1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

[Solved] Gateway Malware

Discussion in 'Malware Removal Help' started by Rustys, Jan 5, 2017.

  1. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    The system was give to me so I have uninstalled all the old and crapware.

    Gateway NE56R31u

    Ran the scan and will be posted in order ran.

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 1/5/17
    Scan Time: 11:22 AM
    Logfile: Malwarebytes.txt
    Administrator: Yes

    -Software Information-
    Version: 3.0.5.1299
    Components Version: 1.0.43
    Update Package Version: 1.0.935
    License: Trial

    -System Information-
    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: RUSTYS\Russell

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 97077
    Time Elapsed: 26 min, 28 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 58
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\INTERFACE\{4404078E-2745-4E25-B010-BBC026C0E9C2}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4404078E-2745-4E25-B010-BBC026C0E9C2}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4404078E-2745-4E25-B010-BBC026C0E9C2}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\INTERFACE\{B03CD630-51ED-4B15-974C-76472E4624C0}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B03CD630-51ED-4B15-974C-76472E4624C0}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B03CD630-51ED-4B15-974C-76472E4624C0}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\TYPELIB\{E38FA7CB-C053-4B07-84AD-BCA6D2BE4FE7}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E38FA7CB-C053-4B07-84AD-BCA6D2BE4FE7}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E38FA7CB-C053-4B07-84AD-BCA6D2BE4FE7}, No Action By User, [342], [168490],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}, No Action By User, [70], [160140],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}, No Action By User, [70], [160140],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, No Action By User, [70], [-1],0.0.0
    PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, No Action By User, [70], [-1],0.0.0
    PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, No Action By User, [70], [160141],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, No Action By User, [70], [160141],1.0.935
    PUP.Optional.MP3Rocket, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34}, No Action By User, [12615], [168560],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}\InprocServer32, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{9945959C-AAD8-4312-8B57-2DE11927E770}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{BD125908-5F10-409F-9C01-F2207CA18887}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BD125908-5F10-409F-9C01-F2207CA18887}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9945959C-AAD8-4312-8B57-2DE11927E770}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9945959C-AAD8-4312-8B57-2DE11927E770}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{80703783-E415-4EE3-AB60-D36981C5A6F1}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{80703783-E415-4EE3-AB60-D36981C5A6F1}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}\InprocServer32, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}\InprocServer32, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\AskPartnerNetwork, No Action By User, [10857], [186877],1.0.935
    PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{b0441a0e-a49a-4e16-afc1-74ecced1921f}, No Action By User, [646], [245525],1.0.935
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr, No Action By User, [6133], [244209],1.0.935
    PUP.Optional.TidyNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dmidaiabaeipgkcooijbikmdcofhpakp, No Action By User, [701], [244071],1.0.935
    PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OldSearch, No Action By User, [12051], [242758],1.0.935
    PUP.Optional.TidyNetwork, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0B03010A-8185-4EC4-A558-F2B887B84E2C}, No Action By User, [701], [258734],1.0.935
    PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AFD96696-4F3A-46E6-9A5E-C3071A1F0BAB}, No Action By User, [295], [259410],1.0.935
    PUP.Optional.ResultsHub, HKLM\SOFTWARE\WOW6432NODE\ManyResultsHub, No Action By User, [12030], [235127],1.0.935
    PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, No Action By User, [8596], [243672],1.0.935
    PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\SPPDCOM, No Action By User, [12861], [253651],1.0.935
    PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Update Solution Real, No Action By User, [70], [254029],1.0.935
    PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Util Solution Real, No Action By User, [70], [254029],1.0.935
    PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [8596], [243667],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1FA101D-1CCB-4F01-BE5E-B2A23E521C68}, No Action By User, [306], [237510],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a1fa101d-1ccb-4f01-be5e-b2a23e521c68}, No Action By User, [306], [237510],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5CDC237-C45C-4370-9AC5-C16B15F1DDEC}, No Action By User, [306], [237509],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c5cdc237-c45c-4370-9ac5-c16b15f1ddec}, No Action By User, [306], [237509],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F1B15137-9CCC-4F11-BD30-3777091DA48E}, No Action By User, [306], [237508],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f1b15137-9ccc-4f11-bd30-3777091da48e}, No Action By User, [306], [237508],1.0.935
    PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, No Action By User, [17630], [252393],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, No Action By User, [70], [246106],1.0.935
    PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DealPly, No Action By User, [295], [237629],1.0.935
    PUP.Optional.TidyNetwork, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\TidyNetwork Update, No Action By User, [701], [244073],1.0.935
    PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, No Action By User, [10857], [186876],1.0.935

    Registry Value: 21
    PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, No Action By User, [12861], [-1],0.0.0
    PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, No Action By User, [12861], [-1],0.0.0
    PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DONOTASKAGAIN, No Action By User, [70], [246561],1.0.935
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, No Action By User, [6133], [244208],1.0.935
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, No Action By User, [6133], [244208],1.0.935
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, No Action By User, [6133], [244208],1.0.935
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, No Action By User, [6133], [244208],1.0.935
    PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{b0441a0e-a49a-4e16-afc1-74ecced1921f}|DISPLAYNAME, No Action By User, [646], [245525],1.0.935
    PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{b0441a0e-a49a-4e16-afc1-74ecced1921f}|URL, No Action By User, [646], [245524],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, No Action By User, [70], [293257],1.0.935
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, No Action By User, [6133], [244209],1.0.935
    PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\OldSearch|SUGGESTIONSURL_JSON, No Action By User, [12051], [242758],1.0.935
    PUP.Optional.TidyNetwork, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{0B03010A-8185-4EC4-A558-F2B887B84E2C}|PATH, No Action By User, [701], [258734],1.0.935
    PUP.Optional.DealPly, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AFD96696-4F3A-46E6-9A5E-C3071A1F0BAB}|PATH, No Action By User, [295], [259410],1.0.935
    PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\SPPDCOM|TS, No Action By User, [12861], [253651],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a1fa101d-1ccb-4f01-be5e-b2a23e521c68}|APPNAME, No Action By User, [306], [237510],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c5cdc237-c45c-4370-9ac5-c16b15f1ddec}|APPNAME, No Action By User, [306], [237509],1.0.935
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f1b15137-9ccc-4f11-bd30-3777091da48e}|APPNAME, No Action By User, [306], [237508],1.0.935
    PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, No Action By User, [17630], [252393],1.0.935
    PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|OBJECT BROWSER-BG.EXE, No Action By User, [1234], [260099],1.0.935
    PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}|URL, No Action By User, [70], [246106],1.0.935

    Data Stream: 0
    (No malicious items detected)

    Folder: 149
    PUP.Optional.APNToolBar.Gen, C:\PROGRAMDATA\APN\APN-Stub, No Action By User, [10857], [175062],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-lagazzettadellosport, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-financialtimes.de, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-corrieredellasera, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-todayinhistory, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-financialtimes, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-programmetv, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-beppegrillo, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-bbcsports, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-expansion, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-sportsru, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-sportsnl, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-pbkdaily, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\simple-email-list, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\amazon-navigation, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-lequipe, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-lemonde, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-elmundo, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-newsru, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-mtv.it, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-kicker, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-ascom, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-folha, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-nu-nl, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\search-box-DLA, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-voici, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\ultimosegundo, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-abc, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\ebay_vanilla, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\facebook\5.2, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-uol, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\ask-homepage, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\mindspark, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\wordoftheday, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-bbc, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-g1, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\v5parity, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\weather\6.0, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\taskbar, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\radio\4.0, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\video\4.1, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\facebook, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\plain, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\imesh, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\avira, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css\images, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\cnn\2.0, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\map\2.1, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\weather, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\video, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\orkut, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\radio, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\newtab, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\search-suggestion, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\map, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\cnn, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\rebuttal\images, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\vk, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\images, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\hack, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\rebuttal, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\shims, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\Updater\Response, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\Updater\Config, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\Updater, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\PROGRAMDATA\AskPartnerNetwork, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\7\resources, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugincontainer, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\2, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\3, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\5, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\6, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\7, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\8, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\PROGRAMDATA\e325c549-dfea-4258-ac01-0f7baf68f990, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.SlimCleanerPlus, C:\Program Files\SlimCleaner Plus\locales, No Action By User, [1657], [331458],1.0.935
    PUP.Optional.SlimCleanerPlus, C:\PROGRAM FILES\SlimCleaner Plus, No Action By User, [1657], [331458],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\Shared\CRX, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\Shared, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\ChromeUtils, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata\Mozilla\Firefox\Profiles, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata\Mozilla\Firefox, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\VNT, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata\Mozilla, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\REAL1-SP, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\CRX, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\PROGRAM FILES (X86)\AskPartnerNetwork, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.AppInitDll, C:\PROGRAMDATA\{85C46D07-D546-BC81-64C0-CC03B4421F8D}\1.7.1.0, No Action By User, [16516], [235498],1.0.935
    PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Many Results Hub\Extensions, No Action By User, [8154], [183540],1.0.935
    PUP.Optional.Yontoo.Gen, C:\PROGRAM FILES (X86)\MANY RESULTS HUB, No Action By User, [8154], [183540],1.0.935
    PUP.Optional.ConduitTB.Gen, C:\PROGRAM FILES (X86)\CONDUIT\COMMUNITY ALERTS, No Action By User, [13488], [176175],1.0.935
    PUP.Optional.ResultsHub, C:\Program Files (x86)\Common Files\e325c549-dfea-4258-ac01-0f7baf68f990\updater, No Action By User, [12030], [180674],1.0.935
    PUP.Optional.ResultsHub, C:\PROGRAM FILES (X86)\COMMON FILES\E325C549-DFEA-4258-AC01-0F7BAF68F990, No Action By User, [12030], [180674],1.0.935
    PUP.Optional.SearchProtect, C:\SearchProtect\ffprotect, No Action By User, [2455], [344702],1.0.935
    PUP.Optional.SearchProtect, C:\SEARCHPROTECT, No Action By User, [2455], [344702],1.0.935

    File: 323
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\init-bg-messaging.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\background-options.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\background.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\background.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\browser-action.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\cache-config.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\cookies.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\feeds.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\fixup-jquery-for-ie.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\history.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\ie-bg-shim.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\lifecycle.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\localStorage.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\OneTimeCode.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\popup.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\preference.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\rebuttal.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\registry.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\reporting.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\search.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\security.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\sideByside.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\tabs.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\background\utils.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\avira\avira.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\imesh\imesh.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\mindspark\mindspark.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\mindspark\new-search-button-mid.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\mindspark\new-search-button-sides.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\plain\plain.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\taskbar\taskbar.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\themes\v5parity\v5parity.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\bl-new-tab.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\chrome-options.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\containers.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\hp-new-tab.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\new-tab.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\searchbox.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\css\toolbar.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\ask_flat_20x.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\logo_128x.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\logo_19x.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\logo_19x_grey.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\logo_24x.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\logo_32x.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\logo\toolbar-icons.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\newtab\bl-homepage_logo.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\newtab\btn_x.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\newtab\homepage_logo.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\newtab\manifier.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\newtab\thirdparty_icons.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\btn_search_ask_taskbar.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\logo_cobrand_18px.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\logo_cobrand_24px.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\new-search-button-mid.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\new-search-button-sides.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\search-button-mid.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\search\search-button-sides.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_1.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_10.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_10plus.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_2.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_3.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_4.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_5.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_6.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_7.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_8.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_9.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_exclaim.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\badge_numbers.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\bdg-gradient.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\bg.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\curved-divider.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\vanilla\left-bg.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\images\IDR_WEBSTORE_ICON.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-ascom\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-nu-nl\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\amazon-navigation\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\ask-homepage\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\cnn\2.0\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\ebay_vanilla\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\facebook\5.2\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\blackjack_32.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\BubbleTown.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-3in1checkers-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-4balls-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-cubefield-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-doublewires-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-fishdom.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-goldminer-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-jewelsolitare-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-pacxon-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-supercollapse.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\game-tropix-01.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\games.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\SlingoSupreme.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\games-feed\sudoku_32.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\map\2.1\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-abc\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-bbc\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-bbcsports\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-beppegrillo\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-corrieredellasera\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-elmundo\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-expansion\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-financialtimes\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-financialtimes.de\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-folha\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-g1\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-kicker\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-lagazzettadellosport\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-lemonde\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-lequipe\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-mtv.it\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-newsru\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-pbkdaily\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-programmetv\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-sportsnl\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-sportsru\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-todayinhistory\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-uol\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\netvibes-voici\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\orkut\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\radio\4.0\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\simple-email-list\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\simple-email-list\gmail.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\simple-email-list\hotmail.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\simple-email-list\outlook.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\simple-email-list\yahoo!.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\css\options.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images\button-blue-1x20.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images\button-grey-1x26.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images\icons.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images\lightblue-1x43.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\images\trans-big.gif, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\js\options.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\js\translations.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\SPE-options\options.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\ultimosegundo\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\video\4.1\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\vk\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\weather\6.0\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widgets\wordoftheday\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\bl-new-tab-page.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\chrome-options.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\content-script.xul, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\init-tb-stuff.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\new-tab-page.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\newtab-overlay.xul, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\newtab-subscript.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\toolbar.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\toolbar.xul, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widget-bundled.xul, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\skin\widget-hosted.xul, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\build.json, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\lang-config.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\tb-config.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\test-widget-config.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\widget-config.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\config\widget-config.jse, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\hack\facebook.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\hack\relative.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\hack\static.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\content-script.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\injector.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\inline-html.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\notify-presence.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\positioning.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\toolbar.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\widget-hosted.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\content_script\widget.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\shims\console.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\async-gate.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\browser-shim.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\constant.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\DataStore.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\default-config.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\i18n.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\jquery.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\json.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\logger.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\polyfill.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\protocol.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\state-machine.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\tb-config-update.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\tb-message.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\widget-config-update.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\widget-messaging.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\lib\window-position.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\animated-overlay.gif, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_diagonals-thick_18_b81900_40x40.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_diagonals-thick_20_666666_40x40.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_flat_10_000000_40x100.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_glass_100_f6f6f6_1x400.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_glass_100_fdf5ce_1x400.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_glass_65_ffffff_1x400.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_gloss-wave_35_f6a828_500x100.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_highlight-soft_100_eeeeee_1x100.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-bg_highlight-soft_75_ffe45c_1x100.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-icons_222222_256x240.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-icons_228ef1_256x240.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-icons_ef8c08_256x240.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-icons_ffd27a_256x240.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\images\ui-icons_ffffff_256x240.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\jquery-ui.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\css\search-suggestion.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\js\jquery-ui.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\newtab\search-suggestion\js\search-suggestion.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\bl-new-tab-page.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\chrome-options.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\ieCS.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\IFrameButton.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\init-toolbar.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\new-tab-page.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\rebuttal.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\reel.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\searchbox.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\shimIE.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\SimpleButton.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\tb_ux\toolbar.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\images\button-blue-1x20.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\images\button-grey-1x26.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\images\button.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\images\icons.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\images\lightblue-1x43.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\options.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\options.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\options\options.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\rebuttal\images\warning.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\rebuttal\rebuttal.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\rebuttal\rebuttal.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\rebuttal\rebuttal.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\search-suggestion\search-suggestion.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\search-suggestion\search-suggestion.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\search-suggestion\search-suggestion.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css\images\footer_gradient.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css\images\footer_shadow.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css\images\image_placeholder.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css\images\item-bg.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\css\menu.css, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\js\api.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\js\feed.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\js\menu.js, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\feed.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\widgets\templates\menu.html, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\icon.png, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\CRX\49.1\manifest.json, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\Updater\Config\Config.31.10.3.0-3.xml, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\Updater\Response\Response.31.10.3.0-4.xml, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\REAL1-SP\Updater\Response\Response.31.10.3.0-5.xml, No Action By User, [10857], [175063],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\plugins\2\Plugin.exe, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.ResultsHub, C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990\temp, No Action By User, [12030], [180673],1.0.935
    PUP.Optional.Yontoo, C:\PROGRAMDATA\NTUSER.POL, No Action By User, [70], [-1],0.0.0
    PUP.Optional.Yontoo, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, No Action By User, [70], [-1],0.0.0
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_REAL1-SP@apn.ask.com.xpi, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaadgepjkdffhjbkfjgnnffnfcffbg.crx, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\ChromeUtils\APNNativeMsgHost.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\ChromeUtils\com.apn.native_messaging_host_aaaaadgepjkdffhjbkfjgnnffnfcffbg.json, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\SO.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\VNT\content.zip, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\VNT\vntldr.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\program files\VNT\vntsrv.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1031.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1033.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1034.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1036.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1040.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1041.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1043.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1045.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\1049.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\2070.mst, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Source\AskToolbarInstaller-12.19.0_REAL1-SP.msi, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\REAL1-SP\Passport_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\REAL1-SP\config.xml, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe, No Action By User, [10857], [175065],1.0.935
    PUP.Optional.AppInitDll, C:\PROGRAMDATA\{85C46D07-D546-BC81-64C0-CC03B4421F8D}\1.7.1.0\LARI.DLL, No Action By User, [16516], [235498],1.0.935
    PUP.Optional.AppInitDll, C:\ProgramData\{85C46D07-D546-BC81-64C0-CC03B4421F8D}\1.7.1.0\dExtent, No Action By User, [16516], [235498],1.0.935
    PUP.Optional.AppInitDll, C:\ProgramData\{85C46D07-D546-BC81-64C0-CC03B4421F8D}\1.7.1.0\extent, No Action By User, [16516], [235498],1.0.935
    PUP.Optional.Yontoo.Gen, C:\PROGRAM FILES (X86)\MANY RESULTS HUB\7ZA.EXE, No Action By User, [8154], [183540],1.0.935
    PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Many Results Hub\Extensions\hddfpfnkeibagklooafcojfejhfjdjmc.crx, No Action By User, [8154], [183540],1.0.935
    PUP.Optional.Yontoo.Gen, C:\Program Files (x86)\Many Results Hub\Extensions\{7c23c8f6-07ac-45dd-a305-9ba9dc6b8e93}.xpi, No Action By User, [8154], [183540],1.0.935
    PUP.Optional.SearchProtect.AppFlsh, C:\WINDOWS\APPPATCH\CUSTOM\{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, No Action By User, [12861], [253628],1.0.935

    Physical Sector: 0
    (No malicious items detected)


    (end)
     
  2. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    # AdwCleaner v6.041 - Logfile created 05/01/2017 at 12:03:51
    # Updated on 16/12/2016 by Malwarebytes
    # Database : 2017-01-05.2 [Server]
    # Operating System : Windows 10 Home (X64)
    # Username : Russell - RUSTYS
    # Running from : C:\Users\Russell\Desktop\AdwCleaner.exe
    # Mode: Clean
    # Support : https://www.malwarebytes.com/support



    ***** [ Services ] *****



    ***** [ Folders ] *****

    [-] Folder deleted: C:\Program Files (x86)\Many Results Hub
    [-] Folder deleted: C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990
    [-] Folder deleted: C:\ProgramData\e72152a9130e6b75
    [-] Folder deleted: C:\ProgramData\{85C46D07-D546-BC81-64C0-CC03B4421F8D}
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\{85C46D07-D546-BC81-64C0-CC03B4421F8D}
    [-] Folder deleted: C:\Program Files\Conduit
    [-] Folder deleted: C:\Program Files\slimcleaner plus
    [#] Folder deleted on reboot: C:\Program Files\SlimCleaner Plus
    [-] Folder deleted: C:\SearchProtect
    [-] Folder deleted: C:\ProgramData\apn
    [-] Folder deleted: C:\ProgramData\Ask
    [-] Folder deleted: C:\ProgramData\AskPartnerNetwork
    [-] Folder deleted: C:\ProgramData\slimware utilities inc
    [#] Folder deleted on reboot: C:\ProgramData\SlimWare Utilities Inc
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\apn
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\Ask
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\AskPartnerNetwork
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\slimware utilities inc
    [#] Folder deleted on reboot: C:\ProgramData\Application Data\SlimWare Utilities Inc
    [-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
    [-] Folder deleted: C:\Program Files (x86)\AskPartnerNetwork
    [-] Folder deleted: C:\Program Files (x86)\Conduit
    [-] Folder deleted: C:\Program Files (x86)\HiDefMedia


    ***** [ Files ] *****

    [-] File deleted: C:\END
    [-] File deleted: C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb


    ***** [ DLL ] *****



    ***** [ WMI ] *****



    ***** [ Shortcuts ] *****



    ***** [ Scheduled Tasks ] *****

    [-] Task deleted: {85C46D07-D546-BC81-64C0-CC03B4421F8D}
    [-] Task deleted: Dealply
    [-] Task deleted: TidyNetwork Update
    [-] Task deleted: 0
    [-] Task deleted: DealPly


    ***** [ Registry ] *****

    [-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
    [-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetup.exe
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39f067ba-d922-419a-8994-56576a08b213}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5601a898-cc8f-4278-9479-f998fe28a3b2}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6818868a-1b3d-4e35-a561-fa964a96cd3b}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79e57afa-bc05-4636-9457-fbc0abb3576b}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9193e23b-4182-493f-a38e-682307a7c463}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1fa101d-1ccb-4f01-be5e-b2a23e521c68}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bf75b5a2-8403-4f70-88a6-488e3bea0d7b}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c5cdc237-c45c-4370-9ac5-c16b15f1ddec}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e1f80eb5-8af4-410d-87c1-4f3e2776822a}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f1b15137-9ccc-4f11-bd30-3777091da48e}
    [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService
    [#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService
    [-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
    [-] Key deleted: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
    [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
    [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
    [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}
    [-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
    [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
    [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
    [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
    [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    [-] Key deleted: HKU\.DEFAULT\Software\AskPartnerNetwork
    [-] Key deleted: HKU\.DEFAULT\Software\Yahoo\Companion
    [-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    [-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
    [-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
    [#] Key deleted on reboot: HKU\S-1-5-18\Software\AskPartnerNetwork
    [#] Key deleted on reboot: HKU\S-1-5-18\Software\Yahoo\Companion
    [#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    [#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\Software\Object Browser
    [#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\Software\Yahoo\Companion
    [-] Key deleted: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
    [-] Key deleted: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    [-] Key deleted: HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    [-] Key deleted: HKLM\SOFTWARE\Conduit
    [-] Key deleted: HKLM\SOFTWARE\iLividSRTB
    [-] Key deleted: HKLM\SOFTWARE\PIP
    [-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
    [-] Key deleted: HKLM\SOFTWARE\SPPDCOM
    [-] Key deleted: HKLM\SOFTWARE\torch
    [-] Key deleted: HKLM\SOFTWARE\Yahoo\Companion
    [-] Key deleted: [x64] HKLM\SOFTWARE\AskPartnerNetwork
    [-] Key deleted: [x64] HKLM\SOFTWARE\SearchModule
    [-] Key deleted: [x64] HKLM\SOFTWARE\Tarma Installer
    [-] Key deleted: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
    [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    [-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
    [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch
    [-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    [-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    [-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
    [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
    [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnUpdater]
    [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DataMngr]
    [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [mobilegeni daemon]
    [#] Key deleted on reboot: HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
    [-] Key deleted: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
    [-] Key deleted: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
    [-] Key deleted: HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe


    ***** [ Web browsers ] *****



    *************************

    :: "Tracing" keys deleted
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [17185 Bytes] - [05/01/2017 12:03:51]
    C:\AdwCleaner\AdwCleaner[S0].txt - [16743 Bytes] - [05/01/2017 11:59:21]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [17333 Bytes] ##########

    # AdwCleaner v6.041 - Logfile created 05/01/2017 at 11:59:21
    # Updated on 16/12/2016 by Malwarebytes
    # Database : 2017-01-05.2 [Server]
    # Operating System : Windows 10 Home (X64)
    # Username : Russell - RUSTYS
    # Running from : C:\Users\Russell\Desktop\AdwCleaner.exe
    # Mode: Scan
    # Support : https://www.malwarebytes.com/support



    ***** [ Services ] *****

    No malicious services found.


