24] (Corel Corporation) Task: {781A21BC-3E9E-4524-B0A6-C7D6A340E84E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation) Task: {7BEE0494-BCB7-4264-83E6-B351FF245C3C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation) Task: {876D810C-0A07-4BC3-ACB8-89EC6A918AD1} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {884B3F5D-8181-45D8-B092-8B01D278BE23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-11] (Google Inc.) Task: {916581DB-4861-4234-8FBA-57399F668550} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-11] (Google Inc.) Task: {97C04EF2-9C64-4E36-B42F-1696C6E872EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {B0B475E7-2C0B-425F-A3F4-F8087F519131} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-07] (Dropbox, Inc.) Task: {B2A358A7-4A93-4337-A890-38E26B0C7405} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.) Task: {B6F0DE1C-82DA-45F7-8FED-9E91D5C01AA3} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.) Task: {BE313118-33E1-4BE5-90C7-CF4EB3107A15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.) Task: {C50ED3DB-D277-40B3-AEF1-93B3A101977A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-05] (Piriform Ltd) Task: {F169A618-0EB1-43C9-9D21-9CE05E0879B5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-07] (Dropbox, Inc.) Task: {FA19CDD5-880B-4DDD-8F3C-8296C4718C8A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForlouisa-jeaninne.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\louisa-jeaninne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) ==================== Loaded Modules (Whitelisted) ============== 2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\windows\SysWOW64\PSIService.exe 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-05-10 21:38 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2017-05-10 21:38 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-10 21:38 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-29 23:52 - 2016-09-29 23:52 - 01864384 _____ () C:\Users\louisa-jeaninne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll 2016-10-23 17:18 - 2017-03-03 13:30 - 00785320 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll 2016-09-30 01:37 - 2016-09-30 01:37 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 21:54 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-15 21:54 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 21:54 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 21:54 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-05-09 16:58 - 2017-05-09 16:58 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-05-09 16:58 - 2017-05-09 16:58 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-05-09 16:58 - 2017-05-09 16:58 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-05-09 16:58 - 2017-05-09 16:58 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll 2017-05-05 18:07 - 2017-05-05 18:07 - 00073728 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2007-10-30 20:52 - 2007-10-30 20:52 - 00016200 _____ () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe 2016-10-23 17:18 - 2017-03-03 13:30 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll 2015-12-01 01:26 - 2015-12-01 01:26 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-10-23 17:18 - 2017-03-03 13:30 - 00497576 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:AstInfo [0] AlternateDataStreams: C:\Windows:nlsPreferences [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-547428184-218225385-153729512-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg DNS Servers: 195.130.130.4 - 195.130.131.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "Corel Photo Downloader" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "Corel Photo Downloader" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-547428184-218225385-153729512-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-547428184-218225385-153729512-1001\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C330E383-8450-496A-970D-310C5AD71F0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FAB49149-69C0-4AF3-A4F2-59B96696225A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{59806B43-5DAA-48AA-B711-F855DF9EB985}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{068A5515-0518-4F02-A403-A718F33A45F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{4F5D0456-4BEB-440A-BFB4-581AEF955C7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{F12424B7-2141-4C06-AAF8-33A532CF9325}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe FirewallRules: [{23A1CEAF-F719-435E-9382-25F0D7847318}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe FirewallRules: [{47E3C49A-0ADA-4DE4-AB25-C8698DF5559A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe FirewallRules: [{21ECEC05-FCEB-4E64-9EEA-4808456EF06B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe FirewallRules: [{8561CE7C-4126-47A3-80C3-77F3C774964C}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{5DFBDDFD-F960-475B-A076-25A95C576CD5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{18504D7E-1CDF-4C22-B37E-A89274190F51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B9FC4DCF-8716-4964-AB2A-81E2AA845A41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A3292E90-B228-4B48-AB56-D693D11813DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2E81C342-D65E-4BF7-B93D-4358A1795CE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{9C4D87F7-46E4-4561-89E8-020C8D3FFF8B}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{0C12F70D-DBD5-41E8-8A2C-E163632B4763}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{ED0378C7-F351-47B6-9204-D29BDF72E56D}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{818357DF-746A-40F1-BCA1-539CC09ECA9F}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{2477FC4D-07E4-4FCA-AA7D-E8D21E6CD0CF}] => (Allow) C:\Program Files (x86)\Nolarry\Application\chrome.exe FirewallRules: [{571D8997-9B1E-46F7-AEB6-C10AE941CE7C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{F840645F-EE4A-400D-9A09-CC00FE92500F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{92F7D446-4BE3-4100-ABA7-B717F26A8C95}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{3071C91C-6251-4575-BBE0-45E2B12DC549}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ==================== Restore Points ========================= 05-05-2017 20:36:59 Windows Update 09-05-2017 21:15:17 Windows Update 16-05-2017 10:34:53 Windows Update ==================== Faulty Device Manager Devices ============= Name: Intel(R) HD Graphics 530 Description: Intel(R) HD Graphics 530 Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: igfx Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: AMD Radeon R5 330 Description: AMD Radeon R5 330 Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: Advanced Micro Devices, Inc. Service: amdkmdap Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (05/23/2017 10:40:14 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-T6HV9R6) Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005. Error: (05/23/2017 09:25:46 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-T6HV9R6) Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005. Error: (05/23/2017 09:25:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: IntelCpHDCPSvc.exe, versie: 1.0.0.1, tijdstempel: 0x580e5bbd Naam van module met fout: IntelCpHDCPSvc.exe, versie: 1.0.0.1, tijdstempel: 0x580e5bbd Uitzonderingscode: 0xc0000005 Foutmarge: 0x000000000000347f Id van proces met fout: 0x918 Starttijd van toepassing met fout: 