Log-Analyse und Auswertung: Win 8.1 Yakes und Inject gefunden und entfernt - jetzt sauber?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.
Win 8.1 Yakes und Inject gefunden und entfernt - jetzt sauber? Hallo! Komme ich zur Weihnachtszeit nach Hause da ueberraschen mich meine Eltern mit einem Brief von der Telekom, dass das BSI sie informiert hat, dass mind. ein Rechner unter dem Anschluss mit xswkit/avalanche infiziert ist. Jetzt bin ich seit ein paar Tagen dabei vier Laptops zu reinigen, Updates einzuspielen und virenscans zu machen. Das ist wohl das Schicksal des einzigen in der Familie, der sich ein bisschen mit IT auskennt... Jetzt brauche ich glaube ich selber mal Hilfe: Auf dem (italienischen) Laptop des Freundes meiner Schwester habe ich Kasperspy Rescue Disk 10 laufen lassen und er hat zwei Torjaner (Yakes, Inject) gefunden und geloescht. Ich wuerde gerne moeglichst sicherstellen, dass das System tatsaechlich sauber ist. Danke fuer die Hilfe schon mal vorab! Hier mal erste FRST logs
002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2017-12-15 07:41 - 2017-08-06 22:20 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2017-12-15 07:41 - 2017-08-02 03:19 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2017-12-15 07:41 - 2017-08-01 09:25 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2017-12-15 07:41 - 2017-07-08 21:14 - 000376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2017-12-15 07:41 - 2017-07-08 04:16 - 001674520 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-12-15 07:41 - 2017-07-08 04:16 - 001534072 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2017-12-15 07:41 - 2017-07-08 04:16 - 001499920 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-12-15 07:41 - 2017-07-08 04:16 - 001370328 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2017-12-15 07:41 - 2017-07-08 04:16 - 000086360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2017-12-15 07:41 - 2017-06-15 15:17 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-12-15 07:41 - 2017-06-13 18:16 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll 2017-12-15 07:41 - 2017-06-13 18:11 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2017-12-15 07:41 - 2017-06-13 15:16 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2017-12-15 07:41 - 2017-06-13 09:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll 2017-12-15 07:41 - 2017-06-13 09:07 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll 2017-12-15 07:41 - 2017-06-13 09:03 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2017-12-15 07:41 - 2017-06-13 08:54 - 000374272 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2017-12-15 07:41 - 2017-06-13 08:50 - 001547264 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2017-12-15 07:41 - 2017-06-09 14:47 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml 2017-12-15 07:41 - 2017-06-08 02:48 - 002457936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2017-12-15 07:41 - 2017-06-07 05:25 - 000428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2017-12-15 07:41 - 2017-06-03 17:27 - 002346496 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-12-15 07:41 - 2017-06-03 17:03 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-12-15 07:41 - 2017-06-02 13:15 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-12-15 07:41 - 2017-06-02 13:12 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-12-15 07:41 - 2017-06-02 13:12 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-12-15 07:41 - 2017-06-02 13:06 - 001001984 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-12-15 07:41 - 2017-06-02 13:01 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-12-15 07:41 - 2017-06-02 12:03 - 000903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-12-15 07:41 - 2017-06-02 11:25 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-12-15 07:41 - 2017-06-02 11:24 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-12-15 07:41 - 2017-06-02 11:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-12-15 07:41 - 2017-06-02 10:43 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-12-15 07:41 - 2017-05-27 17:42 - 001115136 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2017-12-15 07:41 - 2017-05-15 23:09 - 000057688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys 2017-12-15 07:41 - 2017-05-14 20:04 - 000315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2017-12-15 07:41 - 2017-05-14 20:03 - 000373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2017-12-15 07:41 - 2017-05-12 17:13 - 001559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-12-15 07:41 - 2017-05-12 16:51 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2017-12-15 07:41 - 2017-05-12 16:50 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2017-12-15 07:41 - 2017-05-12 16:48 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2017-12-15 07:41 - 2017-05-12 16:47 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2017-12-15 07:41 - 2017-05-12 03:58 - 001985536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-12-15 07:41 - 2017-05-12 03:48 - 001377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-12-15 07:41 - 2017-05-12 03:11 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2017-12-15 07:41 - 2017-05-12 03:10 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2017-12-15 