    ***** [ Folders ] *****

    Folder Found: C:\Program Files (x86)\Many Results Hub
    Folder Found: C:\ProgramData\e325c549-dfea-4258-ac01-0f7baf68f990
    Folder Found: C:\ProgramData\e72152a9130e6b75
    Folder Found: C:\ProgramData\{85C46D07-D546-BC81-64C0-CC03B4421F8D}
    Folder Found: C:\ProgramData\Application Data\{85C46D07-D546-BC81-64C0-CC03B4421F8D}
    Folder Found: C:\Program Files\Conduit
    Folder Found: C:\Program Files\slimcleaner plus
    Folder Found: C:\Program Files\SlimCleaner Plus
    Folder Found: C:\SearchProtect
    Folder Found: C:\ProgramData\apn
    Folder Found: C:\ProgramData\Ask
    Folder Found: C:\ProgramData\AskPartnerNetwork
    Folder Found: C:\ProgramData\slimware utilities inc
    Folder Found: C:\ProgramData\SlimWare Utilities Inc
    Folder Found: C:\ProgramData\Application Data\apn
    Folder Found: C:\ProgramData\Application Data\Ask
    Folder Found: C:\ProgramData\Application Data\AskPartnerNetwork
    Folder Found: C:\ProgramData\Application Data\slimware utilities inc
    Folder Found: C:\ProgramData\Application Data\SlimWare Utilities Inc
    Folder Found: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
    Folder Found: C:\Program Files (x86)\AskPartnerNetwork
    Folder Found: C:\Program Files (x86)\Conduit
    Folder Found: C:\Program Files (x86)\HiDefMedia


    ***** [ Files ] *****

    File Found: C:\END
    File Found: C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb


    ***** [ DLL ] *****

    No malicious DLLs found.


    ***** [ WMI ] *****

    No malicious keys found.


    ***** [ Shortcuts ] *****

    No infected shortcut found.


    ***** [ Scheduled Tasks ] *****

    Task Found: {85C46D07-D546-BC81-64C0-CC03B4421F8D}
    Task Found: Dealply
    Task Found: TidyNetwork Update
    Task Found: 0
    Task Found: DealPly


    ***** [ Registry ] *****

    Value Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
    Key Found: HKLM\SOFTWARE\Classes\Applications\iLividSetup.exe
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39f067ba-d922-419a-8994-56576a08b213}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5601a898-cc8f-4278-9479-f998fe28a3b2}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6818868a-1b3d-4e35-a561-fa964a96cd3b}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{79e57afa-bc05-4636-9457-fbc0abb3576b}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9193e23b-4182-493f-a38e-682307a7c463}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1fa101d-1ccb-4f01-be5e-b2a23e521c68}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{bf75b5a2-8403-4f70-88a6-488e3bea0d7b}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c5cdc237-c45c-4370-9ac5-c16b15f1ddec}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e1f80eb5-8af4-410d-87c1-4f3e2776822a}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f1b15137-9ccc-4f11-bd30-3777091da48e}
    Key Found: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService
    Key Found: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WebCakeUpdaterService
    Key Found: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
    Key Found: HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
    Key Found: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar
    Key Found: [x64] HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1
    Key Found: HKLM\SOFTWARE\Classes\AppID\{7375D127-3955-4654-8E7D-1949A7A9C902}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{99415057-7C50-439D-AA20-02D83C071B61}
    Key Found: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{371AD4A5-1520-4AA2-A8A4-F9AD3BAC6957}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{7F124846-5453-4BB8-A41D-E11481FFC9DF}
    Key Found: HKLM\SOFTWARE\Classes\Interface\{8FD65019-BF09-45DA-AD81-E95AE911F1FD}
    Key Found: HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
    Key Found: HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Found: HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
    Key Found: HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
    Key Found: HKLM\SOFTWARE\Classes\TypeLib\{F6C2BABA-9E4C-425F-9AEC-24AB8F2B640D}
    Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
    Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Found: HKU\.DEFAULT\Software\AskPartnerNetwork
    Key Found: HKU\.DEFAULT\Software\Yahoo\Companion
    Key Found: HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found: HKU\.DEFAULT\Software\AppDataLow\Software\Object Browser
    Key Found: HKU\.DEFAULT\Software\AppDataLow\Software\Yahoo\Companion
    Key Found: HKU\S-1-5-18\Software\AskPartnerNetwork
    Key Found: HKU\S-1-5-18\Software\Yahoo\Companion
    Key Found: HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
    Key Found: HKU\S-1-5-18\Software\AppDataLow\Software\Object Browser
    Key Found: HKU\S-1-5-18\Software\AppDataLow\Software\Yahoo\Companion
    Key Found: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Updater By Sweetpacks
    Key Found: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Found: HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
    Key Found: HKLM\SOFTWARE\Conduit
    Key Found: HKLM\SOFTWARE\iLividSRTB
    Key Found: HKLM\SOFTWARE\PIP
    Key Found: HKLM\SOFTWARE\SlimWare Utilities Inc
    Key Found: HKLM\SOFTWARE\SPPDCOM
    Key Found: HKLM\SOFTWARE\torch
    Key Found: HKLM\SOFTWARE\Yahoo\Companion
    Key Found: [x64] HKLM\SOFTWARE\AskPartnerNetwork
    Key Found: [x64] HKLM\SOFTWARE\SearchModule
    Key Found: [x64] HKLM\SOFTWARE\Tarma Installer
    Key Found: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
    Key Found: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggTJVgOVVpAFhgbJF8JTA0SRwwOeQ9dWBQVFQEXcQ1eVApCFVAFIk0FA1ADB0VXfVBdFElXTwhuIVdBM
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}
    Key Found: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
    Value Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch
    Key Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    Data Found: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
    Data Found: [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
    Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
    Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnUpdater]
    Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [DataMngr]
    Value Found: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [mobilegeni daemon]
    Key Found: HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
    Key Found: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
    Key Found: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
    Key Found: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
    Key Found: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
    Key Found: HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
    Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
    Key Found: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe


    ***** [ Web browsers ] *****

    No malicious Firefox based browser items found.
    No malicious Chromium based browser items found.

    *************************

    C:\AdwCleaner\AdwCleaner[S0].txt - [16401 Bytes] - [05/01/2017 11:59:21]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16475 Bytes] ##########
     
  3. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
    Ran by Russell (administrator) on RUSTYS (05-01-2017 12:14:02)
    Running from C:\Users\Russell\Desktop
    Loaded Profiles: Russell (Available Profiles: Russell)
    Platform: Windows 10 Home (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: Edge)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
    () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Dritek System INC.) C:\Windows\RfBtnSvc64.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Acer Incorporated) C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.17020_none_1152834562020692\TiWorker.exe
    (Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.233.4010.0.exe
    (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-09] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
    HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
    HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe [533568 2012-08-22] (NTI Corporation)
    Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2017-01-04] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2017-01-04] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2017-01-04] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2017-01-04] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2017-01-04] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2017-01-04] (Microsoft Corporation)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway MyBackup Tray.lnk [2012-09-06]
    ShortcutTarget: Gateway MyBackup Tray.lnk -> C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe (NTI Corporation)
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{48cde328-0062-4125-b94c-3d10bc289e26}: [DhcpNameServer] 75.75.75.75 75.75.76.76
    Tcpip\..\Interfaces\{feeeb2f8-703a-4a2c-8d8b-05904c4fb88e}: [DhcpNameServer] 192.168.0.1 205.171.3.25

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
    HKU\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
    SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-04] (Microsoft Corporation)
    BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
    BHO-x32: No Name -> {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} -> No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

    FireFox:
    ========
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
    FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-12-18] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)