0x01d2d3332dda42c7 Pad naar toepassing met fout: C:\WINDOWS\System32\DriverStore\FileRepository\120491.inf_amd64_baaa9592accd87d6\IntelCpHDCPSvc.exe Pad naar module met fout: C:\WINDOWS\System32\DriverStore\FileRepository\120491.inf_amd64_baaa9592accd87d6\IntelCpHDCPSvc.exe Rapport-id: 207d471f-aa2e-40fa-aa59-5232b98c8403 Volledige pakketnaam met fout: Relatieve toepassings-id van pakket met fout: Error: (05/22/2017 09:40:13 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-T6HV9R6) Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005. Error: (05/22/2017 09:39:29 PM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Error: (05/22/2017 09:20:35 PM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Error: (05/22/2017 11:24:37 AM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Error: (05/22/2017 11:20:12 AM) (Source: ATIeRecord) (EventID: 16391) (User: ) Description: ATI EEU maximum number of session has been surpassed Error: (05/22/2017 11:19:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1234 Error: (05/22/2017 11:19:41 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1234 System errors: ============= Error: (05/23/2017 10:42:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6) Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/23/2017 10:40:32 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: Niet nader omschreven fout . Error: (05/23/2017 10:40:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (05/23/2017 10:40:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} en APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (05/23/2017 10:40:14 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} en APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (05/23/2017 10:14:02 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} en APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services. Error: (05/23/2017 10:04:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6) Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/23/2017 10:02:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: Niet nader omschreven fout . Error: (05/23/2017 10:02:37 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6) Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd. Error: (05/23/2017 10:00:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: Niet nader omschreven fout . CodeIntegrity: =================================== Date: 2016-10-23 16:19:41.961 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:19:41.959 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:18:22.404 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:18:22.402 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:18:21.847 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:18:21.845 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:13:48.459 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:13:48.458 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:13:35.727 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-10-23 16:13:35.726 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz Percentage of memory in use: 23% Total physical RAM: 8091.74 MB Available physical RAM: 6214.68 MB Total Virtual: 9371.74 MB Available Virtual: 7626.34 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:212.91 GB) (Free:142.96 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:16.33 GB) (Free:1.92 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:872.39 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 832FC32E) Partition: GPT. ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 249A13D3) Partition: GPT. ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017 Ran by louisa-jeaninne (administrator) on DESKTOP-T6HV9R6 (23-05-2017 10:43:25) Running from C:\Users\louisa-jeaninne\Desktop Loaded Profiles: louisa-jeaninne (Available Profiles: louisa-jeaninne) Platform: Windows 10 Home Version 1607 (X64) Language: Engels (Verenigd Koninkrijk) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Nolarry\Application\chrome.exe" "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE (Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe (Nalpeiron Ltd.) C:\Windows\System32\nlsInterface.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Windows\SysWOW64\PSIService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe (Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe (Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [531784 2007-10-31] (Corel, Inc.) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] () HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29635712 2016-09-12] (Skype Technologies S.A.) HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc) HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9772248 2017-05-05] (Piriform Ltd) HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [GoogleChromeAutoLaunch_C19FDEC061B0A11B3978871A695A3D4E] => C:\Program Files (x86)\Nolarry\Application\chrome.exe [921192 2016-10-12] (Google Inc.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 195.130.130.4 195.130.131.4 Tcpip\..\Interfaces\{89f65e47-a353-474d-8ab3-71aee1d1ed9c}: [DhcpNameServer] 195.130.130.4 195.130.131.4 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-547428184-218225385-153729512-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-15] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-15] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-23] (Oracle Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-15] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-15] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-15] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-15] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-23] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://jigsaw%20puzzle/ CHR StartupUrls: Default -> "hxxp://www.jigsawplanet.com/", "hxxp://www.mylucky123.com/?type=hp&ts=1476777238&z=b1292b6b19f427a99b6aeaagbz3m2q2m0m7m0obz2g&from=amule1017&uid=SAMSUNGXMZ7LN256HCHP-000H1_S1ZPNX0H716508" CHR Profile: C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default [2017-05-22] CHR Extension: (No Name) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-11] CHR Extension: (360 Internet Protection) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-10-23] CHR Extension: (hxxps://account.microsoft.com/profile?lang=nl) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijcnbfjfcjlmbdmaijofohaanagmngj [2016-10-11] CHR Extension: (No Name) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2016-10-11] CHR Extension: (Chrome Media Router) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26] CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx HKU\S-1-5-21-547428184-218225385-153729512-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ASTSRV; C:\windows\SysWOW64\ASTSRV.EXE [57344 2008-05-19] (Nalpeiron Ltd.