07:41 - 2017-05-12 03:07 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2017-12-15 07:41 - 2017-05-12 03:06 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2017-12-15 07:41 - 2017-05-12 03:04 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2017-12-15 07:41 - 2017-05-12 03:00 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2017-12-15 07:41 - 2017-05-10 19:19 - 000101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2017-12-15 07:41 - 2017-05-02 19:41 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2017-12-15 07:41 - 2017-05-02 19:31 - 000207360 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll 2017-12-15 07:41 - 2017-05-02 18:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2017-12-15 07:41 - 2017-04-16 11:18 - 001135288 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-12-15 07:41 - 2017-04-16 09:16 - 000862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-12-15 07:41 - 2017-04-09 23:00 - 000388448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-12-15 07:41 - 2017-04-06 17:46 - 000434688 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-12-15 07:41 - 2017-04-02 15:49 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2017-12-15 07:41 - 2017-04-01 00:16 - 001968408 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2017-12-15 07:41 - 2017-03-31 22:59 - 001612504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2017-12-15 07:41 - 2017-03-04 20:24 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2017-12-15 07:41 - 2017-02-11 17:49 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2017-12-15 07:41 - 2017-02-04 20:32 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2017-12-15 07:41 - 2017-02-04 20:30 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-12-15 07:41 - 2017-02-04 18:51 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2017-12-15 07:41 - 2017-02-01 20:44 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-12-15 07:41 - 2017-02-01 20:42 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-12-15 07:41 - 2017-01-21 22:37 - 000567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2017-12-15 07:41 - 2017-01-21 20:22 - 000559104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys 2017-12-15 07:41 - 2017-01-11 18:28 - 000422744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2017-12-15 07:41 - 2017-01-10 23:37 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2017-12-15 07:41 - 2017-01-10 22:06 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2017-12-15 07:41 - 2017-01-10 20:20 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2017-12-15 07:41 - 2017-01-06 18:25 - 002513408 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2017-12-15 07:41 - 2017-01-06 18:04 - 001495552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2017-12-15 07:41 - 2016-11-19 22:24 - 000152856 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-12-15 07:41 - 2016-11-11 03:33 - 001541240 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2017-12-15 07:41 - 2016-11-05 18:57 - 003320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2017-12-15 07:41 - 2016-11-05 18:11 - 003606528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2017-12-15 07:41 - 2016-10-10 22:17 - 000444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-12-15 07:41 - 2016-10-10 22:17 - 000333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-12-15 07:41 - 2016-10-09 23:59 - 000551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2017-12-15 07:41 - 2016-10-08 23:53 - 003754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2017-12-15 07:41 - 2016-10-08 22:49 - 002410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll 2017-12-15 07:41 - 2016-10-05 15:01 - 001200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2017-12-15 07:41 - 2016-10-05 15:00 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2017-12-15 07:41 - 2016-09-09 15:03 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll 2017-12-15 07:41 - 2016-09-09 15:02 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll 2017-12-15 07:41 - 2016-09-03 18:18 - 000825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2017-12-15 07:41 - 2016-08-02 07:20 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-12-15 07:41 - 2016-07-23 19:18 - 001220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2017-12-15 07:41 - 2016-07-23 19:12 - 000954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2017-12-15 07:41 - 2016-01-09 02:38 - 000091992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2017-12-15 07:41 - 2015-11-10 01:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-12-15 07:41 - 2015-09-10 17:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-12-15 07:41 - 2015-09-10 17:17 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-12-15 07:41 - 2015-07-16 21:36 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-12-15 07:41 - 2015-07-16 20:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-12-15 07:40 - 2017-11-07 22:15 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2017-12-15 07:40 - 2017-11-07 21:49 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2017-12-15 07:40 - 2017-11-07 21:46 - 000285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll 2017-12-15 07:40 - 2017-11-07 21:27 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2017-12-15 