    Chrome:
    =======
    CHR HKLM-x32\...\Chrome\Extension: [dmidaiabaeipgkcooijbikmdcofhpakp] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-11-01] (Microsoft Corporation)
    S3 DeviceFastLaneService; C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-22] (Acer Incorporated)
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-09] (ELAN Microelectronics Corp.)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
    R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [259136 2012-08-22] (NTI Corporation)
    R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32880 2015-07-27] ()
    R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-06] (Dritek System INC.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2016-10-25] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-11-19] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
    R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77416 2016-12-14] ()
    R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-05] (Malwarebytes)
    R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-05] (Malwarebytes)
    R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-05] (Malwarebytes)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-05] (Malwarebytes)
    R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-05] (Malwarebytes)
    R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-06] (Dritek System Inc.)
    R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-07-10] (Realtek Semiconductor Corporation )
    S3 taphss6; C:\WINDOWS\system32\DRIVERS\taphss6.sys [42184 2013-06-20] (Anchorfree Inc.)
    S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
    S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    U0 aswVmm; no ImagePath
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-01-05 12:14 - 2017-01-05 12:15 - 00012589 _____ C:\Users\Russell\Desktop\FRST.txt
    2017-01-05 12:08 - 2017-01-05 12:14 - 00000000 ____D C:\FRST
    2017-01-05 12:05 - 2017-01-05 12:05 - 00016148 _____ C:\WINDOWS\system32\RUSTYS_Russell_HistoryPrediction.bin
    2017-01-05 11:51 - 2017-01-05 12:03 - 00000000 ____D C:\AdwCleaner
    2017-01-05 11:50 - 2017-01-05 11:50 - 00092679 _____ C:\Users\Russell\Desktop\Malwarebytes.txt
    2017-01-05 11:19 - 2017-01-05 11:19 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
    2017-01-05 11:18 - 2017-01-05 12:06 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
    2017-01-05 11:18 - 2017-01-05 12:06 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
    2017-01-05 11:18 - 2017-01-05 12:05 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2017-01-05 11:18 - 2017-01-05 12:05 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
    2017-01-05 11:18 - 2017-01-05 11:18 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2017-01-05 11:18 - 2017-01-05 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2017-01-05 11:18 - 2016-12-14 12:55 - 00077416 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
    2017-01-05 11:17 - 2017-01-05 11:17 - 00000000 ____D C:\Program Files\Malwarebytes
    2017-01-05 11:14 - 2017-01-05 11:51 - 03977168 _____ C:\Users\Russell\Desktop\AdwCleaner.exe
    2017-01-05 11:13 - 2017-01-05 12:08 - 02418176 _____ (Farbar) C:\Users\Russell\Desktop\FRST64.exe
    2017-01-05 11:12 - 2017-01-05 11:17 - 54199488 _____ (Malwarebytes ) C:\Users\Russell\Desktop\mb3-setup-consumer-3.0.5.1299.exe
    2017-01-05 10:56 - 2017-01-05 10:56 - 00016148 _____ C:\WINDOWS\system32\THUMPERSTOY_Russell_HistoryPrediction.bin
    2017-01-05 10:28 - 2017-01-05 10:28 - 00013384 ____N C:\bootsqm.dat
    2017-01-05 02:28 - 2017-01-05 02:28 - 00000000 ___HD C:\$WINDOWS.~BT
    2017-01-05 02:28 - 2017-01-05 02:28 - 00000000 ____D C:\WINDOWS\Panther
    2017-01-05 02:05 - 2017-01-05 02:05 - 00000000 ____D C:\Users\Russell\Desktop\Wait Wait
    2017-01-05 01:37 - 2017-01-05 10:30 - 00349312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-01-04 23:56 - 2016-11-19 03:28 - 03467784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
    2017-01-04 23:56 - 2016-11-19 03:27 - 01538176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2017-01-04 23:56 - 2016-11-19 02:46 - 22326760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-01-04 23:56 - 2016-11-19 02:44 - 06525424 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
    2017-01-04 23:56 - 2016-11-19 01:14 - 20862488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-01-04 23:56 - 2016-11-19 00:34 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-01-04 23:56 - 2016-11-19 00:16 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2017-01-04 23:56 - 2016-11-18 23:33 - 19334144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-01-04 23:56 - 2016-11-18 23:29 - 21855232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-01-04 23:56 - 2016-11-18 23:22 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2017-01-04 23:56 - 2016-11-18 22:37 - 18796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-01-04 23:56 - 2016-10-25 02:35 - 06488304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2017-01-04 23:56 - 2016-10-25 01:15 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2017-01-04 23:56 - 2016-10-24 23:30 - 06791168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2017-01-04 23:56 - 2016-10-24 23:24 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2017-01-04 23:56 - 2016-10-24 22:44 - 05163008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2017-01-04 23:56 - 2016-09-29 21:09 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
    2017-01-04 23:56 - 2016-09-29 20:28 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
    2017-01-04 23:55 - 2016-11-19 03:45 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
    2017-01-04 23:55 - 2016-11-19 03:26 - 08015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-01-04 23:55 - 2016-11-19 02:44 - 01134792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
    2017-01-04 23:55 - 2016-11-19 00:25 - 12514816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-01-04 23:55 - 2016-11-19 00:24 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2017-01-04 23:55 - 2016-11-19 00:20 - 03170816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-01-04 23:55 - 2016-11-19 00:02 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2017-01-04 23:55 - 2016-11-18 23:48 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2017-01-04 23:55 - 2016-11-18 23:35 - 14247424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2017-01-04 23:55 - 2016-11-18 23:26 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2017-01-04 23:55 - 2016-11-18 23:22 - 02639360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-01-04 23:55 - 2016-11-18 23:18 - 07528448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-01-04 23:55 - 2016-11-18 22:49 - 12594688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2017-01-04 23:55 - 2016-10-25 02:27 - 01981280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-01-04 23:55 - 2016-10-25 01:56 - 03643992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2017-01-04 23:55 - 2016-10-25 01:17 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2017-01-04 23:55 - 2016-10-25 00:35 - 02898656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2017-01-04 23:55 - 2016-10-24 23:55 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
    2017-01-04 23:55 - 2016-10-24 23:49 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-01-04 23:55 - 2016-10-24 23:30 - 03782144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2017-01-04 23:55 - 2016-10-24 22:55 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-01-04 23:55 - 2016-10-24 22:53 - 02875392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
    2017-01-04 23:55 - 2016-10-24 22:51 - 05510144 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2017-01-04 23:55 - 2016-10-24 22:48 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2017-01-04 23:55 - 2016-10-24 22:46 - 02559488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2017-01-04 23:55 - 2016-10-24 22:39 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2017-01-04 23:55 - 2016-10-24 22:20 - 01794560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2017-01-04 23:55 - 2016-10-24 22:15 - 04737536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2017-01-04 23:55 - 2016-10-24 22:14 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2017-01-04 23:55 - 2016-10-24 22:10 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2017-01-04 23:55 - 2016-09-29 20:58 - 02405888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2017-01-04 23:55 - 2016-09-06 22:23 - 02429792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2017-01-04 23:55 - 2016-01-04 20:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
    2017-01-04 23:55 - 2016-01-04 20:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
    2017-01-04 23:54 - 2016-11-19 03:29 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2017-01-04 23:54 - 2016-11-19 03:29 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2017-01-04 23:54 - 2016-11-19 03:24 - 02495776 _____ C:\WINDOWS\system32\CoreUIComponents.dll
    2017-01-04 23:54 - 2016-11-19 03:19 - 02640872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2017-01-04 23:54 - 2016-11-19 03:15 - 02601160 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
    2017-01-04 23:54 - 2016-11-19 01:58 - 04046768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2017-01-04 23:54 - 2016-11-19 01:57 - 02153288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2017-01-04 23:54 - 2016-11-19 00:43 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2017-01-04 23:54 - 2016-11-19 00:19 - 02839040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
    2017-01-04 23:54 - 2016-11-18 23:40 - 03581952 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-01-04 23:54 - 2016-11-18 23:23 - 04398592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
    2017-01-04 23:54 - 2016-11-18 23:17 - 04791808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-01-04 23:54 - 2016-11-18 22:38 - 11271168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-01-04 23:54 - 2016-11-18 22:38 - 05456384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-01-04 23:54 - 2016-10-25 02:30 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2017-01-04 23:54 - 2016-10-25 02:29 - 01823752 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2017-01-04 23:54 - 2016-10-25 02:25 - 01420392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2017-01-04 23:54 - 2016-10-25 01:13 - 01531888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2017-01-04 23:54 - 2016-10-25 01:13 - 01085632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2017-01-04 23:54 - 2016-10-25 01:08 - 00645152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2017-01-04 23:54 - 2016-10-25 00:32 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2017-01-04 23:54 - 2016-10-25 00:08 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2017-01-04 23:54 - 2016-10-24 23:52 - 01276928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
    2017-01-04 23:54 - 2016-10-24 23:51 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
    2017-01-04 23:54 - 2016-10-24 23:18 - 01016832 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2017-01-04 23:54 - 2016-10-24 23:14 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2017-01-04 23:54 - 2016-10-24 23:12 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2017-01-04 23:54 - 2016-10-24 23:11 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2017-01-04 23:54 - 2016-10-24 23:05 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
    2017-01-04 23:54 - 2016-10-24 23:03 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2017-01-04 23:54 - 2016-10-24 22:59 - 01119744 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2017-01-04 23:54 - 2016-10-24 22:56 - 02181120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-01-04 23:54 - 2016-10-24 22:53 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
    2017-01-04 23:54 - 2016-10-24 22:50 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2017-01-04 23:54 - 2016-10-24 22:44 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
    2017-01-04 23:54 - 2016-10-24 22:39 - 01522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2017-01-04 23:54 - 2016-10-24 22:38 - 01489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
    2017-01-04 23:54 - 2016-10-24 22:32 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
    2017-01-04 23:54 - 2016-10-24 22:25 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2017-01-04 23:54 - 2016-10-24 22:24 - 03555328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2017-01-04 23:54 - 2016-10-24 22:24 - 01034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2017-01-04 23:54 - 2016-10-24 22:23 - 03549696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
    2017-01-04 23:54 - 2016-10-24 22:20 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
    2017-01-04 23:54 - 2016-10-24 22:17 - 02362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
    2017-01-04 23:54 - 2016-10-24 22:16 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
    2017-01-04 23:54 - 2016-10-24 22:14 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2017-01-04 23:54 - 2016-10-24 22:14 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
    2017-01-04 23:54 - 2016-10-24 22:13 - 01122304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
    2017-01-04 23:54 - 2016-10-24 21:54 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
    2017-01-04 23:54 - 2016-10-24 21:46 - 01422336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
    2017-01-04 23:54 - 2016-09-29 23:01 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2017-01-04 23:54 - 2016-09-29 23:00 - 02147072 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
    2017-01-04 23:54 - 2016-09-29 23:00 - 01563480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2017-01-04 23:54 - 2016-09-29 23:00 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
    2017-01-04 23:54 - 2016-09-29 22:59 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-01-04 23:54 - 2016-09-29 21:24 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2017-01-04 23:54 - 2016-09-29 21:24 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
    2017-01-04 23:54 - 2016-09-29 21:04 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
    2017-01-04 23:54 - 2016-09-29 21:01 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
    2017-01-04 23:54 - 2016-09-29 20:59 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2017-01-04 23:54 - 2016-09-29 20:57 - 01718272 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2017-01-04 23:54 - 2016-09-29 20:57 - 01670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2017-01-04 23:54 - 2016-09-29 20:17 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2017-01-04 23:54 - 2016-09-06 22:39 - 02158960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
    2017-01-04 23:54 - 2016-09-06 22:23 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
    2017-01-04 23:54 - 2016-09-06 22:21 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2017-01-04 23:54 - 2016-09-06 22:18 - 00660320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2017-01-04 23:54 - 2016-09-06 22:12 - 02749872 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
    2017-01-04 23:54 - 2016-09-06 21:27 - 01012736 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2017-01-04 23:54 - 2016-09-06 21:24 - 01353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
    2017-01-04 23:54 - 2016-09-06 21:21 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
    2017-01-04 23:54 - 2016-09-06 21:16 - 02556928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
    2017-01-04 23:54 - 2016-09-06 21:16 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
    2017-01-04 23:54 - 2016-09-06 21:15 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2017-01-04 23:54 - 2016-09-06 21:14 - 02764288 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
    2017-01-04 23:54 - 2016-09-06 21:11 - 01871872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2017-01-04 23:54 - 2016-09-06 21:09 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2017-01-04 23:54 - 2016-09-06 20:59 - 01744384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
    2017-01-04 23:54 - 2016-09-06 20:58 - 01148928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
    2017-01-04 23:54 - 2016-09-06 20:57 - 02405376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
    2017-01-04 23:54 - 2016-09-06 20:57 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2017-01-04 23:54 - 2016-09-06 20:53 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2017-01-04 23:54 - 2016-05-27 21:00 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2017-01-04 23:54 - 2016-01-04 19:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
    2017-01-04 23:54 - 2016-01-04 19:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
    2017-01-04 23:53 - 2016-11-19 03:28 - 00652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
    2017-01-04 23:53 - 2016-11-19 03:25 - 02816016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
    2017-01-04 23:53 - 2016-11-19 03:21 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
    2017-01-04 23:53 - 2016-11-19 02:43 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2017-01-04 23:53 - 2016-11-19 01:52 - 01766496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2017-01-04 23:53 - 2016-11-19 01:03 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
    2017-01-04 23:53 - 2016-11-19 01:02 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2017-01-04 23:53 - 2016-11-19 00:56 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-01-04 23:53 - 2016-11-19 00:55 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
    2017-01-04 23:53 - 2016-11-19 00:20 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2017-01-04 23:53 - 2016-11-19 00:15 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2017-01-04 23:53 - 2016-11-18 23:39 - 01381376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-01-04 23:53 - 2016-11-18 23:36 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2017-01-04 23:53 - 2016-11-18 23:22 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2017-01-04 23:53 - 2016-11-18 23:22 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-01-04 23:53 - 2016-11-18 23:21 - 02198016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
    2017-01-04 23:53 - 2016-11-18 23:18 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
    2017-01-04 23:53 - 2016-11-18 23:08 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2017-01-04 23:53 - 2016-11-18 22:59 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2017-01-04 23:53 - 2016-11-18 22:41 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-01-04 23:53 - 2016-11-02 07:52 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2017-01-04 23:53 - 2016-10-25 02:39 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2017-01-04 23:53 - 2016-10-25 02:31 - 01824872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2017-01-04 23:53 - 2016-10-25 02:30 - 01147136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2017-01-04 23:53 - 2016-10-25 02:29 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
    2017-01-04 23:53 - 2016-10-25 02:29 - 00595016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2017-01-04 23:53 - 2016-10-25 02:22 - 00588832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
    2017-01-04 23:53 - 2016-10-25 02:22 - 00535560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
    2017-01-04 23:53 - 2016-10-25 01:54 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
    2017-01-04 23:53 - 2016-10-25 01:18 - 00953472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2017-01-04 23:53 - 2016-10-25 01:13 - 01535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2017-01-04 23:53 - 2016-10-25 01:10 - 00998416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2017-01-04 23:53 - 2016-10-25 01:08 - 01522632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2017-01-04 23:53 - 2016-10-25 01:04 - 01180704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2017-01-04 23:53 - 2016-10-25 00:47 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
    2017-01-04 23:53 - 2016-10-25 00:37 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
    2017-01-04 23:53 - 2016-10-25 00:37 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2017-01-04 23:53 - 2016-10-25 00:33 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
    2017-01-04 23:53 - 2016-10-25 00:01 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2017-01-04 23:53 - 2016-10-24 23:52 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
    2017-01-04 23:53 - 2016-10-24 23:28 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
    2017-01-04 23:53 - 2016-10-24 23:21 - 01389056 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
    2017-01-04 23:53 - 2016-10-24 23:14 - 02727936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
    2017-01-04 23:53 - 2016-10-24 23:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
    2017-01-04 23:53 - 2016-10-24 23:09 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2017-01-04 23:53 - 2016-10-24 23:04 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2017-01-04 23:53 - 2016-10-24 23:03 - 04645888 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2017-01-04 23:53 - 2016-10-24 23:02 - 01044992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
    2017-01-04 23:53 - 2016-10-24 23:00 - 01857024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
    2017-01-04 23:53 - 2016-10-24 23:00 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
    2017-01-04 23:53 - 2016-10-24 22:44 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2017-01-04 23:53 - 2016-10-24 22:43 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
    2017-01-04 23:53 - 2016-10-24 22:39 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
    2017-01-04 23:53 - 2016-10-24 22:39 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
    2017-01-04 23:53 - 2016-10-24 22:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
    2017-01-04 23:53 - 2016-10-24 22:30 - 00609792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
    2017-01-04 23:53 - 2016-10-24 22:29 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2017-01-04 23:53 - 2016-10-24 22:24 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
    2017-01-04 23:53 - 2016-10-24 22:24 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2017-01-04 23:53 - 2016-10-24 22:23 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
    2017-01-04 23:53 - 2016-10-24 22:22 - 02926592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2017-01-04 23:53 - 2016-10-24 22:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
    2017-01-04 23:53 - 2016-10-24 22:09 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2017-01-04 23:53 - 2016-10-24 22:06 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
    2017-01-04 23:53 - 2016-09-29 21:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2017-01-04 23:53 - 2016-09-29 20:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-01-04 23:53 - 2016-09-29 20:22 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2017-01-04 23:53 - 2016-09-29 20:16 - 01467904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2017-01-04 23:53 - 2016-09-06 22:54 - 01178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
    2017-01-04 23:53 - 2016-09-06 22:54 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
    2017-01-04 23:53 - 2016-09-06 22:54 - 00602256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
    2017-01-04 23:53 - 2016-09-06 22:52 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
    2017-01-04 23:53 - 2016-09-06 22:50 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2017-01-04 23:53 - 2016-09-06 22:45 - 00468832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2017-01-04 23:53 - 2016-09-06 22:25 - 01085768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
    2017-01-04 23:53 - 2016-09-06 22:25 - 00838808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2017-01-04 23:53 - 2016-09-06 22:24 - 01550056 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
    2017-01-04 23:53 - 2016-09-06 22:24 - 00786112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
    2017-01-04 23:53 - 2016-09-06 22:23 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
    2017-01-04 23:53 - 2016-09-06 21:37 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
    2017-01-04 23:53 - 2016-09-06 21:26 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2017-01-04 23:53 - 2016-09-06 21:23 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
    2017-01-04 23:53 - 2016-09-06 21:21 - 01094144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
    2017-01-04 23:53 - 2016-09-06 21:20 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
    2017-01-04 23:53 - 2016-09-06 21:20 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
    2017-01-04 23:53 - 2016-09-06 21:17 - 02222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
    2017-01-04 23:53 - 2016-09-06 21:15 - 01889280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2017-01-04 23:53 - 2016-09-06 21:15 - 01787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
    2017-01-04 23:53 - 2016-09-06 21:14 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2017-01-04 23:53 - 2016-09-06 21:13 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
    2017-01-04 23:53 - 2016-09-06 21:12 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2017-01-04 23:53 - 2016-09-06 21:09 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2017-01-04 23:53 - 2016-09-06 21:07 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
    2017-01-04 23:53 - 2016-09-06 21:07 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
    2017-01-04 23:53 - 2016-09-06 21:05 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
    2017-01-04 23:53 - 2016-09-06 21:04 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
    2017-01-04 23:53 - 2016-09-06 21:01 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
    2017-01-04 23:53 - 2016-09-06 20:57 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
    2017-01-04 23:53 - 2016-09-06 20:56 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
    2017-01-04 23:53 - 2016-09-06 20:55 - 01138688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
    2017-01-04 23:53 - 2016-08-02 21:39 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
    2017-01-04 23:53 - 2016-06-23 21:07 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
    2017-01-04 23:53 - 2016-06-23 20:45 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
    2017-01-04 23:53 - 2016-05-27 20:54 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2017-01-04 23:53 - 2016-05-27 20:44 - 00737792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2017-01-04 23:53 - 2016-05-27 20:40 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2017-01-04 23:53 - 2016-05-27 20:39 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2017-01-04 23:53 - 2016-05-27 20:29 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2017-01-04 23:53 - 2016-04-09 03:05 - 01199368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2017-01-04 23:53 - 2016-04-09 00:38 - 00464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2017-01-04 23:53 - 2016-02-23 07:11 - 00781984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
    2017-01-04 23:53 - 2016-02-23 05:42 - 00658536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
    2017-01-04 23:53 - 2016-01-30 22:24 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-01-04 23:53 - 2016-01-04 20:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
    2017-01-04 23:53 - 2016-01-04 19:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
    2017-01-04 23:53 - 2016-01-04 18:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2017-01-04 23:52 - 2016-11-19 03:26 - 01298008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2017-01-04 23:52 - 2016-11-19 03:18 - 01591304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2017-01-04 23:52 - 2016-11-19 03:16 - 02543784 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2017-01-04 23:52 - 2016-11-19 02:40 - 00365920 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2017-01-04 23:52 - 2016-11-19 02:18 - 01781416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2017-01-04 23:52 - 2016-11-19 01:57 - 01365584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2017-01-04 23:52 - 2016-11-19 01:44 - 02188472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2017-01-04 23:52 - 2016-11-19 01:42 - 01811360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2017-01-04 23:52 - 2016-11-19 00:55 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
    2017-01-04 23:52 - 2016-11-19 00:53 - 03792896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
    2017-01-04 23:52 - 2016-11-19 00:20 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-01-04 23:52 - 2016-11-19 00:17 - 02253824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
    2017-01-04 23:52 - 2016-11-19 00:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2017-01-04 23:52 - 2016-11-19 00:04 - 01416704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2017-01-04 23:52 - 2016-11-18 23:54 - 02599424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
    2017-01-04 23:52 - 2016-11-18 23:41 - 04168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2017-01-04 23:52 - 2016-11-18 23:16 - 07502848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2017-01-04 23:52 - 2016-11-02 07:52 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2017-01-04 23:52 - 2016-11-02 06:30 - 00545400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2017-01-04 23:52 - 2016-11-02 06:30 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2017-01-04 23:52 - 2016-10-25 02:30 - 01587240 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
    2017-01-04 23:52 - 2016-10-25 01:15 - 00508768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2017-01-04 23:52 - 2016-10-25 01:08 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
    2017-01-04 23:52 - 2016-10-25 01:02 - 00380256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
    2017-01-04 23:52 - 2016-10-25 00:34 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2017-01-04 23:52 - 2016-10-25 00:30 - 01719296 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
    2017-01-04 23:52 - 2016-10-25 00:26 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
    2017-01-04 23:52 - 2016-10-25 00:03 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
    2017-01-04 23:52 - 2016-10-25 00:02 - 00354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-01-04 23:52 - 2016-10-24 23:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
    2017-01-04 23:52 - 2016-10-24 23:50 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
    2017-01-04 23:52 - 2016-10-24 23:50 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
    2017-01-04 23:52 - 2016-10-24 23:45 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
    2017-01-04 23:52 - 2016-10-24 23:43 - 01811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
    2017-01-04 23:52 - 2016-10-24 23:40 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
    2017-01-04 23:52 - 2016-10-24 23:40 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-01-04 23:52 - 2016-10-24 23:31 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
    2017-01-04 23:52 - 2016-10-24 23:19 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2017-01-04 23:52 - 2016-10-24 23:19 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
    2017-01-04 23:52 - 2016-10-24 23:13 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
    2017-01-04 23:52 - 2016-10-24 23:10 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
    2017-01-04 23:52 - 2016-10-24 23:10 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2017-01-04 23:52 - 2016-10-24 23:10 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
    2017-01-04 23:52 - 2016-10-24 23:07 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
    2017-01-04 23:52 - 2016-10-24 22:57 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
    2017-01-04 23:52 - 2016-10-24 22:55 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2017-01-04 23:52 - 2016-10-24 22:51 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2017-01-04 23:52 - 2016-10-24 22:48 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2017-01-04 23:52 - 2016-10-24 22:46 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
    2017-01-04 23:52 - 2016-10-24 22:39 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
    2017-01-04 23:52 - 2016-10-24 22:35 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2017-01-04 23:52 - 2016-10-24 22:34 - 02576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
    2017-01-04 23:52 - 2016-10-24 22:30 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
    2017-01-04 23:52 - 2016-10-24 22:30 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
    2017-01-04 23:52 - 2016-10-24 22:22 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
    2017-01-04 23:52 - 2016-10-24 22:22 - 01286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
    2017-01-04 23:52 - 2016-10-24 22:15 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
    2017-01-04 23:52 - 2016-10-24 21:54 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
    2017-01-04 23:52 - 2016-10-24 21:49 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
    2017-01-04 23:52 - 2016-10-24 19:19 - 00775304 _____ C:\WINDOWS\SysWOW64\locale.nls
    2017-01-04 23:52 - 2016-10-24 19:19 - 00775304 _____ C:\WINDOWS\system32\locale.nls
    2017-01-04 23:52 - 2016-09-29 22:58 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
    2017-01-04 23:52 - 2016-09-29 22:41 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
    2017-01-04 23:52 - 2016-09-29 22:41 - 00850272 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
    2017-01-04 23:52 - 2016-09-29 21:21 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
    2017-01-04 23:52 - 2016-09-29 21:04 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
    2017-01-04 23:52 - 2016-09-29 21:02 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2017-01-04 23:52 - 2016-09-29 21:00 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2017-01-04 23:52 - 2016-09-06 22:55 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
    2017-01-04 23:52 - 2016-09-06 22:54 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
    2017-01-04 23:52 - 2016-09-06 22:54 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
    2017-01-04 23:52 - 2016-09-06 22:52 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2017-01-04 23:52 - 2016-09-06 22:40 - 00568176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2017-01-04 23:52 - 2016-09-06 22:38 - 00630120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2017-01-04 23:52 - 2016-09-06 22:25 - 01951872 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2017-01-04 23:52 - 2016-09-06 22:25 - 01101784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2017-01-04 23:52 - 2016-09-06 22:25 - 00630152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2017-01-04 23:52 - 2016-09-06 22:23 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2017-01-04 23:52 - 2016-09-06 22:23 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2017-01-04 23:52 - 2016-09-06 22:14 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2017-01-04 23:52 - 2016-09-06 21:38 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
    2017-01-04 23:52 - 2016-09-06 21:30 - 00507904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
    2017-01-04 23:52 - 2016-09-06 21:25 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
    2017-01-04 23:52 - 2016-09-06 21:23 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
    2017-01-04 23:52 - 2016-09-06 21:22 - 04213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
    2017-01-04 23:52 - 2016-09-06 21:21 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
    2017-01-04 23:52 - 2016-09-06 21:19 - 01676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
    2017-01-04 23:52 - 2016-09-06 21:19 - 00873984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2017-01-04 23:52 - 2016-09-06 21:17 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
    2017-01-04 23:52 - 2016-09-06 21:17 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
    2017-01-04 23:52 - 2016-09-06 21:16 - 00931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2017-01-04 23:52 - 2016-09-06 21:12 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2017-01-04 23:52 - 2016-09-06 21:11 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
    2017-01-04 23:52 - 2016-09-06 21:04 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2017-01-04 23:52 - 2016-09-06 21:00 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
    2017-01-04 23:52 - 2016-09-06 21:00 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
    2017-01-04 23:52 - 2016-09-06 20:59 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
    2017-01-04 23:52 - 2016-09-06 20:57 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2017-01-04 23:52 - 2016-09-06 20:56 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
    2017-01-04 23:52 - 2016-09-06 20:55 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
    2017-01-04 23:52 - 2016-09-06 20:55 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2017-01-04 23:52 - 2016-09-06 20:53 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
    2017-01-04 23:52 - 2016-05-27 22:02 - 00421536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2017-01-04 23:52 - 2016-05-27 22:00 - 00327520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2017-01-04 23:52 - 2016-05-27 21:38 - 00372368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
    2017-01-04 23:52 - 2016-05-27 20:54 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2017-01-04 23:52 - 2016-05-27 20:41 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2017-01-04 23:52 - 2016-04-09 03:52 - 00502504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
    2017-01-04 23:52 - 2016-04-09 03:10 - 00609976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
    2017-01-04 23:52 - 2016-04-09 00:55 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
    2017-01-04 23:52 - 2016-04-08 23:43 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2017-01-04 23:52 - 2016-03-15 20:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2017-01-04 23:52 - 2016-03-15 20:36 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2017-01-04 23:52 - 2016-03-15 20:17 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2017-01-04 23:52 - 2016-03-15 20:14 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
    2017-01-04 23:52 - 2016-03-15 20:13 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2017-01-04 23:52 - 2016-03-15 20:13 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
    2017-01-04 23:52 - 2016-02-23 07:41 - 00299600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
    2017-01-04 23:52 - 2016-02-23 06:21 - 00529456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2017-01-04 23:52 - 2016-02-23 06:11 - 00249976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
    2017-01-04 23:52 - 2016-01-04 19:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
    2017-01-04 23:52 - 2016-01-04 19:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
    2017-01-04 23:52 - 2016-01-04 18:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
    2017-01-04 23:52 - 2016-01-04 18:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
    2017-01-04 23:52 - 2016-01-04 18:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
    2017-01-04 23:52 - 2015-11-24 21:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2017-01-04 23:51 - 2016-11-19 03:30 - 01023208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2017-01-04 23:51 - 2016-11-19 03:30 - 00862024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2017-01-04 23:51 - 2016-11-19 03:29 - 00605472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2017-01-04 23:51 - 2016-11-19 03:26 - 01127016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2017-01-04 23:51 - 2016-11-19 03:25 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2017-01-04 23:51 - 2016-11-19 03:21 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2017-01-04 23:51 - 2016-11-19 03:16 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2017-01-04 23:51 - 2016-11-19 02:47 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2017-01-04 23:51 - 2016-11-19 02:46 - 00724168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
    2017-01-04 23:51 - 2016-11-19 02:17 - 01366672 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2017-01-04 23:51 - 2016-11-19 02:07 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2017-01-04 23:51 - 2016-11-19 01:53 - 00877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2017-01-04 23:51 - 2016-11-19 01:49 - 01895576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
    2017-01-04 23:51 - 2016-11-19 01:42 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2017-01-04 23:51 - 2016-11-19 01:16 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2017-01-04 23:51 - 2016-11-19 01:08 - 00303448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2017-01-04 23:51 - 2016-11-19 00:50 - 01516968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2017-01-04 23:51 - 2016-11-19 00:44 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
    2017-01-04 23:51 - 2016-11-19 00:22 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
    2017-01-04 23:51 - 2016-11-19 00:18 - 02350080 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2017-01-04 23:51 - 2016-11-18 23:56 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2017-01-04 23:51 - 2016-11-18 23:48 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2017-01-04 23:51 - 2016-11-18 23:48 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
    2017-01-04 23:51 - 2016-11-18 23:42 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2017-01-04 23:51 - 2016-11-18 23:32 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-01-04 23:51 - 2016-11-18 23:24 - 03420160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
    2017-01-04 23:51 - 2016-11-18 23:20 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2017-01-04 23:51 - 2016-11-18 23:14 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
    2017-01-04 23:51 - 2016-11-18 23:00 - 03680256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2017-01-04 23:51 - 2016-11-18 22:54 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
    2017-01-04 23:51 - 2016-11-18 22:35 - 06713856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2017-01-04 23:51 - 2016-11-10 20:01 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2017-01-04 23:51 - 2016-11-10 19:37 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2017-01-04 23:51 - 2016-10-25 02:31 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
    2017-01-04 23:51 - 2016-10-25 02:30 - 00291336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2017-01-04 23:51 - 2016-10-25 02:27 - 00305816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
    2017-01-04 23:51 - 2016-10-25 02:26 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
    2017-01-04 23:51 - 2016-10-25 01:13 - 00253120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
    2017-01-04 23:51 - 2016-10-25 01:09 - 01321224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
    2017-01-04 23:51 - 2016-10-25 01:09 - 00370352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
    2017-01-04 23:51 - 2016-10-25 01:06 - 00253592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
    2017-01-04 23:51 - 2016-10-25 01:04 - 01083648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
    2017-01-04 23:51 - 2016-10-25 00:33 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
    2017-01-04 23:51 - 2016-10-25 00:30 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
    2017-01-04 23:51 - 2016-10-25 00:16 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
    2017-01-04 23:51 - 2016-10-25 00:12 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
    2017-01-04 23:51 - 2016-10-25 00:06 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
    2017-01-04 23:51 - 2016-10-25 00:03 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-01-04 23:51 - 2016-10-24 23:54 - 00309912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
    2017-01-04 23:51 - 2016-10-24 23:50 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2017-01-04 23:51 - 2016-10-24 23:43 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2017-01-04 23:51 - 2016-10-24 23:38 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
    2017-01-04 23:51 - 2016-10-24 23:25 - 02119680 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2017-01-04 23:51 - 2016-10-24 23:23 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
    2017-01-04 23:51 - 2016-10-24 23:22 - 00637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
    2017-01-04 23:51 - 2016-10-24 23:20 - 02550784 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
    2017-01-04 23:51 - 2016-10-24 23:18 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
    2017-01-04 23:51 - 2016-10-24 23:17 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
    2017-01-04 23:51 - 2016-10-24 23:10 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
    2017-01-04 23:51 - 2016-10-24 23:10 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
    2017-01-04 23:51 - 2016-10-24 23:09 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
    2017-01-04 23:51 - 2016-10-24 23:03 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
    2017-01-04 23:51 - 2016-10-24 23:01 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2017-01-04 23:51 - 2016-10-24 22:59 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
    2017-01-04 23:51 - 2016-10-24 22:58 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
    2017-01-04 23:51 - 2016-10-24 22:53 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2017-01-04 23:51 - 2016-10-24 22:51 - 01744384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
    2017-01-04 23:51 - 2016-10-24 22:50 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
    2017-01-04 23:51 - 2016-10-24 22:49 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
    2017-01-04 23:51 - 2016-10-24 22:48 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
    2017-01-04 23:51 - 2016-10-24 22:40 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
    2017-01-04 23:51 - 2016-10-24 22:40 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
    2017-01-04 23:51 - 2016-10-24 22:39 - 02042368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2017-01-04 23:51 - 2016-10-24 22:36 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
    2017-01-04 23:51 - 2016-10-24 22:31 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
    2017-01-04 23:51 - 2016-10-24 22:29 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
    2017-01-04 23:51 - 2016-10-24 22:24 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
    2017-01-04 23:51 - 2016-10-24 22:23 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
    2017-01-04 23:51 - 2016-10-24 22:21 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
    2017-01-04 23:51 - 2016-10-24 22:13 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
    2017-01-04 23:51 - 2016-10-24 22:12 - 03292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
    2017-01-04 23:51 - 2016-09-29 22:43 - 00244064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmipnpinstall.dll