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation) S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\120491.inf_amd64_baaa9592accd87d6\IntelCpHeciSvc.exe [310248 2017-02-22] (Intel Corporation) S2 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\120491.inf_amd64_baaa9592accd87d6\IntelCpHDCPSvc.exe [488928 2017-02-22] (Intel Corporation) S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-07] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-07] (Dropbox, Inc.) S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation) S3 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\120491.inf_amd64_baaa9592accd87d6\igfxCUIService.exe [350680 2017-02-22] (Intel Corporation) S2 IlS; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) <==== ATTENTION (ServiceDLL not found) S2 IlS; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) <==== ATTENTION (ServiceDLL not found) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] R2 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182336 2015-12-01] (Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-12-01] (Intel Corporation) S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] () R2 nlsInterface; C:\windows\system32\nlsInterface.exe [72192 2009-04-03] (Nalpeiron Ltd.) [File not signed] U2 ProtexisLicensing; C:\windows\SysWOW64\PSIService.exe [177704 2007-06-05] () R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc) R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED) S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-23] (Realtek Semiconductor) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation) R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation) R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [160768 2016-09-28] (360.cn) R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-11-25] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-03-03] (360.cn) R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-03-03] (360.cn) S3 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57856 2016-09-28] (360.cn) R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [400384 2016-09-28] (360.cn) S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2016-03-31] (Advanced Micro Devices, Inc.) R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [197632 2016-09-28] (360.cn) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation) S3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\120491.inf_amd64_baaa9592accd87d6\igdkmd64.sys [11036640 2017-02-22] (Intel Corporation) R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33512 2015-12-01] (Intel Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation) S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2016-09-17] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-12-17] (Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-23 10:43 - 2017-05-23 10:43 - 00020899 _____ C:\Users\louisa-jeaninne\Desktop\FRST.txt 2017-05-23 10:43 - 2017-05-23 10:43 - 00000000 ____D C:\FRST 2017-05-23 10:41 - 2017-05-23 10:43 - 02429952 _____ (Farbar) C:\Users\louisa-jeaninne\Desktop\FRST64.exe 2017-05-23 09:37 - 2017-05-23 09:37 - 00000000 ____D C:\rsit 2017-05-23 09:35 - 2017-05-23 09:37 - 01222144 _____ C:\Users\louisa-jeaninne\Desktop\RSITx64.exe 2017-05-22 21:36 - 2017-05-22 21:36 - 00006898 _____ C:\Users\louisa-jeaninne\Desktop\cc_20170522_213648.reg 2017-05-22 21:35 - 2017-05-22 21:36 - 00303546 _____ C:\Users\louisa-jeaninne\Desktop\cc_20170522_213536.reg 2017-05-22 21:27 - 2017-05-22 21:27 - 00002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2017-05-22 21:27 - 2017-05-22 21:27 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-05-22 21:27 - 2017-05-22 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-05-22 21:27 - 2017-05-22 21:27 - 00000000 ____D C:\Program Files\CCleaner 2017-05-22 21:25 - 2017-05-22 21:27 - 09548112 _____ (Piriform Ltd) C:\Users\louisa-jeaninne\Desktop\ccsetup530.exe 2017-05-22 21:24 - 2017-05-22 21:38 - 00448512 _____ (OldTimer Tools) C:\Users\louisa-jeaninne\Desktop\TFC.exe 2017-05-12 21:23 - 2017-05-12 21:24 - 00000000 ____D C:\Users\louisa-jeaninne\Desktop\s-ex-les39 2017-05-10 21:47 - 2017-05-10 21:48 - 00378408 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-05-10 21:39 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2017-05-10 21:39 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-05-10 21:39 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-05-10 21:39 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys 2017-05-10 21:39 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2017-05-10 21:39 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-05-10 21:39 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-05-10 21:39 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2017-05-10 21:39 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2017-05-10 21:39 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2017-05-10 21:39 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-05-10 21:39 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2017-05-10 21:39 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-05-10 21:39 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-05-10 21:39 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2017-05-10 21:39 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2017-05-10 21:39 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2017-05-10 21:39 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2017-05-10 21:39 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2017-05-10 21:39 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2017-05-10 21:39 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-05-10 21:39 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-05-10 21:39 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll 2017-05-10 21:39 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-05-10 21:39 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-05-10 21:39 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2017-05-10 21:39 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2017-05-10 21:39 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2017-05-10 21:39 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-05-10 21:39 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2017-05-10 21:39 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2017-05-10 21:39 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-05-10 21:39 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2017-05-10 21:39 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2017-05-10 21:39 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll 2017-05-10 21:39 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2017-05-10 21:39 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll 2017-05-10 21:39 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll 2017-05-10 21:39 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll 2017-05-10 21:39 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2017-05-10 21:39 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2017-05-10 21:39 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2017-05-10 21:39 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-05-10 21:39 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp 2017-05-10 21:39 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-05-10 21:39 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll 2017-05-10 21:39 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll 2017-05-10 21:39 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2017-05-10 21:39 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-05-10 21:39 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2017-05-10 21:39 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll 2017-05-10 21:39 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-05-10 21:39 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll 2017-05-10 21:39 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2017-05-10 21:39 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-05-10 21:39 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl 2017-05-10 21:39 