07:40 - 2017-10-17 20:11 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-12-15 07:40 - 2017-10-14 08:55 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-12-15 07:40 - 2017-10-14 07:41 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-12-15 07:40 - 2017-10-10 17:39 - 001192960 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2017-12-15 07:40 - 2017-10-10 17:36 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2017-12-15 07:40 - 2017-10-10 17:29 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2017-12-15 07:40 - 2017-10-10 16:42 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2017-12-15 07:40 - 2017-10-10 16:38 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll 2017-12-15 07:40 - 2017-10-10 16:08 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll 2017-12-15 07:40 - 2017-10-10 15:58 - 000949760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2017-12-15 07:40 - 2017-09-09 18:38 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2017-12-15 07:40 - 2017-09-09 14:13 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2017-12-15 07:40 - 2017-09-09 14:13 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2017-12-15 07:40 - 2017-09-08 19:15 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2017-12-15 07:40 - 2017-09-08 18:39 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2017-12-15 07:40 - 2017-09-08 18:14 - 003084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2017-12-15 07:40 - 2017-09-08 17:50 - 002471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2017-12-15 07:40 - 2017-09-07 22:31 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll 2017-12-15 07:40 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-12-15 07:40 - 2017-09-07 20:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll 2017-12-15 07:40 - 2017-09-07 14:40 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-12-15 07:40 - 2017-09-07 00:07 - 000158552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2017-12-15 07:40 - 2017-09-06 15:14 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll 2017-12-15 07:40 - 2017-08-19 18:27 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2017-12-15 07:40 - 2017-08-19 17:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2017-12-15 07:40 - 2017-08-13 20:48 - 000202592 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2017-12-15 07:40 - 2017-08-13 18:52 - 000174944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll 2017-12-15 07:40 - 2017-08-13 18:19 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys 2017-12-15 07:40 - 2017-08-13 18:10 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll 2017-12-15 07:40 - 2017-08-13 17:33 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll 2017-12-15 07:40 - 2017-08-13 16:52 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll 2017-12-15 07:40 - 2017-08-11 22:19 - 000482304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll 2017-12-15 07:40 - 2017-08-11 22:14 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll 2017-12-15 07:40 - 2017-08-11 21:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll 2017-12-15 07:40 - 2017-08-11 04:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2017-12-15 07:40 - 2017-08-11 04:27 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys 2017-12-15 07:40 - 2017-08-11 03:38 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2017-12-15 07:40 - 2017-08-11 03:16 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll 2017-12-15 07:40 - 2017-08-11 03:08 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2017-12-15 07:40 - 2017-08-11 02:57 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll 2017-12-15 07:40 - 2017-08-11 02:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2017-12-15 07:40 - 2017-08-11 02:49 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2017-12-15 07:40 - 2017-08-11 02:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2017-12-15 07:40 - 2017-08-06 22:20 - 000542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2017-12-15 07:40 - 2017-08-02 04:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-12-15 07:40 - 2017-07-22 19:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll 2017-12-15 07:40 - 2017-07-22 18:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll 2017-12-15 07:40 - 2017-07-21 14:40 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll 2017-12-15 07:40 - 2017-07-21 14:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll 2017-12-15 07:40 - 2017-07-17 20:53 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll 2017-12-15 07:40 - 2017-07-17 00:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll 2017-12-15 07:40 - 2017-07-14 21:08 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2017-12-15 07:40 - 2017-07-14 19:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2017-12-15 07:40 - 2017-07-12 21:29 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll 2017-12-15 07:40 - 2017-07-12 21:29 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-12-15 07:40 - 2017-07-12 21:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll 2017-12-15 07:40 - 2017-07-12 21:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-12-15 07:40 - 2017-07-08 20:10 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys 2017-12-15 07:40 - 2017-07-08 20:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-12-15 07:40 - 2017-07-08 19:43 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-12-15 07:40 - 2017-07-08 19:30 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-12-15 07:40 - 2017-07-08 18:29 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll 2017-12-15 07:40 - 2017-07-08 04:46 - 000377688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2017-12-15 07:40 - 2017-07-08 04:14 - 000100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2017-12-15 07:40 - 2017-07-06 09:52 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys 2017-12-15 07:40 - 2017-07-01 14:47 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2017-12-15 07:40 - 2017-07-01 14:47 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll 2017-12-15 07:40 - 2017-06-24 17:46 - 000424448 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll 2017-12-15 07:40 - 2017-06-24 17:16 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll 2017-12-15 07:40 - 2017-06-15 15:14 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll 2017-12-15 07:40 - 2017-06-15 15:14 - 000580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll 2017-12-15 07:40 - 2017-06-12 01:14 - 000276320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2017-12-15 07:40 - 2017-06-11 23:21 - 000590848 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2017-12-15 07:40 - 2017-06-11 22:43 - 000371200 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2017-12-15 07:40 - 2017-06-11 22:25 - 000478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2017-12-15 07:40 - 2017-06-11 22:15 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2017-12-15 07:40 - 2017-06-11 22:07 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2017-12-15 07:40 - 2017-06-11 21:58 - 000334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe 2017-12-15 07:40 - 2017-06-11 21:40 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2017-12-15 07:40 - 2017-06-11 21:13 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll 2017-12-15 07:40 - 2017-06-11 21:11 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2017-12-15 07:40 - 2017-06-11 21:02 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll 2017-12-15 07:40 - 2017-06-06 21:52 - 003120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-12-15 07:40 - 2017-06-06 21:42 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2017-12-15 07:40 - 2017-06-06 21:38 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll 2017-12-15 07:40 - 2017-06-06 21:36 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll 2017-12-15 07:40 - 2017-06-06 21:36 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe 2017-12-15 07:40 - 2017-06-06 21:35 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll 2017-12-15 07:40 - 2017-06-06 20:13 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll 2017-12-15 07:40 - 2017-06-06 20:11 - 000557568 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2017-12-15 07:40 - 2017-06-06 20:11 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2017-12-15 07:40 - 2017-06-06 20:11 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll 2017-12-15 07:40 - 2017-06-06 20:11 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll 2017-12-15 07:40 - 2017-06-06 20:08 - 002712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-12-15 07:40 - 2017-06-06 20:03 - 000837632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe 2017-12-15 07:40 - 2017-06-06 19:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cnvfat.dll 2017-12-15 07:40 - 2017-06-06 19:57 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uudf.dll 2017-12-15 07:40 - 2017-06-06 19:56 - 000375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll 2017-12-15 07:40 - 2017-06-06 19:03 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ulib.dll 2017-12-15 07:40 - 2017-06-06 19:02 - 000513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2017-12-15 07:40 - 2017-06-06 19:02 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll 2017-12-15 07:40 - 2017-06-06 19:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ufat.dll 2017-12-15 07:40 - 2017-06-06 19:02 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uexfat.dll 2017-12-15 07:40 - 2017-05-31 22:20 - 000470360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2017-12-15 07:40 - 2017-05-15 20:58 - 000121184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys 2017-12-15 07:40 - 2017-05-12 18:05 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2017-12-15 07:40 - 2017-05-12 05:10 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2017-12-15 07:40 - 2017-05-09 15:37 - 000658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2017-12-15 07:40 - 2017-05-09 15:35 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll 2017-12-15 07:40 - 2017-05-09 15:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll 2017-12-15 07:40 - 2017-05-09 15:29 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe 2017-12-15 07:40 - 2017-05-09 15:28 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll 2017-12-15 07:40 - 2017-05-09 15:28 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll 2017-12-15 07:40 - 2017-04-30 17:48 - 000080078 _____ C:\Windows\system32\normidna.nls 2017-12-15 07:40 - 2017-04-28 02:13 - 001292288 