    2017-01-04 23:51 - 2016-09-29 22:41 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2017-01-04 23:51 - 2016-09-29 21:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2017-01-04 23:51 - 2016-09-29 21:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
    2017-01-04 23:51 - 2016-09-29 21:11 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
    2017-01-04 23:51 - 2016-09-29 21:05 - 00192344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmipnpinstall.dll
    2017-01-04 23:51 - 2016-09-29 20:58 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
    2017-01-04 23:51 - 2016-09-29 20:56 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
    2017-01-04 23:51 - 2016-09-29 20:54 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
    2017-01-04 23:51 - 2016-09-29 20:54 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
    2017-01-04 23:51 - 2016-09-29 20:17 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
    2017-01-04 23:51 - 2016-09-29 20:13 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
    2017-01-04 23:51 - 2016-09-06 22:54 - 00809328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
    2017-01-04 23:51 - 2016-09-06 22:52 - 01734424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
    2017-01-04 23:51 - 2016-09-06 22:52 - 00507736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2017-01-04 23:51 - 2016-09-06 22:52 - 00243792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2017-01-04 23:51 - 2016-09-06 22:51 - 00496360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
    2017-01-04 23:51 - 2016-09-06 22:25 - 01248896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
    2017-01-04 23:51 - 2016-09-06 22:25 - 00409072 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
    2017-01-04 23:51 - 2016-09-06 22:24 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2017-01-04 23:51 - 2016-09-06 22:23 - 01860944 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2017-01-04 23:51 - 2016-09-06 22:23 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2017-01-04 23:51 - 2016-09-06 22:23 - 00172016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
    2017-01-04 23:51 - 2016-09-06 22:11 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2017-01-04 23:51 - 2016-09-06 21:37 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
    2017-01-04 23:51 - 2016-09-06 21:34 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
    2017-01-04 23:51 - 2016-09-06 21:31 - 00728576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2017-01-04 23:51 - 2016-09-06 21:29 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2017-01-04 23:51 - 2016-09-06 21:27 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2017-01-04 23:51 - 2016-09-06 21:27 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
    2017-01-04 23:51 - 2016-09-06 21:26 - 03014144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2017-01-04 23:51 - 2016-09-06 21:26 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2017-01-04 23:51 - 2016-09-06 21:26 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
    2017-01-04 23:51 - 2016-09-06 21:23 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2017-01-04 23:51 - 2016-09-06 21:22 - 01055232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
    2017-01-04 23:51 - 2016-09-06 21:22 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
    2017-01-04 23:51 - 2016-09-06 21:21 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2017-01-04 23:51 - 2016-09-06 21:20 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
    2017-01-04 23:51 - 2016-09-06 21:20 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
    2017-01-04 23:51 - 2016-09-06 21:17 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
    2017-01-04 23:51 - 2016-09-06 21:17 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
    2017-01-04 23:51 - 2016-09-06 21:17 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Vault.dll
    2017-01-04 23:51 - 2016-09-06 21:16 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
    2017-01-04 23:51 - 2016-09-06 21:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-01-04 23:51 - 2016-09-06 21:16 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
    2017-01-04 23:51 - 2016-09-06 21:15 - 02950656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
    2017-01-04 23:51 - 2016-09-06 21:14 - 01370112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
    2017-01-04 23:51 - 2016-09-06 21:14 - 00829952 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2017-01-04 23:51 - 2016-09-06 21:14 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
    2017-01-04 23:51 - 2016-09-06 21:14 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2017-01-04 23:51 - 2016-09-06 21:13 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
    2017-01-04 23:51 - 2016-09-06 21:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
    2017-01-04 23:51 - 2016-09-06 21:12 - 01566208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
    2017-01-04 23:51 - 2016-09-06 21:12 - 00665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
    2017-01-04 23:51 - 2016-09-06 21:11 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
    2017-01-04 23:51 - 2016-09-06 21:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
    2017-01-04 23:51 - 2016-09-06 21:10 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
    2017-01-04 23:51 - 2016-09-06 21:10 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
    2017-01-04 23:51 - 2016-09-06 21:09 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2017-01-04 23:51 - 2016-09-06 21:09 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
    2017-01-04 23:51 - 2016-09-06 21:06 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
    2017-01-04 23:51 - 2016-09-06 21:06 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
    2017-01-04 23:51 - 2016-09-06 21:05 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
    2017-01-04 23:51 - 2016-09-06 21:04 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
    2017-01-04 23:51 - 2016-09-06 21:04 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
    2017-01-04 23:51 - 2016-09-06 21:02 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
    2017-01-04 23:51 - 2016-09-06 20:59 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Vault.dll
    2017-01-04 23:51 - 2016-09-06 20:59 - 00624128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
    2017-01-04 23:51 - 2016-09-06 20:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
    2017-01-04 23:51 - 2016-09-06 20:57 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
    2017-01-04 23:51 - 2016-09-06 20:57 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
    2017-01-04 23:51 - 2016-08-02 21:42 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2017-01-04 23:51 - 2016-06-23 21:58 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
    2017-01-04 23:51 - 2016-06-23 20:56 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2017-01-04 23:51 - 2016-06-23 20:44 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
    2017-01-04 23:51 - 2016-05-27 22:00 - 00203496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
    2017-01-04 23:51 - 2016-05-27 21:59 - 00363872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2017-01-04 23:51 - 2016-05-27 21:38 - 00306528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
    2017-01-04 23:51 - 2016-05-27 20:38 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
    2017-01-04 23:51 - 2016-05-27 20:25 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2017-01-04 23:51 - 2016-04-09 03:52 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2017-01-04 23:51 - 2016-04-09 03:05 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
    2017-01-04 23:51 - 2016-04-09 00:52 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
    2017-01-04 23:51 - 2016-04-08 23:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2017-01-04 23:51 - 2016-03-15 21:06 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2017-01-04 23:51 - 2016-03-15 20:56 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
    2017-01-04 23:51 - 2016-03-15 20:51 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2017-01-04 23:51 - 2016-03-15 20:47 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2017-01-04 23:51 - 2016-03-15 20:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2017-01-04 23:51 - 2016-03-15 20:16 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2017-01-04 23:51 - 2016-02-23 07:11 - 00103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2017-01-04 23:51 - 2016-02-23 06:09 - 00229352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
    2017-01-04 23:51 - 2016-02-23 05:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
    2017-01-04 23:51 - 2016-02-23 05:42 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2017-01-04 23:51 - 2016-01-30 22:22 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2017-01-04 23:51 - 2016-01-04 20:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
    2017-01-04 23:51 - 2016-01-04 20:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
    2017-01-04 23:51 - 2016-01-04 20:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
    2017-01-04 23:51 - 2016-01-04 19:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
    2017-01-04 23:51 - 2016-01-04 19:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
    2017-01-04 23:51 - 2016-01-04 19:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
    2017-01-04 23:51 - 2016-01-04 19:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
    2017-01-04 23:51 - 2016-01-04 19:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
    2017-01-04 23:51 - 2016-01-04 19:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
    2017-01-04 23:51 - 2015-11-24 21:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
    2017-01-04 23:51 - 2015-11-24 21:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
    2017-01-04 23:51 - 2015-11-24 21:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
    2017-01-04 23:50 - 2016-11-19 03:30 - 00432352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2017-01-04 23:50 - 2016-11-19 03:26 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2017-01-04 23:50 - 2016-11-19 03:19 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-01-04 23:50 - 2016-11-19 03:17 - 00158072 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2017-01-04 23:50 - 2016-11-19 02:46 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
    2017-01-04 23:50 - 2016-11-19 02:20 - 00224712 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2017-01-04 23:50 - 2016-11-19 02:19 - 00671584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2017-01-04 23:50 - 2016-11-19 02:15 - 00983392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2017-01-04 23:50 - 2016-11-19 01:47 - 02369696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
    2017-01-04 23:50 - 2016-11-19 01:26 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2017-01-04 23:50 - 2016-11-19 01:23 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
    2017-01-04 23:50 - 2016-11-19 01:13 - 00565648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
    2017-01-04 23:50 - 2016-11-19 00:41 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
    2017-01-04 23:50 - 2016-11-19 00:34 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
    2017-01-04 23:50 - 2016-11-19 00:20 - 01686528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
    2017-01-04 23:50 - 2016-11-19 00:19 - 01040384 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
    2017-01-04 23:50 - 2016-11-18 23:43 - 03873280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2017-01-04 23:50 - 2016-11-18 23:43 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2017-01-04 23:50 - 2016-11-18 23:41 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
    2017-01-04 23:50 - 2016-11-18 23:40 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2017-01-04 23:50 - 2016-11-18 22:34 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
    2017-01-04 23:50 - 2016-10-25 02:34 - 00380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
    2017-01-04 23:50 - 2016-10-25 02:30 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
    2017-01-04 23:50 - 2016-10-25 01:10 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
    2017-01-04 23:50 - 2016-10-25 01:10 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
    2017-01-04 23:50 - 2016-10-25 00:32 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
    2017-01-04 23:50 - 2016-10-25 00:32 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
    2017-01-04 23:50 - 2016-10-25 00:12 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
    2017-01-04 23:50 - 2016-10-25 00:11 - 00273760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
    2017-01-04 23:50 - 2016-10-24 23:30 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
    2017-01-04 23:50 - 2016-10-24 23:26 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2017-01-04 23:50 - 2016-10-24 23:22 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
    2017-01-04 23:50 - 2016-10-24 23:14 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
    2017-01-04 23:50 - 2016-10-24 23:03 - 00689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2017-01-04 23:50 - 2016-10-24 23:03 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
    2017-01-04 23:50 - 2016-10-24 23:02 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
    2017-01-04 23:50 - 2016-10-24 22:58 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2017-01-04 23:50 - 2016-10-24 22:53 - 01479168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
    2017-01-04 23:50 - 2016-10-24 22:40 - 01211392 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
    2017-01-04 23:50 - 2016-10-24 22:37 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
    2017-01-04 23:50 - 2016-10-24 22:35 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
    2017-01-04 23:50 - 2016-10-24 22:34 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
    2017-01-04 23:50 - 2016-10-24 22:33 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
    2017-01-04 23:50 - 2016-10-24 22:22 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
    2017-01-04 23:50 - 2016-10-24 22:21 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2017-01-04 23:50 - 2016-10-24 22:00 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2017-01-04 23:50 - 2016-10-24 21:58 - 01495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
    2017-01-04 23:50 - 2016-10-24 21:55 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
    2017-01-04 23:50 - 2016-09-29 21:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2017-01-04 23:50 - 2016-09-29 21:06 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
    2017-01-04 23:50 - 2016-09-29 20:58 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mycomput.dll
    2017-01-04 23:50 - 2016-09-29 20:53 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
    2017-01-04 23:50 - 2016-09-29 20:25 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
    2017-01-04 23:50 - 2016-09-29 20:24 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
    2017-01-04 23:50 - 2016-09-29 20:21 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
    2017-01-04 23:50 - 2016-09-29 20:15 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
    2017-01-04 23:50 - 2016-09-29 20:14 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
    2017-01-04 23:50 - 2016-09-29 20:13 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devmgr.dll
    2017-01-04 23:50 - 2016-09-29 19:00 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml
    2017-01-04 23:50 - 2016-09-06 22:54 - 00408160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-01-04 23:50 - 2016-09-06 22:52 - 00624304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2017-01-04 23:50 - 2016-09-06 22:36 - 00517568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
    2017-01-04 23:50 - 2016-09-06 22:25 - 00329064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
    2017-01-04 23:50 - 2016-09-06 22:23 - 00702504 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2017-01-04 23:50 - 2016-09-06 22:23 - 00426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
    2017-01-04 23:50 - 2016-09-06 22:10 - 00618272 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
    2017-01-04 23:50 - 2016-09-06 21:40 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2017-01-04 23:50 - 2016-09-06 21:38 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
    2017-01-04 23:50 - 2016-09-06 21:29 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2017-01-04 23:50 - 2016-09-06 21:28 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2017-01-04 23:50 - 2016-09-06 21:22 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2017-01-04 23:50 - 2016-09-06 21:22 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
    2017-01-04 23:50 - 2016-09-06 21:22 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
    2017-01-04 23:50 - 2016-09-06 21:17 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2017-01-04 23:50 - 2016-09-06 21:17 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2017-01-04 23:50 - 2016-09-06 21:15 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2017-01-04 23:50 - 2016-09-06 21:14 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
    2017-01-04 23:50 - 2016-09-06 21:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
    2017-01-04 23:50 - 2016-09-06 21:13 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
    2017-01-04 23:50 - 2016-09-06 21:12 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2017-01-04 23:50 - 2016-09-06 21:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
    2017-01-04 23:50 - 2016-09-06 21:12 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2017-01-04 23:50 - 2016-09-06 21:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2017-01-04 23:50 - 2016-09-06 21:11 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
    2017-01-04 23:50 - 2016-09-06 21:11 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
    2017-01-04 23:50 - 2016-09-06 21:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
    2017-01-04 23:50 - 2016-09-06 21:06 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
    2017-01-04 23:50 - 2016-09-06 21:03 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
    2017-01-04 23:50 - 2016-09-06 20:59 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
    2017-01-04 23:50 - 2016-09-06 20:58 - 02181120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
    2017-01-04 23:50 - 2016-09-06 20:57 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
    2017-01-04 23:50 - 2016-09-06 20:55 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
    2017-01-04 23:50 - 2016-09-06 20:55 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
    2017-01-04 23:50 - 2016-09-06 20:53 - 09324032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
    2017-01-04 23:50 - 2016-09-06 20:51 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
    2017-01-04 23:50 - 2016-08-02 21:47 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
    2017-01-04 23:50 - 2016-08-02 21:31 - 01096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
    2017-01-04 23:50 - 2016-06-23 20:42 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
    2017-01-04 23:50 - 2016-05-27 21:38 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2017-01-04 23:50 - 2016-05-27 21:10 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-01-04 23:50 - 2016-05-27 20:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2017-01-04 23:50 - 2016-05-27 20:47 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2017-01-04 23:50 - 2016-04-14 23:05 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
    2017-01-04 23:50 - 2016-04-09 00:22 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
    2017-01-04 23:50 - 2016-03-15 21:08 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2017-01-04 23:50 - 2016-03-15 20:43 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
    2017-01-04 23:50 - 2016-03-15 20:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
    2017-01-04 23:50 - 2016-03-15 20:40 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
    2017-01-04 23:50 - 2016-03-15 20:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
    2017-01-04 23:50 - 2016-03-15 20:36 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
    2017-01-04 23:50 - 2016-03-15 20:35 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
    2017-01-04 23:50 - 2016-03-15 20:31 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
    2017-01-04 23:50 - 2016-03-15 20:31 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
    2017-01-04 23:50 - 2016-03-15 20:17 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
    2017-01-04 23:50 - 2016-03-15 20:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
    2017-01-04 23:50 - 2016-02-23 07:38 - 00272752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
    2017-01-04 23:50 - 2016-02-23 04:37 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
    2017-01-04 23:50 - 2016-02-23 04:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2017-01-04 23:50 - 2016-02-23 03:46 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
    2017-01-04 23:50 - 2016-01-04 20:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
    2017-01-04 23:50 - 2016-01-04 20:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
    2017-01-04 23:50 - 2016-01-04 20:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
    2017-01-04 23:50 - 2016-01-04 19:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
    2017-01-04 23:50 - 2016-01-04 19:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
    2017-01-04 23:50 - 2016-01-04 19:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
    2017-01-04 23:50 - 2016-01-04 19:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
    2017-01-04 23:50 - 2016-01-04 19:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
    2017-01-04 23:50 - 2016-01-04 19:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
    2017-01-04 23:50 - 2016-01-04 19:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
    2017-01-04 23:50 - 2016-01-04 18:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
    2017-01-04 23:50 - 2016-01-04 18:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
    2017-01-04 23:50 - 2016-01-04 18:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
    2017-01-04 23:50 - 2016-01-04 18:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
    2017-01-04 23:50 - 2015-11-24 22:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2017-01-04 23:50 - 2015-11-24 22:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2017-01-04 23:50 - 2015-11-24 21:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2017-01-04 23:50 - 2015-11-24 21:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
    2017-01-04 23:50 - 2015-11-24 21:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
    2017-01-04 23:50 - 2015-11-24 21:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
    2017-01-04 23:50 - 2015-11-24 21:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
    2017-01-04 23:49 - 2016-11-19 03:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
    2017-01-04 23:49 - 2016-11-19 02:44 - 00176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
    2017-01-04 23:49 - 2016-11-19 02:04 - 00151904 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
    2017-01-04 23:49 - 2016-11-19 01:58 - 00365128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2017-01-04 23:49 - 2016-11-19 01:54 - 00439648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2017-01-04 23:49 - 2016-11-19 01:42 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2017-01-04 23:49 - 2016-11-19 01:24 - 00524800 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2017-01-04 23:49 - 2016-11-19 01:24 - 00374784 _____ C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2017-01-04 23:49 - 2016-11-19 01:11 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2017-01-04 23:49 - 2016-11-19 01:02 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2017-01-04 23:49 - 2016-11-19 01:00 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2017-01-04 23:49 - 2016-11-19 00:54 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
    2017-01-04 23:49 - 2016-11-19 00:53 - 00185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2017-01-04 23:49 - 2016-11-19 00:50 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2017-01-04 23:49 - 2016-11-19 00:49 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2017-01-04 23:49 - 2016-11-19 00:44 - 00814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
    2017-01-04 23:49 - 2016-11-19 00:41 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
    2017-01-04 23:49 - 2016-11-19 00:19 - 00775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2017-01-04 23:49 - 2016-11-19 00:08 - 05448704 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
    2017-01-04 23:49 - 2016-11-18 23:27 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2017-01-04 23:49 - 2016-11-18 23:22 - 01492992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
    2017-01-04 23:49 - 2016-11-18 23:21 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
    2017-01-04 23:49 - 2016-11-18 23:21 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2017-01-04 23:49 - 2016-11-18 22:56 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2017-01-04 23:49 - 2016-10-25 02:38 - 00457056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
    2017-01-04 23:49 - 2016-10-25 02:30 - 00031584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
    2017-01-04 23:49 - 2016-10-25 02:23 - 00468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
    2017-01-04 23:49 - 2016-10-25 01:26 - 00323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
    2017-01-04 23:49 - 2016-10-25 00:33 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2017-01-04 23:49 - 2016-10-25 00:33 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
    2017-01-04 23:49 - 2016-10-25 00:33 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
    2017-01-04 23:49 - 2016-10-25 00:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
    2017-01-04 23:49 - 2016-10-25 00:09 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
    2017-01-04 23:49 - 2016-10-25 00:07 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2017-01-04 23:49 - 2016-10-24 23:53 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
    2017-01-04 23:49 - 2016-10-24 23:52 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
    2017-01-04 23:49 - 2016-10-24 23:48 - 00668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
    2017-01-04 23:49 - 2016-10-24 23:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
    2017-01-04 23:49 - 2016-10-24 23:43 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
    2017-01-04 23:49 - 2016-10-24 23:32 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
    2017-01-04 23:49 - 2016-10-24 23:24 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
    2017-01-04 23:49 - 2016-10-24 23:20 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
    2017-01-04 23:49 - 2016-10-24 23:19 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
    2017-01-04 23:49 - 2016-10-24 23:18 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2017-01-04 23:49 - 2016-10-24 23:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
    2017-01-04 23:49 - 2016-10-24 23:16 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
    2017-01-04 23:49 - 2016-10-24 23:16 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
    2017-01-04 23:49 - 2016-10-24 23:14 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
    2017-01-04 23:49 - 2016-10-24 23:07 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
    2017-01-04 23:49 - 2016-10-24 22:59 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
    2017-01-04 23:49 - 2016-10-24 22:58 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
    2017-01-04 23:49 - 2016-10-24 22:52 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
    2017-01-04 23:49 - 2016-10-24 22:41 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2017-01-04 23:49 - 2016-10-24 22:38 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2017-01-04 23:49 - 2016-10-24 22:34 - 02508800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
    2017-01-04 23:49 - 2016-10-24 22:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2017-01-04 23:49 - 2016-10-24 22:29 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
    2017-01-04 23:49 - 2016-10-24 22:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
    2017-01-04 23:49 - 2016-10-24 22:25 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
    2017-01-04 23:49 - 2016-10-24 22:23 - 01049088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
    2017-01-04 23:49 - 2016-10-24 22:21 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
    2017-01-04 23:49 - 2016-10-24 21:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2017-01-04 23:49 - 2016-10-24 21:44 - 03064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
    2017-01-04 23:49 - 2016-09-29 23:00 - 00123744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
    2017-01-04 23:49 - 2016-09-29 21:23 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
    2017-01-04 23:49 - 2016-09-29 21:06 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
    2017-01-04 23:49 - 2016-09-29 21:05 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
    2017-01-04 23:49 - 2016-09-29 21:02 - 00528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
    2017-01-04 23:49 - 2016-09-29 20:39 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
    2017-01-04 23:49 - 2016-09-29 20:17 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mycomput.dll
    2017-01-04 23:49 - 2016-09-06 22:54 - 00363656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
    2017-01-04 23:49 - 2016-09-06 22:53 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2017-01-04 23:49 - 2016-09-06 22:52 - 00366768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
    2017-01-04 23:49 - 2016-09-06 22:52 - 00116216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
    2017-01-04 23:49 - 2016-09-06 22:37 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2017-01-04 23:49 - 2016-09-06 22:25 - 00405008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2017-01-04 23:49 - 2016-09-06 22:25 - 00384280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
    2017-01-04 23:49 - 2016-09-06 22:25 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
    2017-01-04 23:49 - 2016-09-06 22:23 - 00372504 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2017-01-04 23:49 - 2016-09-06 22:08 - 00056336 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
    2017-01-04 23:49 - 2016-09-06 21:42 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
    2017-01-04 23:49 - 2016-09-06 21:42 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2017-01-04 23:49 - 2016-09-06 21:39 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
    2017-01-04 23:49 - 2016-09-06 21:38 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
    2017-01-04 23:49 - 2016-09-06 21:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
    2017-01-04 23:49 - 2016-09-06 21:27 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2017-01-04 23:49 - 2016-09-06 21:25 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2017-01-04 23:49 - 2016-09-06 21:25 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
    2017-01-04 23:49 - 2016-09-06 21:23 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
    2017-01-04 23:49 - 2016-09-06 21:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2017-01-04 23:49 - 2016-09-06 21:22 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
    2017-01-04 23:49 - 2016-09-06 21:22 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
    2017-01-04 23:49 - 2016-09-06 21:21 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
    2017-01-04 23:49 - 2016-09-06 21:21 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-01-04 23:49 - 2016-09-06 21:17 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
    2017-01-04 23:49 - 2016-09-06 21:17 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2017-01-04 23:49 - 2016-09-06 21:17 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
    2017-01-04 23:49 - 2016-09-06 21:14 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
    2017-01-04 23:49 - 2016-09-06 21:11 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
    2017-01-04 23:49 - 2016-09-06 21:11 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
    2017-01-04 23:49 - 2016-09-06 21:10 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
    2017-01-04 23:49 - 2016-09-06 21:09 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
    2017-01-04 23:49 - 2016-09-06 21:08 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
    2017-01-04 23:49 - 2016-09-06 21:06 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
    2017-01-04 23:49 - 2016-09-06 21:05 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndfapi.dll
    2017-01-04 23:49 - 2016-09-06 20:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2017-01-04 23:49 - 2016-09-06 20:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
    2017-01-04 23:49 - 2016-09-06 20:56 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
    2017-01-04 23:49 - 2016-09-06 20:53 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
    2017-01-04 23:49 - 2016-09-06 20:53 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
    2017-01-04 23:49 - 2016-08-16 23:58 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
    2017-01-04 23:49 - 2016-08-02 22:46 - 00158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2017-01-04 23:49 - 2016-08-02 21:34 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2017-01-04 23:49 - 2016-05-27 22:02 - 00113144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2017-01-04 23:49 - 2016-05-27 21:35 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
    2017-01-04 23:49 - 2016-03-15 21:41 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2017-01-04 23:49 - 2016-03-15 21:37 - 01010016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2017-01-04 23:49 - 2016-03-15 20:46 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
    2017-01-04 23:49 - 2016-03-15 20:40 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
    2017-01-04 23:49 - 2016-03-15 20:39 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
    2017-01-04 23:49 - 2016-03-15 20:36 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
    2017-01-04 23:49 - 2016-03-15 20:28 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
    2017-01-04 23:49 - 2016-03-15 20:24 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
    2017-01-04 23:49 - 2016-03-15 20:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
    2017-01-04 23:49 - 2016-03-15 20:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
    2017-01-04 23:49 - 2016-02-23 07:40 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
    2017-01-04 23:49 - 2016-02-23 07:36 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
    2017-01-04 23:49 - 2016-02-23 06:11 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
    2017-01-04 23:49 - 2016-02-23 06:11 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
    2017-01-04 23:49 - 2016-02-23 06:06 - 00069232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
    2017-01-04 23:49 - 2016-01-30 22:33 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll
    2017-01-04 23:49 - 2016-01-30 22:19 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IoTAssignedAccessLockFramework.dll
    2017-01-04 23:49 - 2016-01-04 20:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
    2017-01-04 23:49 - 2016-01-04 20:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
    2017-01-04 23:49 - 2016-01-04 20:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
    2017-01-04 23:49 - 2016-01-04 20:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
    2017-01-04 23:49 - 2016-01-04 20:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
    2017-01-04 23:49 - 2016-01-04 19:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
    2017-01-04 23:49 - 2016-01-04 19:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
    2017-01-04 23:49 - 2016-01-04 19:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
    2017-01-04 23:49 - 2016-01-04 19:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2017-01-04 23:49 - 2016-01-04 19:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
    2017-01-04 23:49 - 2016-01-04 19:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
    2017-01-04 23:49 - 2016-01-04 19:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
    2017-01-04 23:49 - 2016-01-04 19:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
    2017-01-04 23:49 - 2016-01-04 18:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
    2017-01-04 23:49 - 2016-01-04 18:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
    2017-01-04 23:49 - 2015-11-24 22:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2017-01-04 23:49 - 2015-11-24 21:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
    2017-01-04 23:49 - 2015-11-24 21:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
    2017-01-04 23:49 - 2015-11-24 21:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
    2017-01-04 23:48 - 2016-11-19 02:14 - 00231264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
    2017-01-04 23:48 - 2016-11-19 00:41 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
    2017-01-04 23:48 - 2016-11-19 00:37 - 00120672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
    2017-01-04 23:48 - 2016-11-19 00:18 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
    2017-01-04 23:48 - 2016-11-19 00:14 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
    2017-01-04 23:48 - 2016-11-19 00:11 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2017-01-04 23:48 - 2016-11-19 00:08 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
    2017-01-04 23:48 - 2016-11-18 23:57 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
    2017-01-04 23:48 - 2016-11-18 23:48 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
    2017-01-04 23:48 - 2016-11-18 23:47 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
    2017-01-04 23:48 - 2016-11-18 23:39 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2017-01-04 23:48 - 2016-11-18 23:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
    2017-01-04 23:48 - 2016-11-18 23:32 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
    2017-01-04 23:48 - 2016-11-18 23:32 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2017-01-04 23:48 - 2016-11-18 23:28 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2017-01-04 23:48 - 2016-11-18 23:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
    2017-01-04 23:48 - 2016-11-18 23:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
    2017-01-04 23:48 - 2016-11-18 23:22 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2017-01-04 23:48 - 2016-11-18 23:20 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
    2017-01-04 23:48 - 2016-11-18 22:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2017-01-04 23:48 - 2016-11-18 22:42 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
    2017-01-04 23:48 - 2016-10-25 02:35 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2017-01-04 23:48 - 2016-10-25 02:22 - 00076464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sessionmsg.exe
    2017-01-04 23:48 - 2016-10-25 01:49 - 00140536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
    2017-01-04 23:48 - 2016-10-25 01:14 - 00046488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2017-01-04 23:48 - 2016-10-25 00:37 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
    2017-01-04 23:48 - 2016-10-25 00:33 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
    2017-01-04 23:48 - 2016-10-25 00:33 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2017-01-04 23:48 - 2016-10-25 00:32 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
    2017-01-04 23:48 - 2016-10-25 00:06 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2017-01-04 23:48 - 2016-10-24 23:52 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanpref.dll
    2017-01-04 23:48 - 2016-10-24 23:50 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
    2017-01-04 23:48 - 2016-10-24 23:48 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
    2017-01-04 23:48 - 2016-10-24 23:44 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
    2017-01-04 23:48 - 2016-10-24 23:43 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
    2017-01-04 23:48 - 2016-10-24 23:41 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
    2017-01-04 23:48 - 2016-10-24 23:35 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2017-01-04 23:48 - 2016-10-24 23:29 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
    2017-01-04 23:48 - 2016-10-24 23:27 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
    2017-01-04 23:48 - 2016-10-24 23:25 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2017-01-04 23:48 - 2016-10-24 23:23 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
    2017-01-04 23:48 - 2016-10-24 23:21 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
    2017-01-04 23:48 - 2016-10-24 23:15 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2017-01-04 23:48 - 2016-10-24 23:12 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
    2017-01-04 23:48 - 2016-10-24 23:09 - 00656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
    2017-01-04 23:48 - 2016-10-24 23:04 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
    2017-01-04 23:48 - 2016-10-24 23:01 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
    2017-01-04 23:48 - 2016-10-24 22:59 - 00724480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanpref.dll
    2017-01-04 23:48 - 2016-10-24 22:58 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
    2017-01-04 23:48 - 2016-10-24 22:56 - 00486400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
    2017-01-04 23:48 - 2016-10-24 22:54 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
    2017-01-04 23:48 - 2016-10-24 22:53 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
    2017-01-04 23:48 - 2016-10-24 22:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
    2017-01-04 23:48 - 2016-10-24 22:38 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
    2017-01-04 23:48 - 2016-10-24 22:37 - 01252864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
    2017-01-04 23:48 - 2016-10-24 22:37 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
    2017-01-04 23:48 - 2016-10-24 22:36 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
    2017-01-04 23:48 - 2016-10-24 22:35 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
    2017-01-04 23:48 - 2016-10-24 22:31 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2017-01-04 23:48 - 2016-10-24 22:22 - 01114112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
    2017-01-04 23:48 - 2016-10-24 22:22 - 00823808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
    2017-01-04 23:48 - 2016-10-24 22:22 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
    2017-01-04 23:48 - 2016-10-24 22:22 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
    2017-01-04 23:48 - 2016-10-24 22:16 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
    2017-01-04 23:48 - 2016-10-24 21:54 - 01976320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
    2017-01-04 23:48 - 2016-10-24 21:54 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
    2017-01-04 23:48 - 2016-10-24 21:54 - 00768000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
    2017-01-04 23:48 - 2016-10-24 21:53 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
    2017-01-04 23:48 - 2016-09-29 23:00 - 00143600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cabinet.dll
    2017-01-04 23:48 - 2016-09-29 22:58 - 00807832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2017-01-04 23:48 - 2016-09-29 21:24 - 00125032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cabinet.dll
    2017-01-04 23:48 - 2016-09-29 21:13 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
    2017-01-04 23:48 - 2016-09-29 21:03 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtckrm.dll
    2017-01-04 23:48 - 2016-09-29 21:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationHostProxy.dll
    2017-01-04 23:48 - 2016-09-29 21:00 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
    2017-01-04 23:48 - 2016-09-29 20:59 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
    2017-01-04 23:48 - 2016-09-29 20:55 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2017-01-04 23:48 - 2016-09-29 20:55 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
    2017-01-04 23:48 - 2016-09-29 20:55 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
    2017-01-04 23:48 - 2016-09-29 20:53 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
    2017-01-04 23:48 - 2016-09-29 20:53 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
    2017-01-04 23:48 - 2016-09-29 20:31 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
    2017-01-04 23:48 - 2016-09-29 20:18 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
    2017-01-04 23:48 - 2016-09-29 20:12 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
    2017-01-04 23:48 - 2016-09-29 20:12 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
    2017-01-04 23:48 - 2016-09-06 22:54 - 00301640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
    2017-01-04 23:48 - 2016-09-06 22:54 - 00031528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
    2017-01-04 23:48 - 2016-09-06 22:38 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
    2017-01-04 23:48 - 2016-09-06 22:36 - 00111456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SSShim.dll
    2017-01-04 23:48 - 2016-09-06 22:25 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
    2017-01-04 23:48 - 2016-09-06 22:24 - 00501000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2017-01-04 23:48 - 2016-09-06 22:23 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2017-01-04 23:48 - 2016-09-06 22:21 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
    2017-01-04 23:48 - 2016-09-06 22:15 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
    2017-01-04 23:48 - 2016-09-06 22:09 - 00135520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SSShim.dll
    2017-01-04 23:48 - 2016-09-06 21:40 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2017-01-04 23:48 - 2016-09-06 21:39 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
    2017-01-04 23:48 - 2016-09-06 21:39 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
    2017-01-04 23:48 - 2016-09-06 21:35 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2017-01-04 23:48 - 2016-09-06 21:34 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
    2017-01-04 23:48 - 2016-09-06 21:30 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
    2017-01-04 23:48 - 2016-09-06 21:29 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
    2017-01-04 23:48 - 2016-09-06 21:28 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2017-01-04 23:48 - 2016-09-06 21:27 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
    2017-01-04 23:48 - 2016-09-06 21:24 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
    2017-01-04 23:48 - 2016-09-06 21:23 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
    2017-01-04 23:48 - 2016-09-06 21:22 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