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll 2017-05-10 21:39 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll 2017-05-10 21:39 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll 2017-05-10 21:39 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll 2017-05-10 21:39 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-05-10 21:39 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll 2017-05-10 21:39 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe 2017-05-10 21:39 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll 2017-05-10 21:39 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2017-05-10 21:39 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll 2017-05-10 21:39 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2017-05-10 21:39 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2017-05-10 21:39 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll 2017-05-10 21:39 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-05-10 21:39 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2017-05-10 21:39 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2017-05-10 21:39 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2017-05-10 21:39 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2017-05-10 21:39 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2017-05-10 21:39 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll 2017-05-10 21:39 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-05-10 21:39 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll 2017-05-10 21:39 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2017-05-10 21:39 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2017-05-10 21:39 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll 2017-05-10 21:39 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2017-05-10 21:39 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2017-05-10 21:39 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2017-05-10 21:39 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-05-10 21:39 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2017-05-10 21:39 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2017-05-10 21:39 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2017-05-10 21:39 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-05-10 21:39 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2017-05-10 21:39 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2017-05-10 21:39 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2017-05-10 21:39 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-05-10 21:39 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-05-10 21:39 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2017-05-10 21:39 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll 2017-05-10 21:39 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll 2017-05-10 21:39 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll 2017-05-10 21:39 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll 2017-05-10 21:39 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2017-05-10 21:39 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-05-10 21:39 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll 2017-05-10 21:39 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2017-05-10 21:39 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll 2017-05-10 21:39 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp 2017-05-10 21:39 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2017-05-10 21:39 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-05-10 21:39 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll 2017-05-10 21:39 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2017-05-10 21:39 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-05-10 21:39 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys 2017-05-10 21:39 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll 2017-05-10 21:39 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll 2017-05-10 21:39 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2017-05-10 21:39 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2017-05-10 21:39 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll 2017-05-10 21:39 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll 2017-05-10 21:39 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-05-10 21:39 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2017-05-10 21:39 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll 2017-05-10 21:39 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2017-05-10 21:39 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2017-05-10 21:39 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll 2017-05-10 21:39 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2017-05-10 21:39 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2017-05-10 21:39 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll 2017-05-10 21:39 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-05-10 21:39 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll 2017-05-10 21:39 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2017-05-10 21:39 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-05-10 21:39 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll 2017-05-10 21:39 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2017-05-10 21:39 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-05-10 21:39 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2017-05-10 21:39 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2017-05-10 21:39 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll 2017-05-10 21:39 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll 2017-05-10 21:39 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-05-10 21:39 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2017-05-10 21:39 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2017-05-10 21:39 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-05-10 21:39 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll 2017-05-10 21:39 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-05-10 21:39 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-05-10 21:39 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-05-10 21:39 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-05-10 21:39 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2017-05-10 21:39 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-05-10 21:39 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll 2017-05-10 21:39 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll 2017-05-10 21:39 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-05-10 21:39 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2017-05-10 21:39 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll 2017-05-10 21:39 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2017-05-10 21:39 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll 2017-05-10 21:39 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2017-05-10 21:39 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-05-10 21:39 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2017-05-10 21:39 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2017-05-10 21:39 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2017-05-10 21:39 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2017-05-10 21:39 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll 2017-05-10 21:39 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2017-05-10 