    2017-01-04 23:48 - 2016-09-06 21:22 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
    2017-01-04 23:48 - 2016-09-06 21:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
    2017-01-04 23:48 - 2016-09-06 21:21 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
    2017-01-04 23:48 - 2016-09-06 21:21 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndfapi.dll
    2017-01-04 23:48 - 2016-09-06 21:21 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
    2017-01-04 23:48 - 2016-09-06 21:20 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
    2017-01-04 23:48 - 2016-09-06 21:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
    2017-01-04 23:48 - 2016-09-06 21:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
    2017-01-04 23:48 - 2016-09-06 21:17 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
    2017-01-04 23:48 - 2016-09-06 21:17 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
    2017-01-04 23:48 - 2016-09-06 21:16 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
    2017-01-04 23:48 - 2016-09-06 21:16 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
    2017-01-04 23:48 - 2016-09-06 21:15 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
    2017-01-04 23:48 - 2016-09-06 21:15 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
    2017-01-04 23:48 - 2016-09-06 21:15 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
    2017-01-04 23:48 - 2016-09-06 21:15 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
    2017-01-04 23:48 - 2016-09-06 21:15 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
    2017-01-04 23:48 - 2016-09-06 21:15 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
    2017-01-04 23:48 - 2016-09-06 21:14 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
    2017-01-04 23:48 - 2016-09-06 21:14 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2017-01-04 23:48 - 2016-09-06 21:14 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
    2017-01-04 23:48 - 2016-09-06 21:13 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
    2017-01-04 23:48 - 2016-09-06 21:13 - 00437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
    2017-01-04 23:48 - 2016-09-06 21:13 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
    2017-01-04 23:48 - 2016-09-06 21:12 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
    2017-01-04 23:48 - 2016-09-06 21:11 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
    2017-01-04 23:48 - 2016-09-06 21:10 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
    2017-01-04 23:48 - 2016-09-06 21:10 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
    2017-01-04 23:48 - 2016-09-06 21:06 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
    2017-01-04 23:48 - 2016-09-06 21:04 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
    2017-01-04 23:48 - 2016-09-06 21:04 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
    2017-01-04 23:48 - 2016-09-06 21:04 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usbceip.dll
    2017-01-04 23:48 - 2016-09-06 21:02 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
    2017-01-04 23:48 - 2016-09-06 21:01 - 03300864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
    2017-01-04 23:48 - 2016-09-06 21:01 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
    2017-01-04 23:48 - 2016-09-06 21:00 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
    2017-01-04 23:48 - 2016-09-06 21:00 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
    2017-01-04 23:48 - 2016-09-06 21:00 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2017-01-04 23:48 - 2016-09-06 20:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
    2017-01-04 23:48 - 2016-09-06 20:59 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
    2017-01-04 23:48 - 2016-09-06 20:59 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
    2017-01-04 23:48 - 2016-09-06 20:57 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
    2017-01-04 23:48 - 2016-09-06 20:56 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
    2017-01-04 23:48 - 2016-09-06 20:54 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2017-01-04 23:48 - 2016-09-06 20:51 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
    2017-01-04 23:48 - 2016-08-02 23:13 - 00065096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
    2017-01-04 23:48 - 2016-08-02 22:38 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
    2017-01-04 23:48 - 2016-08-02 21:40 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2017-01-04 23:48 - 2016-08-02 21:35 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
    2017-01-04 23:48 - 2016-08-02 21:34 - 00763904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2017-01-04 23:48 - 2016-08-02 21:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2017-01-04 23:48 - 2016-08-02 21:32 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2017-01-04 23:48 - 2016-08-02 21:31 - 05329408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
    2017-01-04 23:48 - 2016-08-02 21:26 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2017-01-04 23:48 - 2016-08-02 21:25 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
    2017-01-04 23:48 - 2016-05-27 21:59 - 00131208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2017-01-04 23:48 - 2016-05-27 21:53 - 00026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
    2017-01-04 23:48 - 2016-05-27 21:35 - 00112632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
    2017-01-04 23:48 - 2016-03-15 20:56 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
    2017-01-04 23:48 - 2016-03-15 20:55 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
    2017-01-04 23:48 - 2016-03-15 20:37 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
    2017-01-04 23:48 - 2016-03-15 20:36 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
    2017-01-04 23:48 - 2016-03-15 20:36 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
    2017-01-04 23:48 - 2016-03-15 20:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
    2017-01-04 23:48 - 2016-03-15 20:36 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
    2017-01-04 23:48 - 2016-03-15 20:36 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
    2017-01-04 23:48 - 2016-03-15 20:32 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
    2017-01-04 23:48 - 2016-03-15 20:27 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
    2017-01-04 23:48 - 2016-03-15 20:17 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
    2017-01-04 23:48 - 2016-03-15 20:13 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
    2017-01-04 23:48 - 2016-03-15 20:13 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
    2017-01-04 23:48 - 2016-03-15 20:13 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
    2017-01-04 23:48 - 2016-03-15 20:13 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
    2017-01-04 23:48 - 2016-02-23 07:51 - 00633184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2017-01-04 23:48 - 2016-02-23 07:51 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2017-01-04 23:48 - 2016-02-23 07:43 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
    2017-01-04 23:48 - 2016-02-23 07:41 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
    2017-01-04 23:48 - 2016-02-23 06:21 - 00141152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2017-01-04 23:48 - 2016-02-23 05:15 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2017-01-04 23:48 - 2016-02-23 04:45 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
    2017-01-04 23:48 - 2016-02-23 04:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
    2017-01-04 23:48 - 2016-02-23 04:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
    2017-01-04 23:48 - 2016-02-23 04:04 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2017-01-04 23:48 - 2016-02-23 03:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
    2017-01-04 23:48 - 2016-01-30 22:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2017-01-04 23:48 - 2016-01-30 22:17 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
    2017-01-04 23:48 - 2016-01-30 22:13 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
    2017-01-04 23:48 - 2016-01-30 22:13 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
    2017-01-04 23:48 - 2016-01-30 21:58 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
    2017-01-04 23:48 - 2016-01-04 19:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
    2017-01-04 23:48 - 2016-01-04 19:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
    2017-01-04 23:48 - 2016-01-04 19:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
    2017-01-04 23:48 - 2016-01-04 18:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
    2017-01-04 23:48 - 2016-01-04 18:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
    2017-01-04 23:48 - 2016-01-04 18:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
    2017-01-04 23:48 - 2016-01-04 18:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
    2017-01-04 23:48 - 2016-01-04 18:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
    2017-01-04 23:48 - 2015-11-24 21:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
    2017-01-04 23:48 - 2015-11-24 21:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
    2017-01-04 23:48 - 2015-11-24 21:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
    2017-01-04 23:48 - 2015-11-24 21:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
    2017-01-04 23:48 - 2015-11-24 21:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
    2017-01-04 23:47 - 2016-11-19 01:23 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
    2017-01-04 23:47 - 2016-11-19 00:55 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
    2017-01-04 23:47 - 2016-11-19 00:55 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
    2017-01-04 23:47 - 2016-11-19 00:41 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
    2017-01-04 23:47 - 2016-11-19 00:40 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassvcs.dll
    2017-01-04 23:47 - 2016-11-19 00:21 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
    2017-01-04 23:47 - 2016-11-19 00:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2017-01-04 23:47 - 2016-11-19 00:08 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
    2017-01-04 23:47 - 2016-11-18 23:59 - 00819712 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
    2017-01-04 23:47 - 2016-11-18 23:52 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2017-01-04 23:47 - 2016-11-18 23:48 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
    2017-01-04 23:47 - 2016-11-18 23:48 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
    2017-01-04 23:47 - 2016-11-18 23:40 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
    2017-01-04 23:47 - 2016-11-18 23:37 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
    2017-01-04 23:47 - 2016-11-18 23:37 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
    2017-01-04 23:47 - 2016-11-18 23:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
    2017-01-04 23:47 - 2016-11-18 23:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
    2017-01-04 23:47 - 2016-11-18 23:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
    2017-01-04 23:47 - 2016-11-18 22:57 - 03692032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-01-04 23:47 - 2016-11-18 22:50 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
    2017-01-04 23:47 - 2016-11-18 22:48 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-01-04 23:47 - 2016-10-25 01:59 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NAPCRYPT.DLL
    2017-01-04 23:47 - 2016-10-25 00:45 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2017-01-04 23:47 - 2016-10-25 00:15 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
    2017-01-04 23:47 - 2016-10-25 00:15 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
    2017-01-04 23:47 - 2016-10-25 00:09 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
    2017-01-04 23:47 - 2016-10-25 00:06 - 01426432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
    2017-01-04 23:47 - 2016-10-24 23:25 - 06638080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2017-01-04 23:47 - 2016-10-24 23:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
    2017-01-04 23:47 - 2016-10-24 22:57 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
    2017-01-04 23:47 - 2016-10-24 22:53 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
    2017-01-04 23:47 - 2016-10-24 22:39 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2017-01-04 23:47 - 2016-10-24 22:39 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
    2017-01-04 23:47 - 2016-10-24 22:38 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2017-01-04 23:47 - 2016-10-24 22:36 - 01047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
    2017-01-04 23:47 - 2016-10-24 22:33 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2017-01-04 23:47 - 2016-10-24 22:06 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
    2017-01-04 23:47 - 2016-10-24 22:05 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
    2017-01-04 23:47 - 2016-10-24 22:04 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
    2017-01-04 23:47 - 2016-09-29 21:06 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
    2017-01-04 23:47 - 2016-09-29 20:59 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2017-01-04 23:47 - 2016-09-29 20:56 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2017-01-04 23:47 - 2016-09-29 20:54 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\devmgr.dll
    2017-01-04 23:47 - 2016-09-29 20:54 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
    2017-01-04 23:47 - 2016-09-29 20:51 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
    2017-01-04 23:47 - 2016-09-06 22:45 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NAPCRYPT.DLL
    2017-01-04 23:47 - 2016-09-06 21:37 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
    2017-01-04 23:47 - 2016-09-06 21:34 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
    2017-01-04 23:47 - 2016-09-06 21:29 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2017-01-04 23:47 - 2016-09-06 21:26 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2017-01-04 23:47 - 2016-09-06 21:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
    2017-01-04 23:47 - 2016-09-06 21:22 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2017-01-04 23:47 - 2016-09-06 21:22 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\authfwcfg.dll
    2017-01-04 23:47 - 2016-09-06 21:22 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fphc.dll
    2017-01-04 23:47 - 2016-09-06 21:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2017-01-04 23:47 - 2016-09-06 21:21 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
    2017-01-04 23:47 - 2016-09-06 21:21 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
    2017-01-04 23:47 - 2016-09-06 21:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
    2017-01-04 23:47 - 2016-09-06 21:19 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
    2017-01-04 23:47 - 2016-09-06 21:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
    2017-01-04 23:47 - 2016-09-06 21:16 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
    2017-01-04 23:47 - 2016-09-06 21:16 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
    2017-01-04 23:47 - 2016-09-06 21:15 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2017-01-04 23:47 - 2016-09-06 21:15 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
    2017-01-04 23:47 - 2016-09-06 21:15 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
    2017-01-04 23:47 - 2016-09-06 21:13 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2017-01-04 23:47 - 2016-09-06 21:13 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
    2017-01-04 23:47 - 2016-09-06 21:12 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
    2017-01-04 23:47 - 2016-09-06 21:11 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
    2017-01-04 23:47 - 2016-09-06 21:10 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2017-01-04 23:47 - 2016-09-06 21:10 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
    2017-01-04 23:47 - 2016-09-06 21:06 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
    2017-01-04 23:47 - 2016-09-06 21:06 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
    2017-01-04 23:47 - 2016-09-06 21:06 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
    2017-01-04 23:47 - 2016-09-06 21:06 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
    2017-01-04 23:47 - 2016-09-06 21:06 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwcfg.dll
    2017-01-04 23:47 - 2016-09-06 21:01 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
    2017-01-04 23:47 - 2016-09-06 21:00 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
    2017-01-04 23:47 - 2016-09-06 21:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
    2017-01-04 23:47 - 2016-09-06 20:59 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
    2017-01-04 23:47 - 2016-09-06 20:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCardDlg.dll
    2017-01-04 23:47 - 2016-09-06 20:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
    2017-01-04 23:47 - 2016-09-06 20:57 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
    2017-01-04 23:47 - 2016-09-06 20:57 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
    2017-01-04 23:47 - 2016-09-06 20:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
    2017-01-04 23:47 - 2016-09-06 20:56 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2017-01-04 23:47 - 2016-09-06 20:56 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2017-01-04 23:47 - 2016-09-06 20:53 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
    2017-01-04 23:47 - 2016-08-16 23:25 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
    2017-01-04 23:47 - 2016-08-02 21:47 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
    2017-01-04 23:47 - 2016-08-02 21:38 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
    2017-01-04 23:47 - 2016-08-02 21:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
    2017-01-04 23:47 - 2016-08-02 21:21 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
    2017-01-04 23:47 - 2016-06-23 20:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
    2017-01-04 23:47 - 2016-06-23 20:22 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
    2017-01-04 23:47 - 2016-03-15 20:47 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
    2017-01-04 23:47 - 2016-03-15 20:40 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
    2017-01-04 23:47 - 2016-03-15 20:40 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
    2017-01-04 23:47 - 2016-03-15 20:40 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
    2017-01-04 23:47 - 2016-03-15 20:37 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
    2017-01-04 23:47 - 2016-03-15 20:36 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
    2017-01-04 23:47 - 2016-03-15 20:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
    2017-01-04 23:47 - 2016-03-15 20:36 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
    2017-01-04 23:47 - 2016-03-15 20:35 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2017-01-04 23:47 - 2016-03-15 20:31 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
    2017-01-04 23:47 - 2016-03-15 20:24 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2017-01-04 23:47 - 2016-03-15 20:13 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
    2017-01-04 23:47 - 2016-03-15 20:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
    2017-01-04 23:47 - 2016-03-15 20:13 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
    2017-01-04 23:47 - 2016-03-15 20:12 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
    2017-01-04 23:47 - 2016-02-23 04:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
    2017-01-04 23:47 - 2016-02-23 03:17 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2017-01-04 23:47 - 2016-01-30 22:24 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2017-01-04 23:47 - 2016-01-30 22:19 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
    2017-01-04 23:47 - 2016-01-30 22:04 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
    2017-01-04 23:47 - 2016-01-04 18:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
    2017-01-04 23:47 - 2015-11-30 23:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
    2017-01-04 23:47 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
    2017-01-04 23:47 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
    2017-01-04 23:47 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
    2017-01-04 23:47 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
    2017-01-04 23:47 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
    2017-01-04 23:47 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
    2017-01-04 23:46 - 2016-11-19 01:07 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
    2017-01-04 23:46 - 2016-11-19 00:47 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\verifiergui.exe
    2017-01-04 23:46 - 2016-11-18 23:59 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2017-01-04 23:46 - 2016-11-18 23:58 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
    2017-01-04 23:46 - 2016-11-18 23:54 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
    2017-01-04 23:46 - 2016-11-18 23:50 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
    2017-01-04 23:46 - 2016-11-18 23:45 - 04453888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-01-04 23:46 - 2016-11-18 23:41 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\verifiergui.exe
    2017-01-04 23:46 - 2016-11-18 23:37 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassvcs.dll
    2017-01-04 23:46 - 2016-11-18 23:31 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmiEngine.dll
    2017-01-04 23:46 - 2016-11-18 23:28 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
    2017-01-04 23:46 - 2016-11-18 23:08 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
    2017-01-04 23:46 - 2016-11-18 23:08 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
    2017-01-04 23:46 - 2016-11-18 23:07 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
    2017-01-04 23:46 - 2016-11-18 23:07 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgcore.dll
    2017-01-04 23:46 - 2016-11-18 22:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2017-01-04 23:46 - 2016-11-18 22:39 - 01189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
    2017-01-04 23:46 - 2016-11-18 22:27 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgcore.dll
    2017-01-04 23:46 - 2016-10-25 00:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
    2017-01-04 23:46 - 2016-10-24 23:57 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
    2017-01-04 23:46 - 2016-10-24 23:43 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsmsnap.dll
    2017-01-04 23:46 - 2016-10-24 23:40 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msnetobj.dll
    2017-01-04 23:46 - 2016-10-24 23:39 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscp.dll
    2017-01-04 23:46 - 2016-10-24 23:37 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\blackbox.dll
    2017-01-04 23:46 - 2016-10-24 23:24 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2017-01-04 23:46 - 2016-10-24 23:21 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
    2017-01-04 23:46 - 2016-10-24 23:20 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
    2017-01-04 23:46 - 2016-10-24 23:03 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
    2017-01-04 23:46 - 2016-10-24 22:50 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscp.dll
    2017-01-04 23:46 - 2016-10-24 22:50 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msnetobj.dll
    2017-01-04 23:46 - 2016-10-24 22:48 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\blackbox.dll
    2017-01-04 23:46 - 2016-10-24 22:46 - 00660992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dccw.exe
    2017-01-04 23:46 - 2016-10-24 22:39 - 06440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2017-01-04 23:46 - 2016-10-24 22:24 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
    2017-01-04 23:46 - 2016-10-24 22:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
    2017-01-04 23:46 - 2016-10-24 21:54 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
    2017-01-04 23:46 - 2016-10-24 21:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
    2017-01-04 23:46 - 2016-10-24 21:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2017-01-04 23:46 - 2016-10-24 21:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2017-01-04 23:46 - 2016-09-29 21:12 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
    2017-01-04 23:46 - 2016-09-29 21:10 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2017-01-04 23:46 - 2016-09-29 21:10 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
    2017-01-04 23:46 - 2016-09-29 21:06 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmgp.dll
    2017-01-04 23:46 - 2016-09-29 21:06 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmdl32.exe
    2017-01-04 23:46 - 2016-09-29 21:05 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
    2017-01-04 23:46 - 2016-09-29 21:05 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
    2017-01-04 23:46 - 2016-09-29 21:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\genericusbfn.sys
    2017-01-04 23:46 - 2016-09-29 21:04 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationHost.exe
    2017-01-04 23:46 - 2016-09-29 21:04 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
    2017-01-04 23:46 - 2016-09-29 21:02 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMActivate_isv.exe
    2017-01-04 23:46 - 2016-09-29 21:01 - 01797632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
    2017-01-04 23:46 - 2016-09-29 21:01 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMActivate_ssp.exe
    2017-01-04 23:46 - 2016-09-29 21:00 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMActivate.exe
    2017-01-04 23:46 - 2016-09-29 21:00 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMActivate_ssp_isv.exe
    2017-01-04 23:46 - 2016-09-29 20:59 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
    2017-01-04 23:46 - 2016-09-29 20:59 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
    2017-01-04 23:46 - 2016-09-29 20:58 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
    2017-01-04 23:46 - 2016-09-29 20:58 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\els.dll
    2017-01-04 23:46 - 2016-09-29 20:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnification.dll
    2017-01-04 23:46 - 2016-09-29 20:55 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
    2017-01-04 23:46 - 2016-09-29 20:53 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\makecab.exe
    2017-01-04 23:46 - 2016-09-29 20:53 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\expand.exe
    2017-01-04 23:46 - 2016-09-29 20:53 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\extrac32.exe
    2017-01-04 23:46 - 2016-09-29 20:30 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
    2017-01-04 23:46 - 2016-09-29 20:29 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
    2017-01-04 23:46 - 2016-09-29 20:28 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2017-01-04 23:46 - 2016-09-29 20:25 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
    2017-01-04 23:46 - 2016-09-29 20:25 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmgp.dll
    2017-01-04 23:46 - 2016-09-29 20:25 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmdl32.exe
    2017-01-04 23:46 - 2016-09-29 20:24 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
    2017-01-04 23:46 - 2016-09-29 20:22 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationHost.exe
    2017-01-04 23:46 - 2016-09-29 20:22 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationHostProxy.dll
    2017-01-04 23:46 - 2016-09-29 20:20 - 01350144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
    2017-01-04 23:46 - 2016-09-29 20:19 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RMActivate_isv.exe
    2017-01-04 23:46 - 2016-09-29 20:19 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RMActivate.exe
    2017-01-04 23:46 - 2016-09-29 20:19 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RMActivate_ssp_isv.exe
    2017-01-04 23:46 - 2016-09-29 20:19 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RMActivate_ssp.exe
    2017-01-04 23:46 - 2016-09-29 20:17 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
    2017-01-04 23:46 - 2016-09-29 20:17 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\els.dll
    2017-01-04 23:46 - 2016-09-29 20:17 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
    2017-01-04 23:46 - 2016-09-29 20:15 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnification.dll
    2017-01-04 23:46 - 2016-09-29 20:12 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\makecab.exe
    2017-01-04 23:46 - 2016-09-29 20:12 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\expand.exe
    2017-01-04 23:46 - 2016-09-29 20:12 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\extrac32.exe
    2017-01-04 23:46 - 2016-09-29 20:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2017-01-04 23:46 - 2016-09-06 21:42 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2017-01-04 23:46 - 2016-09-06 21:40 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
    2017-01-04 23:46 - 2016-09-06 21:37 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
    2017-01-04 23:46 - 2016-09-06 21:34 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2017-01-04 23:46 - 2016-09-06 21:34 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2017-01-04 23:46 - 2016-09-06 21:34 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
    2017-01-04 23:46 - 2016-09-06 21:34 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
    2017-01-04 23:46 - 2016-09-06 21:29 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
    2017-01-04 23:46 - 2016-09-06 21:29 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
    2017-01-04 23:46 - 2016-09-06 21:25 - 00326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2017-01-04 23:46 - 2016-09-06 21:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
    2017-01-04 23:46 - 2016-09-06 21:22 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwcfg.dll
    2017-01-04 23:46 - 2016-09-06 21:22 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
    2017-01-04 23:46 - 2016-09-06 21:22 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2017-01-04 23:46 - 2016-09-06 21:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
    2017-01-04 23:46 - 2016-09-06 21:19 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
    2017-01-04 23:46 - 2016-09-06 21:19 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtc.exe
    2017-01-04 23:46 - 2016-09-06 21:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2017-01-04 23:46 - 2016-09-06 21:17 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc.dll
    2017-01-04 23:46 - 2016-09-06 21:17 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\system32\secproc_isv.dll
    2017-01-04 23:46 - 2016-09-06 21:17 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
    2017-01-04 23:46 - 2016-09-06 21:17 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
    2017-01-04 23:46 - 2016-09-06 21:16 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
    2017-01-04 23:46 - 2016-09-06 21:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
    2017-01-04 23:46 - 2016-09-06 21:15 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
    2017-01-04 23:46 - 2016-09-06 21:15 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
    2017-01-04 23:46 - 2016-09-06 21:14 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
    2017-01-04 23:46 - 2016-09-06 21:13 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
    2017-01-04 23:46 - 2016-09-06 21:13 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
    2017-01-04 23:46 - 2016-09-06 21:12 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
    2017-01-04 23:46 - 2016-09-06 21:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
    2017-01-04 23:46 - 2016-09-06 21:11 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
    2017-01-04 23:46 - 2016-09-06 21:11 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
    2017-01-04 23:46 - 2016-09-06 21:10 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
    2017-01-04 23:46 - 2016-09-06 21:10 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
    2017-01-04 23:46 - 2016-09-06 21:06 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authfwcfg.dll
    2017-01-04 23:46 - 2016-09-06 21:06 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
    2017-01-04 23:46 - 2016-09-06 21:05 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
    2017-01-04 23:46 - 2016-09-06 21:05 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
    2017-01-04 23:46 - 2016-09-06 21:05 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmmgrtn.dll
    2017-01-04 23:46 - 2016-09-06 21:05 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
    2017-01-04 23:46 - 2016-09-06 21:05 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
    2017-01-04 23:46 - 2016-09-06 21:05 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
    2017-01-04 23:46 - 2016-09-06 21:04 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2017-01-04 23:46 - 2016-09-06 21:01 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
    2017-01-04 23:46 - 2016-09-06 21:00 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
    2017-01-04 23:46 - 2016-09-06 21:00 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc_isv.dll
    2017-01-04 23:46 - 2016-09-06 21:00 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
    2017-01-04 23:46 - 2016-09-06 20:58 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
    2017-01-04 23:46 - 2016-09-06 20:58 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
    2017-01-04 23:46 - 2016-09-06 20:58 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
    2017-01-04 23:46 - 2016-09-06 20:58 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
    2017-01-04 23:46 - 2016-09-06 20:57 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
    2017-01-04 23:46 - 2016-09-06 20:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
    2017-01-04 23:46 - 2016-09-06 20:55 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
    2017-01-04 23:46 - 2016-09-06 20:55 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
    2017-01-04 23:46 - 2016-09-06 20:54 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
    2017-01-04 23:46 - 2016-09-06 20:54 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
    2017-01-04 23:46 - 2016-09-06 20:53 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
    2017-01-04 23:46 - 2016-09-06 20:52 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
    2017-01-04 23:46 - 2016-09-06 20:52 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
    2017-01-04 23:46 - 2016-08-02 21:57 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2017-01-04 23:46 - 2016-08-02 21:42 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
    2017-01-04 23:46 - 2016-08-02 21:40 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-01-04 23:46 - 2016-08-02 21:39 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
    2017-01-04 23:46 - 2016-08-02 21:35 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
    2017-01-04 23:46 - 2016-08-02 21:34 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2017-01-04 23:46 - 2016-08-02 21:34 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2017-01-04 23:46 - 2016-08-02 21:33 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2017-01-04 23:46 - 2016-08-02 21:32 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-01-04 23:46 - 2016-08-02 21:31 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
    2017-01-04 23:46 - 2016-08-02 21:25 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2017-01-04 23:46 - 2016-08-02 21:25 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
    2017-01-04 23:46 - 2016-08-02 21:25 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
    2017-01-04 23:46 - 2016-08-02 21:25 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
    2017-01-04 23:46 - 2016-08-02 21:21 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
    2017-01-04 23:46 - 2016-05-27 20:53 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2017-01-04 23:46 - 2016-05-27 20:38 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
    2017-01-04 23:46 - 2016-03-15 20:55 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
    2017-01-04 23:46 - 2016-03-15 20:55 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
    2017-01-04 23:46 - 2016-03-15 20:24 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
    2017-01-04 23:46 - 2016-03-15 20:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
    2017-01-04 23:46 - 2016-03-15 20:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
    2017-01-04 23:46 - 2016-03-15 20:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
    2017-01-04 23:46 - 2016-03-15 20:13 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
    2017-01-04 23:46 - 2016-02-23 04:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
    2017-01-04 23:46 - 2016-01-30 22:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
    2017-01-04 23:46 - 2016-01-30 22:29 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
    2017-01-04 23:46 - 2016-01-04 19:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
    2017-01-04 23:46 - 2016-01-04 18:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
    2017-01-04 23:46 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
    2017-01-04 23:46 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
    2017-01-04 23:45 - 2016-11-02 05:13 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2017-01-04 23:45 - 2016-11-02 04:30 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2017-01-04 21:05 - 2017-01-04 21:05 - 00000000 ____D C:\Program Files\Realtek
    2017-01-04 21:05 - 2012-06-12 03:10 - 04060560 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
    2017-01-04 21:05 - 2012-06-10 23:44 - 00290813 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
    2017-01-04 21:05 - 2012-06-08 01:18 - 03615888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
    2017-01-04 21:05 - 2012-06-05 20:14 - 00584320 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
    2017-01-04 21:05 - 2012-06-05 19:44 - 00869520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
    2017-01-04 21:05 - 2012-06-04 20:38 - 05096448 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
    2017-01-04 21:05 - 2012-05-31 18:37 - 02674320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
    2017-01-04 21:05 - 2012-05-31 03:08 - 00105616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
    2017-01-04 21:05 - 2012-05-10 00:22 - 01262696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
    2017-01-04 21:05 - 2012-02-21 04:45 - 02605400 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib.dll
    2017-01-04 21:05 - 2012-01-29 20:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
    2017-01-04 21:05 - 2012-01-09 19:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
    2017-01-04 21:05 - 2011-12-20 00:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
    2017-01-04 21:05 - 2011-12-13 01:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
    2017-01-04 21:05 - 2011-11-22 01:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
    2017-01-04 21:05 - 2011-09-01 23:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
    2017-01-04 21:05 - 2011-09-01 23:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
    2017-01-04 21:05 - 2011-09-01 23:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
    2017-01-04 21:05 - 2011-03-16 21:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
    2017-01-04 21:05 - 2011-03-07 02:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
    2017-01-04 21:05 - 2010-11-07 16:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
    2017-01-04 21:05 - 2010-11-07 16:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
    2017-01-04 21:05 - 2010-11-07 16:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
    2017-01-04 21:05 - 2010-11-07 16:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
    2017-01-04 21:05 - 2010-11-07 16:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
    2017-01-04 21:05 - 2010-11-07 16:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
    2017-01-04 21:05 - 2010-11-03 03:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
    2017-01-04 21:05 - 2010-07-22 01:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
    2017-01-04 21:05 - 2009-11-23 18:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
    2017-01-04 21:05 - 2009-11-23 18:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
    2017-01-04 21:05 - 2009-11-23 18:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
    2017-01-04 21:05 - 2009-11-23 18:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
    2017-01-04 21:04 - 2012-05-25 03:06 - 01706640 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
    2017-01-04 21:04 - 2012-05-16 20:29 - 07163744 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
    2017-01-04 21:04 - 2012-05-16 20:29 - 00433504 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
    2017-01-04 21:04 - 2012-05-16 20:29 - 00141152 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
    2017-01-04 21:04 - 2012-05-16 20:29 - 00123744 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
    2017-01-04 21:04 - 2012-05-16 20:29 - 00074592 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
    2017-01-04 21:04 - 2012-04-09 23:40 - 02533952 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
    2017-01-04 21:04 - 2012-04-03 03:42 - 01345368 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
    2017-01-04 21:04 - 2012-04-03 03:42 - 01015640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
    2017-01-04 21:04 - 2012-03-07 20:47 - 00202336 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
    2017-01-04 21:04 - 2012-03-07 20:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
    2017-01-04 21:04 - 2012-02-17 00:54 - 00396632 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
    2017-01-04 21:04 - 2012-02-13 09:05 - 08363864 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek.dll
    2017-01-04 21:04 - 2012-01-23 07:30 - 00537456 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
    2017-01-04 21:04 - 2012-01-23 07:30 - 00524656 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
    2017-01-04 21:04 - 2012-01-23 07:30 - 00449392 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
    2017-01-04 21:04 - 2011-12-18 02:58 - 02131288 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ.dll
    2017-01-04 21:04 - 2011-08-23 02:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
    2017-01-04 21:04 - 2011-05-30 18:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
    2017-01-04 21:04 - 2010-10-02 22:46 - 00341336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
    2017-01-04 21:04 - 2010-09-26 18:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
    2017-01-04 21:03 - 2017-01-04 21:03 - 00000000 ____D C:\Users\Russell\AppData\Local\Comms
    2017-01-04 21:02 - 2017-01-04 21:02 - 00000000 ____D C:\Users\Russell\AppData\Local\Adobe
    2017-01-04 20:48 - 2017-01-04 20:48 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Logishrd
    2017-01-04 20:40 - 2017-01-04 20:40 - 00000000 ____D C:\WINDOWS\UpdateAssistant
    2017-01-04 20:01 - 2017-01-04 20:01 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Sun
    2017-01-04 20:01 - 2017-01-04 20:01 - 00000000 ____D C:\Users\Russell\AppData\LocalLow\Sun
    2017-01-04 20:01 - 2017-01-04 20:01 - 00000000 ____D C:\Users\Russell\.oracle_jre_usage
    2017-01-04 19:59 - 2017-01-04 19:59 - 00000000 ____D C:\Users\Russell\AppData\Local\Apple
    2017-01-04 19:49 - 2017-01-04 20:42 - 00000000 ____D C:\Users\Russell\AppData\Local\MicrosoftEdge
    2017-01-04 19:39 - 2017-01-04 19:39 - 00000000 ____D C:\Users\Russell\AppData\Local\Apple Computer
    2017-01-04 19:34 - 2017-01-04 19:34 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
    2017-01-04 19:32 - 2017-01-04 19:32 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Skype
    2017-01-04 19:31 - 2017-01-04 19:34 - 00002422 _____ C:\Users\Russell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-01-04 19:31 - 2017-01-04 19:34 - 00000000 ___RD C:\Users\Russell\OneDrive
    2017-01-04 19:17 - 2017-01-04 19:17 - 00000000 ____D C:\Users\Russell\AppData\Local\NetworkTiles
    2017-01-04 19:05 - 2017-01-04 19:05 - 00000000 ____D C:\Users\Russell\AppData\Local\CEF
    2017-01-04 18:09 - 2017-01-04 19:47 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Real
    2017-01-04 18:09 - 2017-01-04 18:09 - 00000000 ____D C:\Users\Russell\AppData\Local\Real
    2017-01-04 18:08 - 2017-01-04 19:39 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Apple Computer
    2017-01-04 18:08 - 2017-01-04 18:08 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Logitech
    2017-01-04 18:07 - 2017-01-04 18:07 - 00000000 ____D C:\Users\Russell\AppData\Local\Publishers
    2017-01-04 18:04 - 2017-01-04 18:04 - 00000000 ____D C:\Users\Russell\AppData\Local\VirtualStore
    2017-01-04 18:03 - 2017-01-05 10:48 - 00000000 ____D C:\Users\Russell\AppData\Local\Packages
    2017-01-04 18:03 - 2017-01-04 20:01 - 00000000 ____D C:\Users\Russell
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000020 ___SH C:\Users\Russell\ntuser.ini
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000000 _SHDL C:\Users\Russell\My Documents
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000000 _SHDL C:\Users\Russell\Documents\My Videos
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000000 _SHDL C:\Users\Russell\Documents\My Pictures
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000000 _SHDL C:\Users\Russell\Documents\My Music
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Adobe
    2017-01-04 18:03 - 2017-01-04 18:03 - 00000000 ____D C:\Users\Russell\AppData\Local\TileDataLayer
    2017-01-04 18:03 - 2015-08-16 21:52 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Temp
    2017-01-04 18:03 - 2015-08-16 21:52 - 00000000 ____D C:\Users\Russell\AppData\Roaming\Macromedia
    2017-01-04 18:03 - 2015-08-16 21:52 - 00000000 ____D C:\Users\Russell\AppData\Roaming\KODAK AiO Home Center61474756
    2017-01-04 18:03 - 2015-08-16 21:52 - 00000000 ____D C:\Users\Russell\AppData\Roaming\KODAK AiO Home Center278464237
    2017-01-04 18:03 - 2015-08-16 21:52 - 00000000 ____D C:\Users\Russell\AppData\Local\Eastman_Kodak_Company
    2017-01-04 18:03 - 2013-05-25 17:11 - 00800824 _____ (Microsoft Corporation) C:\Users\Russell\AppData\Roaming\DPInst.exe
    2017-01-04 18:03 - 2013-05-25 17:11 - 00106496 _____ (Microsoft Corporation) C:\Users\Russell\AppData\Roaming\gacutil.exe
    2017-01-04 18:03 - 2013-05-25 17:11 - 00036352 _____ (Microsoft Corporation) C:\Users\Russell\AppData\Roaming\PnPutil.exe
    2017-01-04 18:03 - 2013-05-25 17:11 - 00000181 _____ C:\Users\Russell\AppData\Roaming\gacutil.exe.config
    2017-01-04 18:02 - 2017-01-04 18:02 - 00016148 _____ C:\WINDOWS\system32\THUMPERSTOY_Thumper_HistoryPrediction.bin
    2017-01-04 17:44 - 2017-01-04 17:44 - 00016148 _____ C:\WINDOWS\system32\THUMPERSTOY_CareB_HistoryPrediction.bin

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-01-05 12:05 - 2015-07-10 05:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-01-05 12:04 - 2015-07-10 02:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
    2017-01-05 11:20 - 2015-07-10 03:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2017-01-05 11:17 - 2012-12-29 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes
    2017-01-05 11:04 - 2015-07-10 04:02 - 00000000 ____D C:\WINDOWS\INF
    2017-01-05 10:48 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2017-01-05 10:42 - 2012-12-14 00:00 - 00000000 __RHD C:\Users\Public\AccountPictures
    2017-01-05 10:37 - 2015-08-16 22:05 - 00875126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\system32\F12
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\setup
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\oobe
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\migwiz
    2017-01-05 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2017-01-05 10:16 - 2015-07-10 02:07 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2017-01-05 10:16 - 2015-07-10 02:07 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2017-01-05 10:16 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
    2017-01-05 10:16 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
    2017-01-05 10:16 - 2015-07-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Dism
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ___RD C:\WINDOWS\DevicesFlow
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\Provisioning
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Windows Defender
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2017-01-05 10:15 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2017-01-05 09:46 - 2015-09-03 19:43 - 00000000 ____D C:\Program Files (x86)\RealNetworks
    2017-01-05 02:00 - 2013-06-10 19:44 - 00000000 ____D C:\ProgramData\Real
    2017-01-05 01:37 - 2013-02-08 21:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2017-01-05 01:37 - 2013-02-08 21:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2017-01-05 01:32 - 2015-07-10 04:04 - 00000000 ___HD C:\Program Files\WindowsApps
    2017-01-05 00:47 - 2013-02-08 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2017-01-05 00:43 - 2013-08-16 11:36 - 00000000 ____D C:\WINDOWS\system32\MRT
    2017-01-05 00:33 - 2012-12-13 09:43 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-01-04 21:14 - 2015-07-10 04:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
    2017-01-04 21:14 - 2015-07-10 04:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
    2017-01-04 21:14 - 2015-07-10 04:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
    2017-01-04 21:06 - 2015-08-16 21:34 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2017-01-04 21:06 - 2012-09-06 07:10 - 00000000 ___HD C:\Program Files (x86)\Temp
    2017-01-04 21:02 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\Macromed
    2017-01-04 21:02 - 2012-12-13 12:18 - 00000000 ____D C:\Program Files (x86)\Adobe
    2017-01-04 21:01 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-01-04 21:00 - 2012-08-03 05:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2017-01-04 20:59 - 2012-08-03 05:09 - 00000000 ____D C:\ProgramData\WildTangent
    2017-01-04 20:49 - 2013-07-08 09:57 - 00000000 ____D C:\ProgramData\Logitech
    2017-01-04 20:49 - 2013-07-08 09:57 - 00000000 ____D C:\ProgramData\Logishrd
    2017-01-04 20:47 - 2014-05-02 12:05 - 00000000 ____D C:\Program Files (x86)\MP3 Rocket
    2017-01-04 20:45 - 2014-01-14 13:15 - 00000000 ____D C:\Program Files (x86)\Philips
    2017-01-04 20:44 - 2015-05-24 12:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2017-01-04 20:33 - 2012-12-13 12:42 - 00000000 ____D C:\ProgramData\AVAST Software
    2017-01-04 20:05 - 2015-07-12 20:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2017-01-04 20:05 - 2013-07-19 15:28 - 00000000 ____D C:\ProgramData\Apple Computer
    2017-01-04 20:03 - 2015-08-16 21:34 - 00000000 ____D C:\WINDOWS\system32\DAX2
    2017-01-04 20:01 - 2014-10-29 16:28 - 00000000 ____D C:\Program Files (x86)\Java
    2017-01-04 19:58 - 2012-12-18 22:14 - 00000000 ____D C:\ProgramData\Apple
    2017-01-04 19:47 - 2013-06-10 19:49 - 00000000 ____D C:\Program Files (x86)\Real
    2017-01-04 19:40 - 2013-07-19 15:35 - 00000000 ____D C:\Program Files\iTunes
    2017-01-04 19:31 - 2015-07-10 04:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-01-04 19:29 - 2013-03-11 13:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
    2017-01-04 19:25 - 2015-09-14 07:49 - 00000000 ____D C:\Users\CareB
    2017-01-04 18:02 - 2015-07-10 04:04 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-12-11 16:02 - 2015-10-07 03:24 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-12-11 16:02 - 2015-10-07 03:24 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