21:39 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2017-05-10 21:39 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-05-10 21:39 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2017-05-10 21:39 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2017-05-10 21:39 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-05-10 21:38 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-05-10 21:38 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2017-05-10 21:38 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2017-05-10 21:38 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2017-05-10 21:38 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-05-10 21:38 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-05-10 21:38 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-05-10 21:38 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-05-10 21:38 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2017-05-10 21:38 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2017-05-10 21:38 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2017-05-10 21:38 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2017-05-10 21:38 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll 2017-05-10 21:38 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2017-05-10 21:38 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys 2017-05-10 21:38 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2017-05-10 21:38 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-05-10 21:38 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-05-10 21:38 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2017-05-10 21:38 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2017-05-10 21:38 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2017-05-10 21:38 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-05-10 21:38 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2017-05-10 21:38 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2017-05-10 21:38 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2017-05-10 21:38 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2017-05-10 21:38 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2017-05-10 21:38 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2017-05-10 21:38 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2017-05-10 21:38 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2017-05-10 21:38 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-05-10 21:38 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2017-05-10 21:38 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2017-05-10 21:38 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2017-05-10 21:38 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2017-05-10 21:38 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-05-10 21:38 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2017-05-10 21:38 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2017-05-10 21:38 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-05-10 21:38 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2017-05-10 21:38 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2017-05-10 21:38 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2017-05-10 21:38 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll 2017-05-10 21:38 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2017-05-10 21:38 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2017-05-10 21:38 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2017-05-10 21:38 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-05-10 21:38 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2017-05-10 21:38 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2017-05-10 21:38 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2017-05-10 21:38 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2017-05-10 21:38 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2017-05-10 21:38 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2017-05-10 21:38 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2017-05-10 21:38 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2017-05-10 21:38 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-05-10 21:38 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2017-05-10 21:38 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-05-10 21:38 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2017-05-10 21:38 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-05-10 21:38 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-05-10 21:38 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2017-05-10 21:38 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2017-05-10 21:38 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2017-05-10 21:38 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys 2017-05-10 21:38 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll 2017-05-10 21:38 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll 2017-05-10 21:38 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2017-05-10 21:38 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2017-05-10 21:38 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe 2017-05-10 21:38 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2017-05-10 21:38 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2017-05-10 21:38 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2017-05-10 21:38 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll 2017-05-10 21:38 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll 2017-05-10 21:38 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2017-05-10 21:38 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll 2017-05-10 21:38 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2017-05-10 21:38 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll 2017-05-10 21:38 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2017-05-10 21:38 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2017-05-10 21:38 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2017-05-10 21:38 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2017-05-10 21:38 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll 2017-05-10 21:38 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2017-05-10 21:38 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2017-05-10 21:38 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2017-05-10 21:38 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-05-10 21:38 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2017-05-10 21:38 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2017-05-10 21:38 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll 2017-05-10 21:38 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2017-05-10 21:38 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2017-05-10 21:38 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2017-05-10 21:38 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2017-05-10 21:38 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-05-10 21:38 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll 2017-05-10 21:38 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-05-10 21:38 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-05-10 21:38 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll 2017-05-10 21:38 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-05-10 21:38 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll 2017-05-10 21:38 