    ==================== Files in the root of some directories =======

    2017-01-04 18:03 - 2013-05-25 17:11 - 0800824 _____ (Microsoft Corporation) C:\Users\Russell\AppData\Roaming\DPInst.exe
    2017-01-04 18:03 - 2013-05-25 17:11 - 0106496 _____ (Microsoft Corporation) C:\Users\Russell\AppData\Roaming\gacutil.exe
    2017-01-04 18:03 - 2013-05-25 17:11 - 0000181 _____ () C:\Users\Russell\AppData\Roaming\gacutil.exe.config
    2017-01-04 18:03 - 2013-05-25 17:11 - 0036352 _____ (Microsoft Corporation) C:\Users\Russell\AppData\Roaming\PnPutil.exe
    2017-01-04 18:03 - 2013-03-05 21:46 - 0002546 _____ () C:\Users\Russell\AppData\Local\installer.log
    2015-08-16 21:34 - 2015-08-16 21:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

    Some files in TEMP:
    ====================
    C:\Users\Russell\AppData\Local\Temp\libeay32.dll
    C:\Users\Russell\AppData\Local\Temp\msvcr120.dll
    C:\Users\Russell\AppData\Local\Temp\sqlite3.dll


    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-01-05 00:31

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
    Ran by Russell (05-01-2017 12:17:39)
    Running from C:\Users\Russell\Desktop
    Windows 10 Home (X64) (2015-08-17 10:33:01)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3663789177-3663367658-1132085356-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3663789177-3663367658-1132085356-503 - Limited - Disabled)
    Guest (S-1-5-21-3663789177-3663367658-1132085356-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-3663789177-3663367658-1132085356-1221 - Limited - Enabled)
    Russell (S-1-5-21-3663789177-3663367658-1132085356-1223 - Administrator - Enabled) => C:\Users\Russell

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
    Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
    Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
    CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
    ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
    Gateway Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Gateway Incorporated)
    Gateway MyBackup (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
    Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Gateway Incorporated)
    Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Gateway Incorporated)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4885.1001 - Microsoft Corporation)
    Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4885.1001 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3663789177-3663367658-1132085356-1223\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
    RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
    RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
    REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.13.0705 - REALTEK Semiconductor Corp.)
    UpdateAssistant (x32 Version: 1.3.0.0 - Microsoft Corporation) Hidden
    UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
    Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {09D1FC1F-09F6-489F-9FE1-25E353AD8F2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {223AB5C7-275B-48A6-845A-AEBF96589C8F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {256E6955-A824-465E-BA38-AD10FADF8449} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
    Task: {25F932F9-7FE5-487B-9E00-9FD052AF73E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2016-09-12] (Microsoft Corporation)
    Task: {32F98121-56EF-4D11-8427-A1613DCD3210} - System32\Tasks\{35567F08-3351-47AF-A1E4-20E0F28F26C6} => pcalua.exe -a C:\PROGRA~2\WSE_VO~1\\uninstall.exe
    Task: {468DF489-1BC2-45DB-A384-BFA02A104E07} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {54ABFED7-E2B9-48AE-9487-6C1D0A0B287B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-01-04] (Microsoft Corporation)
    Task: {54B632B2-B70E-47ED-8978-64DCBD3F432E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {5A6E3619-A1CA-4D46-9F56-1349FD0A5EE2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {63AE7699-ABB3-49EA-863A-614881B58FD1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-05] (Microsoft Corporation)
    Task: {8B897659-207C-4B9C-8314-823CC2A6A92C} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)
    Task: {8F137145-4139-41D1-9480-06ED05C7B00F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {B1A71E9F-75FC-4EF5-8768-0CD969C628C7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
    Task: {C755DAAB-86D2-498E-82E5-372314BC79F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
    Task: {CBE1D44C-CDC4-4307-A8F3-32BE05A7EA7C} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
    Task: {CF8AB11E-A3AC-47D1-85C0-8146C54B6A29} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {DE6B3BDD-6847-4D6C-B40E-7576EDF37B92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {E4FBD38C-38EF-492A-B18C-78943F154559} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {F7D14D8F-5604-4DB3-B664-EA54054E1EB9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {FA71AD85-05A2-4FE2-9CC7-78E2B4C765B9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts =============================

    (The entries could be listed to be restored or removed.)

    Shortcut: C:\Users\Russell\Favorites\Gateway\Gateway.lnk -> hxxp://www.gateway.com

    ==================== Loaded Modules (Whitelisted) ==============

    2015-08-16 23:23 - 2015-08-16 23:23 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
    2017-01-04 23:47 - 2016-10-25 00:15 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
    2014-03-14 13:09 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
    2015-07-27 20:28 - 2015-07-27 20:28 - 00032880 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    2017-01-05 11:18 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
    2017-01-05 11:18 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
    2017-01-05 11:18 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2017-01-04 23:54 - 2016-11-19 03:24 - 02495776 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2017-01-04 23:54 - 2016-11-19 03:24 - 02495776 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2017-01-04 19:32 - 2017-01-04 19:32 - 01678560 _____ () C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
    2016-10-23 07:35 - 2016-10-23 07:35 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2015-10-01 19:00 - 2015-09-16 22:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-07-10 03:59 - 2015-07-10 03:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
    2017-01-04 23:56 - 2016-11-18 23:09 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2017-01-04 23:49 - 2016-11-18 23:06 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-01-04 23:55 - 2016-11-18 23:06 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-10-01 19:01 - 2015-09-16 22:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2012-08-22 23:26 - 2012-08-22 23:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\sqlite3.dll
    2012-08-22 23:25 - 2012-08-22 23:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\MailConverter32.dll
    2012-08-22 23:26 - 2012-08-22 23:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\VolumeSnapshot.dll
    2012-08-22 23:25 - 2012-08-22 23:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\Online.dll
    2012-08-22 23:25 - 2012-08-22 23:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\ACE.dll
    2012-08-22 23:25 - 2012-08-22 23:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\OsSettingPort.dll
    2012-08-22 23:26 - 2012-08-22 23:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Gateway MyBackup\OutlookShadow.dll
    2015-07-27 20:28 - 2015-07-27 20:28 - 00037512 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
    2015-07-27 20:28 - 2015-07-27 20:28 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
    2015-07-27 20:28 - 2015-07-27 20:28 - 00037528 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
    2017-01-04 19:32 - 2017-01-04 19:32 - 01244376 _____ () C:\Users\Russell\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
    2012-09-06 07:14 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3663789177-3663367658-1132085356-1223\Control Panel\Desktop\\Wallpaper -> C:\Users\Russell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 75.75.75.75 - 75.75.76.76
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "Conime"
    HKLM\...\StartupApproved\Run32: => "QuickTime Task"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => LPort=139
    FirewallRules: [{98FF4F50-FBF2-443E-9099-567D81276C34}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
    FirewallRules: [{FFB9335D-B21A-415B-92FF-4300C545D96C}] => C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManager.exe
    FirewallRules: [{70D1F0C5-3267-4E1E-BCD8-5D239FB032EF}] => C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
    FirewallRules: [{5152BE3A-07D4-4041-A486-702EDD22F7DB}] => C:\Program Files (x86)\NTI\Gateway MyBackup\FileExplorer.exe
    FirewallRules: [{DBAF88F4-1146-4B43-9288-38E3CDEF3842}] => LPort=5353
    FirewallRules: [{7AAA26D7-6543-429B-820A-6A52B50133E9}] => LPort=9322
    FirewallRules: [{DBCEAD01-FDF2-4C2F-8D9D-30A474154485}] => LPort=5353
    FirewallRules: [{E35FB36C-EC8E-4B9B-8EA0-16376AABDD95}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE

    ==================== Restore Points =========================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/05/2017 12:06:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: RUSTYS)
    Description: App Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI did not launch within its allotted time.