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2017-05-10 21:38 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-05-10 21:38 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll 2017-05-10 21:38 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll 2017-05-10 21:38 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-05-10 21:38 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-05-10 21:38 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll 2017-05-10 21:38 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2017-05-10 21:38 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2017-05-10 21:38 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2017-05-10 21:38 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2017-05-10 21:38 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-05-10 21:38 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2017-05-10 21:38 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll 2017-05-10 21:38 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2017-05-10 21:38 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2017-05-10 21:38 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2017-05-10 21:38 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2017-05-10 21:38 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-05-10 21:38 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll 2017-05-10 21:38 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2017-05-10 21:38 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe 2017-05-10 21:38 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2017-05-10 21:38 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2017-05-10 21:38 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2017-05-10 21:38 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2017-05-10 21:38 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-05-10 21:38 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll 2017-05-10 21:38 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2017-05-10 21:38 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2017-05-10 21:38 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2017-05-10 21:38 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2017-05-10 21:38 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2017-05-10 21:38 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-05-10 21:38 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2017-05-10 21:38 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2017-05-10 21:38 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-05-10 21:38 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2017-05-10 21:38 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2017-05-10 21:38 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2017-05-10 21:38 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-05-10 21:38 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-05-10 21:38 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2017-05-10 21:38 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll 2017-05-10 21:38 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-05-10 21:38 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2017-05-10 21:38 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll 2017-05-10 21:38 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2017-05-10 21:38 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2017-05-10 21:38 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2017-05-10 21:38 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe 2017-05-10 21:38 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-05-10 21:38 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2017-05-10 21:38 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2017-05-10 21:38 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2017-05-10 21:38 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2017-05-10 21:38 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2017-05-10 21:38 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-05-23 09:37 - 2016-10-14 20:07 - 00000000 ____D C:\Program Files\trend micro 2017-05-23 09:36 - 2016-10-23 17:18 - 00000000 ____D C:\Users\louisa-jeaninne\AppData\LocalLow\360WD 2017-05-22 21:44 - 2016-09-30 01:35 - 01520214 _____ C:\WINDOWS\system32\perfh013.dat 2017-05-22 21:44 - 2016-09-30 01:35 - 00407204 _____ C:\WINDOWS\system32\perfc013.dat 2017-05-22 21:44 - 2016-09-29 23:41 - 03557086 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-05-22 21:39 - 2016-09-29 23:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-05-22 21:39 - 2016-09-08 20:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-05-22 21:39 - 2016-09-08 20:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-05-22 21:39 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI 2017-05-22 21:33 - 2017-03-09 21:54 - 00000000 ____D C:\Users\louisa-jeaninne\AppData\Local\CrashDumps 2017-05-22 21:33 - 2016-10-13 11:28 - 00000000 ____D C:\WINDOWS\Minidump 2017-05-22 21:33 - 2016-09-16 21:09 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-05-22 21:33 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2017-05-22 21:20 - 2016-09-29 23:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2017-05-22 21:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-05-20 17:07 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2017-05-16 20:09 - 2016-09-08 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-05-16 10:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2017-05-16 10:35 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2017-05-16 10:31 - 2016-10-11 19:51 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-05-15 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-05-15 21:46 - 2016-07-22 19:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-05-12 21:23 - 2016-11-13 20:26 - 00000000 ____D C:\Users\louisa-jeaninne\Desktop\sica 2017-05-12 18:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2017-05-10 21:48 - 2015-11-02 20:02 - 00000000 __RHD C:\Users\Public\AccountPictures 2017-05-10 21:47 - 2016-09-17 21:51 - 00000404 _____ C:\WINDOWS\Tasks\HPCeeScheduleForlouisa-jeaninne.job 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-05-10 21:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2017-05-10 21:47 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2017-05-10 21:21 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll 2017-05-09 21:16 - 2016-09-07 21:36 - 00000000 ____D C:\WINDOWS\system32\MRT 2017-05-09 21:15 - 2016-09-07 21:36 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-05-07 19:26 - 2016-09-29 23:48 - 00003336 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForlouisa-jeaninne 2017-05-02 09:06 - 2016-09-06 09:42 - 00000000 ____D C:\Users\louisa-jeaninne\AppData\Local\Packages 2017-05-01 23:34 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-04-28 18:12 - 2016-10-11 19:51 - 00003574 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2017-04-28 18:12 - 2016-10-11 19:51 - 00003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2017-04-28 03:01 - 2016-09-29 23:42 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2017-04-25 10:44 - 2016-09-12 17:51 - 00000000 ____D C:\Users\louisa-jeaninne\AppData\Local\ElevatedDiagnostics ==================== Files in the root of some directories ======= 2016-09-10 20:02 - 2016-09-10 20:02 - 0008192 _____ () C:\Users\louisa-jeaninne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-05-20 11:19 ==================== End of FRST.txt ============================