    Error: (01/05/2017 11:21:23 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbam.exe, version: 3.0.0.865, time stamp: 0x584ee8a0
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0x00000000
    Fault offset: 0x00000000
    Faulting process id: 0x1110
    Faulting application start time: 0x01d2678021c12474
    Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    Faulting module path: unknown
    Report Id: 6f9381ed-b391-4a51-8fd6-49d92fc3704b
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (01/05/2017 11:19:35 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: mbam.exe, version: 3.0.0.865, time stamp: 0x584ee8a0
    Faulting module name: Qt5Core.dll, version: 5.6.2.0, time stamp: 0x5849a1dc
    Exception code: 0xc0000005
    Fault offset: 0x00171433
    Faulting process id: 0x1110
    Faulting application start time: 0x01d2678021c12474
    Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
    Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
    Report Id: d4a8cc00-7a7e-4426-929e-d2e4ae46d984
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (01/05/2017 11:11:08 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (01/05/2017 10:56:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: RUSTYS)
    Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (01/05/2017 10:10:49 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: svchost.exe_ProfSvc, version: 10.0.10240.16384, time stamp: 0x559f38cb
    Faulting module name: combase.dll, version: 10.0.10240.16384, time stamp: 0x559f3aac
    Exception code: 0xc0000005
    Fault offset: 0x00000000000bcf8d
    Faulting process id: 0x3e0
    Faulting application start time: 0x01d2672f02260732
    Faulting application path: C:\WINDOWS\system32\svchost.exe
    Faulting module path: C:\WINDOWS\system32\combase.dll
    Report Id: e137f977-9b67-4fff-811a-e85f92affa9e
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (01/05/2017 12:09:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

    Error: (01/05/2017 12:05:47 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1030) (User: RUSTYS)
    Description: The processing of Group Policy failed. Windows attempted to retrieve new Group Policy settings for this user or computer. Look in the details tab for error code and description. Windows will automatically retry this operation at the next refresh cycle. Computers joined to the domain must have proper name resolution and network connectivity to a domain controller for discovery of new Group Policy objects and settings. An event will be logged when Group Policy is successful.

    Error: (01/05/2017 12:04:06 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: The server {7006698D-2974-4091-A424-85DD0B909E23} did not register with DCOM within the required timeout.

    Error: (01/05/2017 12:04:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

    Error: (01/05/2017 12:01:06 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
    Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
    An instance of the service is already running.

    Error: (01/05/2017 12:00:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The ePower Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/05/2017 12:00:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/05/2017 12:00:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

    Error: (01/05/2017 12:00:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/05/2017 12:00:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The NTI IScheduleSvc service terminated unexpectedly. It has done this 1 time(s).


    CodeIntegrity:
    ===================================
    Date: 2017-01-05 10:40:10.863
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-01-05 01:23:58.615
    Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
    Percentage of memory in use: 41%
    Total physical RAM: 3909.28 MB
    Available physical RAM: 2286.39 MB
    Total Virtual: 4613.28 MB
    Available Virtual: 3181.21 MB

    ==================== Drives ================================

    Drive c: (Gateway) (Fixed) (Total:278.85 GB) (Free:242.94 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 298.1 GB) (Disk ID: 89206020)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  4. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Rustys

    I can see why the laptop was given to you :)
    Nothing we can't sort out though.

    One thing you forgot...... you didn't allow MalwareBytes to remove what it found.
    But AdwCleaner seems to have got most of it.
    We will double check for anything else.

    Step 1
    Please download the attached fixlist.txt file (bottom of this post) and save it to the Desktop.
    NOTE.
    It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system


    Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait.

    2cf1672fdd2151dad6f349c704143429.png

    The tool will make a log on the Desktop (Fixlog.txt). Please post this in your next reply.


    Step 2
    The Windows firewall needs turning on.

    • Open the Control Panel...... Hold down the Windows key and press "X"... Select "Control Panel" from the menu.
    • Open Windows Firewall Settings.
    • Enable the Firewall.
    • Ensure that both the private and public network firewalls are turned on.

    Adobe is very out of date.
    You will find the latest versions here ....... Latest Adobe Versions


    Step 3
    Re-run a MalwareBytes scan and let it remove anything that it finds.


    In your next reply, please submit:
    Fixlog.txt
    and the MalwareBytes report if anything was found this time around.

    Thanks.
     

    Attached Files:

  5. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Will get that done shortly and thanks. Did you want the Malwarebyte to run the clean before I do the fiflist?
     
  6. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    No, run the FRST fix first.
    It's always best to follow the steps in order.
     
    Rustys likes this.
  7. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
    Ran by Russell (05-01-2017 15:39:27) Run:1
    Running from C:\Users\Russell\Desktop
    Loaded Profiles: Russell (Available Profiles: Russell)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
    BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
    BHO-x32: No Name -> {c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} -> No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
    Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
    FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
    U0 aswVmm; no ImagePath
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    2017-01-04 20:33 - 2012-12-13 12:42 - 00000000 ____D C:\ProgramData\AVAST Software
    2017-01-04 20:05 - 2015-07-12 20:23 - 00000000 ____D C:\Program Files (x86)\QuickTime
    C:\Users\Russell\AppData\Local\Temp\libeay32.dll
    C:\Users\Russell\AppData\Local\Temp\msvcr120.dll
    C:\Users\Russell\AppData\Local\Temp\sqlite3.dll
    Task: {09D1FC1F-09F6-489F-9FE1-25E353AD8F2E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {223AB5C7-275B-48A6-845A-AEBF96589C8F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {32F98121-56EF-4D11-8427-A1613DCD3210} - System32\Tasks\{35567F08-3351-47AF-A1E4-20E0F28F26C6} => pcalua.exe -a C:\PROGRA~2\WSE_VO~1\\uninstall.exe
    Task: {468DF489-1BC2-45DB-A384-BFA02A104E07} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {54B632B2-B70E-47ED-8978-64DCBD3F432E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {5A6E3619-A1CA-4D46-9F56-1349FD0A5EE2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {8F137145-4139-41D1-9480-06ED05C7B00F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {CF8AB11E-A3AC-47D1-85C0-8146C54B6A29} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {DE6B3BDD-6847-4D6C-B40E-7576EDF37B92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {E4FBD38C-38EF-492A-B18C-78943F154559} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {F7D14D8F-5604-4DB3-B664-EA54054E1EB9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {FA71AD85-05A2-4FE2-9CC7-78E2B4C765B9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    HKLM\...\StartupApproved\Run32: => "QuickTime Task"
    CMD: ipconfig /flushdns
    Hosts:
    EmptyTemp:

    *****************

    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
    HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
    C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
    C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
    HKLM\SOFTWARE\Policies\Google => key removed successfully
    HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => key removed successfully
    HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} => key removed successfully
    HKCR\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} => key not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} => key removed successfully
    HKCR\Wow6432Node\CLSID\{c5e9c0b3-8b18-4b1b-ad67-c1a063ab2b34} => key not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
    HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
    HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
    HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} => value removed successfully
    HKLM\System\CurrentControlSet\Services\aswVmm => key removed successfully
    aswVmm => service removed successfully
    HKLM\System\CurrentControlSet\Services\wfpcapture => key removed successfully
    wfpcapture => service removed successfully
    C:\ProgramData\AVAST Software => moved successfully
    C:\Program Files (x86)\QuickTime => moved successfully
    C:\Users\Russell\AppData\Local\Temp\libeay32.dll => moved successfully
    C:\Users\Russell\AppData\Local\Temp\msvcr120.dll => moved successfully
    C:\Users\Russell\AppData\Local\Temp\sqlite3.dll => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{09D1FC1F-09F6-489F-9FE1-25E353AD8F2E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09D1FC1F-09F6-489F-9FE1-25E353AD8F2E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{223AB5C7-275B-48A6-845A-AEBF96589C8F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{223AB5C7-275B-48A6-845A-AEBF96589C8F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32F98121-56EF-4D11-8427-A1613DCD3210} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32F98121-56EF-4D11-8427-A1613DCD3210} => key removed successfully
    C:\WINDOWS\System32\Tasks\{35567F08-3351-47AF-A1E4-20E0F28F26C6} => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35567F08-3351-47AF-A1E4-20E0F28F26C6} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{468DF489-1BC2-45DB-A384-BFA02A104E07} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{468DF489-1BC2-45DB-A384-BFA02A104E07} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54B632B2-B70E-47ED-8978-64DCBD3F432E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54B632B2-B70E-47ED-8978-64DCBD3F432E} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A6E3619-A1CA-4D46-9F56-1349FD0A5EE2} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A6E3619-A1CA-4D46-9F56-1349FD0A5EE2} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F137145-4139-41D1-9480-06ED05C7B00F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F137145-4139-41D1-9480-06ED05C7B00F} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF8AB11E-A3AC-47D1-85C0-8146C54B6A29} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF8AB11E-A3AC-47D1-85C0-8146C54B6A29} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE6B3BDD-6847-4D6C-B40E-7576EDF37B92} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE6B3BDD-6847-4D6C-B40E-7576EDF37B92} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4FBD38C-38EF-492A-B18C-78943F154559} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4FBD38C-38EF-492A-B18C-78943F154559} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7D14D8F-5604-4DB3-B664-EA54054E1EB9} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7D14D8F-5604-4DB3-B664-EA54054E1EB9} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA71AD85-05A2-4FE2-9CC7-78E2B4C765B9} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA71AD85-05A2-4FE2-9CC7-78E2B4C765B9} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\QuickTime Task => value removed successfully
    HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value not found.

    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========

    C:\Windows\System32\Drivers\etc\hosts => moved successfully
    Hosts restored successfully.

    =========== EmptyTemp: ==========

    BITS transfer queue => 32768 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7584452 B
    Java, Flash, Steam htmlcache => 492 B
    Windows/system/drivers => 17517304 B
    Edge => 11300322 B
    Chrome => 0 B
    Firefox => 0 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 19034 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 128 B
    systemprofile32 => 128 B
    LocalService => 0 B
    NetworkService => 2697288 B
    Russell => 20742417 B

    RecycleBin => 0 B
    EmptyTemp: => 57.1 MB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 15:39:54 ====
     
  8. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Thanks.
    The fix report looks good.
    Let me know when you have completed the other steps and also let me know how the system is running..... any problems?
     
  9. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Here is the Malwarebytes log and have activates the firewall. I think all the logs are now attached.

    Thank you for all the help thus far Sir @starbuck

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 1/5/17
    Scan Time: 5:37 PM
    Logfile:
    Administrator: Yes

    -Software Information-
    Version: 3.0.5.1299
    Components Version: 1.0.43
    Update Package Version: 1.0.937
    License: Trial

    -System Information-
    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: RUSTYS\Russell

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 95419
    Time Elapsed: 21 min, 25 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 14
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\INTERFACE\{4404078E-2745-4E25-B010-BBC026C0E9C2}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4404078E-2745-4E25-B010-BBC026C0E9C2}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4404078E-2745-4E25-B010-BBC026C0E9C2}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\INTERFACE\{B03CD630-51ED-4B15-974C-76472E4624C0}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B03CD630-51ED-4B15-974C-76472E4624C0}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B03CD630-51ED-4B15-974C-76472E4624C0}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E38FA7CB-C053-4B07-84AD-BCA6D2BE4FE7}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E38FA7CB-C053-4B07-84AD-BCA6D2BE4FE7}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\TYPELIB\{E38FA7CB-C053-4B07-84AD-BCA6D2BE4FE7}, Quarantined, [342], [168490],1.0.937
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a1fa101d-1ccb-4f01-be5e-b2a23e521c68}, Quarantined, [306], [237510],1.0.937
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c5cdc237-c45c-4370-9ac5-c16b15f1ddec}, Quarantined, [306], [237509],1.0.937
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f1b15137-9ccc-4f11-bd30-3777091da48e}, Quarantined, [306], [237508],1.0.937
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr, Quarantined, [6135], [244209],1.0.937
    PUP.Optional.TidyNetwork, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dmidaiabaeipgkcooijbikmdcofhpakp, Quarantined, [701], [244071],1.0.937

    Registry Value: 4
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a1fa101d-1ccb-4f01-be5e-b2a23e521c68}|APPNAME, Quarantined, [306], [237510],1.0.937
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c5cdc237-c45c-4370-9ac5-c16b15f1ddec}|APPNAME, Quarantined, [306], [237509],1.0.937
    PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f1b15137-9ccc-4f11-bd30-3777091da48e}|APPNAME, Quarantined, [306], [237508],1.0.937
    PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8A4D5A43-C64A-45AB-BDF4-804FE18CEAFD}.SDB, Quarantined, [6135], [244209],1.0.937

    Data Stream: 0
    (No malicious items detected)

    Folder: 2
    PUP.Optional.ResultsHub, C:\Program Files (x86)\Common Files\e325c549-dfea-4258-ac01-0f7baf68f990\updater, Quarantined, [12032], [180674],1.0.937
    PUP.Optional.ResultsHub, C:\PROGRAM FILES (X86)\COMMON FILES\E325C549-DFEA-4258-AC01-0F7BAF68F990, Quarantined, [12032], [180674],1.0.937

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)


    (end)
     
  10. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    It seems to be doing better thus far have not had time to really work with. Does seem to load and respond faster.
     
  11. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Ok Rustys, thanks for the update.

    Let's just look a little deeper and make sure.

    Please download RogueKiller Anti-malware (Free) onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on RogueKiller Anti-malware to install the tool.
      Vista/Windows 7/8/10 users right-click and select Run As Administrator.
    • Select Accept the User Agreement then continue to click Next then finally click Install
    • Click Finish
      .
    • When the program opens..... click Scan

      7b512b4714ad7388ba40bdf4658d8770.png

    • Click Start Scan

      fb8fcbeabfc4db8487b2fc1ec6c10afd.png

      c25dc32bd136372e90a3af791dfd642a.png

    • Double check anything found and tick to select items to be removed

      e5a9dca8a5ea08a2d3f5061db7b08355.png

    • Click Remove Selected
    • When the items have been removed.... Click Open Report >> Open TXT.
    • Copy and paste that report into your next reply.

    Thanks
     
  12. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    It had two reports so I put both in the order listed.

    RogueKiller V12.9.1.0 (x64) [Jan 2 2017] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com
    Operating System : Windows 10 (10.0.14393) 64 bits version
    Started in : Normal mode
    User : Russell [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Mode : Scan -- Date : 01/06/2017 12:04:08 (Duration : 01:08:21)
    ¤¤¤ Processes : 0 ¤¤¤
    ¤¤¤ Registry : 9 ¤¤¤
    [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} (C:\Program Files (x86)\Solution Real\bin\{29b8df85-56af-474f-9022-e376793679f9}64.dll) -> Found
    [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C} -> Found
    [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> Found
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com/ -> Found
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com/ -> Found
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com -> Found
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com -> Found
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Found
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Found
    ¤¤¤ Tasks : 0 ¤¤¤
    ¤¤¤ Files : 0 ¤¤¤
    ¤¤¤ WMI : 0 ¤¤¤
    ¤¤¤ Hosts File : 0 ¤¤¤
    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
    ¤¤¤ Web browsers : 0 ¤¤¤
    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD3200BPVT-22JJ5T0 +++++
    --- User ---
    [MBR] ab76397f1851f8139dbd5a56c8df0a21
    [BSP] 6ce326dfd124bb2c4f3eeaceb8e1d1eb : Empty|VT.Unknown MBR Code
    Partition table:
    0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
    1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
    2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 128 MB
    3 - Basic data partition | Offset (sectors): 1697792 | Size: 285542 MB
    4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 586487808 | Size: 350 MB
    5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 587204608 | Size: 18524 MB
    User = LL1 ... OK
    User = LL2 ... OK


    RogueKiller V12.9.1.0 (x64) [Jan 2 2017] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com
    Operating System : Windows 10 (10.0.14393) 64 bits version
    Started in : Normal mode
    User : Russell [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Mode : Delete -- Date : 01/06/2017 12:04:08 (Duration : 01:08:21)
    ¤¤¤ Processes : 0 ¤¤¤
    ¤¤¤ Registry : 9 ¤¤¤
    [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} (C:\Program Files (x86)\Solution Real\bin\{29b8df85-56af-474f-9022-e376793679f9}64.dll) -> Deleted
    [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{A2970C7C-8392-4E6F-8B51-B763CF38E13C} -> Deleted
    [PUP.Gen0] (X64) HKEY_CLASSES_ROOT\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} -> Deleted
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com/ -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Start Page : http://acer13.msn.com/ -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
    [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
    [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3663789177-3663367658-1132085356-1223\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://acer13.msn.com -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
    [PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Replaced (2)
    [PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Replaced (2)
    ¤¤¤ Tasks : 0 ¤¤¤
    ¤¤¤ Files : 0 ¤¤¤
    ¤¤¤ WMI : 0 ¤¤¤
    ¤¤¤ Hosts File : 0 ¤¤¤
    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
    ¤¤¤ Web browsers : 0 ¤¤¤
    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: WDC WD3200BPVT-22JJ5T0 +++++
    --- User ---
    [MBR] ab76397f1851f8139dbd5a56c8df0a21
    [BSP] 6ce326dfd124bb2c4f3eeaceb8e1d1eb : Empty|VT.Unknown MBR Code
    Partition table:
    0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
    1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
    2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 128 MB
    3 - Basic data partition | Offset (sectors): 1697792 | Size: 285542 MB
    4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 586487808 | Size: 350 MB
    5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 587204608 | Size: 18524 MB
    User = LL1 ... OK
    User = LL2 ... OK
     
  13. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    That's good Rustys.

    Run the system for a day or two and then let me know of any problems.
    If there isn't any we'll then finish off the cleaning process.
     
  14. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    That I can do and I thank you.
     
  15. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    :thmbup:
    You're welcome.
     
  16. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    It still a little bit slow.

    When I open another tab in Edge it takes almost six seconds to have the tab appear then load the page. This could be a configuration issue some place in Windows 10.

    Other things are taking a bit to load as well yet I have to remember it is like me old and :oops:.

    When we complete here will create a new thread in the ten section so that can be tackled.
     
  17. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Have you tried using Firefox or IE, to see if this still happens with them?

    Like what?

    I run MalwareBytes 3 (premium) along with Windows Defender on one of my Win10 systems.
    Sometimes The system does slow down and sometimes my browser is a pig to try and work with.
    Sometimes when it gets too bad I turn off the trial/premium version and just run it without all the realtime scanners (free version).... it does make a difference.
    In my tutorial Installing MalwareBytes V3 I have added a section at the bottom that explains how to turn off the trial version.
    Give that a try and see if makes any difference.
     
  18. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Was waiting to install Firefox till you gave the all clear. Will download Firefox and install and let you know.

    Will definitely test it by turning off the trial version and let you know.

    Will say that it is running vastly better than it was when I first started.
     
  19. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Sorry, I saw the FF section in the report:
    But hadn't noticed that it had been removed.

    IE will still be on the system..... it comes installed on Win10 along with Edge.
    Start >> Windows Accessories >> Internet Explorer.

    Try this before installing FF, just to see if that is the problem.

    Nice to hear.
    At least we are getting somewhere :)
     
  20. Rustys

    Rustys Registered Members

    Joined:
    Feb 29, 2016
    Messages:
    1,656
    Location:
    127.0.0.1
    Operating System:
    Linux Based
    Computer Brand or Motherboard:
    Compaq H3900 (Windows 2002)
    CPU:
    Intel (R) PXA250
    Memory:
    64 MB RAM 48 MB ROM
    Hard Drive:
    Yes
    Graphics Card:
    4 D
    Power Supply:
    Solar
    Crud just finished installing and responds much better.
    Use to turn on the system get a cup of coffee and maybe it would be at the log in screen.

    Now it takes 45 to 60 seconds to get there.
    Never would of thought to look there. Thanks Windows 10 is a new animal to me so I am still feeling my way around.
     

Share This Page