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2017-12-15 07:40 - 2017-04-28 02:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2017-12-15 07:40 - 2017-04-16 11:23 - 002176584 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2017-12-15 07:40 - 2017-04-16 11:23 - 001662096 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-12-15 07:40 - 2017-04-16 11:23 - 001063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2017-12-15 07:40 - 2017-04-16 11:18 - 000803192 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2017-12-15 07:40 - 2017-04-16 10:07 - 001566032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2017-12-15 07:40 - 2017-04-16 10:07 - 001213792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-12-15 07:40 - 2017-04-16 10:07 - 000548032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2017-12-15 07:40 - 2017-04-16 10:05 - 000612096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2017-12-15 07:40 - 2017-04-16 09:37 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-12-15 07:40 - 2017-04-16 09:10 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-12-15 07:40 - 2017-04-16 08:29 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-12-15 07:40 - 2017-04-16 08:22 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2017-12-15 07:40 - 2017-04-16 08:02 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll 2017-12-15 07:40 - 2017-04-09 21:40 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys 2017-12-15 07:40 - 2017-04-09 21:39 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys 2017-12-15 07:40 - 2017-04-09 21:37 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbusr.sys 2017-12-15 07:40 - 2017-04-09 20:00 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspiper.dll 2017-12-15 07:40 - 2017-04-06 18:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2017-12-15 07:40 - 2017-04-06 17:35 - 001362432 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2017-12-15 07:40 - 2017-04-06 16:44 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2017-12-15 07:40 - 2017-03-13 17:38 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll 2017-12-15 07:40 - 2017-03-13 17:29 - 002609664 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2017-12-15 07:40 - 2017-03-13 17:25 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2017-12-15 07:40 - 2017-03-13 17:13 - 000159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll 2017-12-15 07:40 - 2017-03-13 17:07 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2017-12-15 07:40 - 2017-03-13 17:06 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2017-12-15 07:40 - 2017-03-11 04:59 - 001763888 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2017-12-15 07:40 - 2017-03-11 04:56 - 001489608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2017-12-15 07:40 - 2017-03-09 21:52 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2017-12-15 07:40 - 2017-03-09 20:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2017-12-15 07:40 - 2017-03-04 20:06 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2017-12-15 07:40 - 2017-03-03 16:10 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll 2017-12-15 07:40 - 2017-03-03 16:04 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll 2017-12-15 07:40 - 2017-02-10 15:37 - 000046600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2017-12-15 07:40 - 2017-02-04 18:53 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2017-12-15 07:40 - 2017-02-04 18:50 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-12-15 07:40 - 2017-02-04 18:32 - 000584704 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-12-15 07:40 - 2017-02-04 18:19 - 000065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2017-12-15 07:40 - 2017-02-04 18:17 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-12-15 07:40 - 2017-02-04 18:05 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-12-15 07:40 - 2017-01-21 20:27 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-12-15 07:40 - 2017-01-21 20:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll 2017-12-15 07:40 - 2017-01-21 20:27 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-12-15 07:40 - 2017-01-21 19:40 - 000756736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-12-15 07:40 - 2017-01-21 19:40 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll 2017-12-15 07:40 - 2017-01-21 19:40 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-12-15 07:40 - 2017-01-19 03:18 - 001113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2017-12-15 07:40 - 2017-01-14 21:32 - 000955016 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2017-12-15 07:40 - 2017-01-14 20:18 - 000787688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2017-12-15 07:40 - 2017-01-14 18:49 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe 2017-12-15 07:40 - 2017-01-12 17:51 - 000274776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2017-12-15 07:40 - 2017-01-12 17:51 - 000117592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2017-12-15 07:40 - 2017-01-12 16:03 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys 2017-12-15 07:40 - 2017-01-10 21:46 - 001388544 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2017-12-15 07:40 - 2017-01-10 20:09 - 001108480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2017-12-15 07:40 - 2016-12-25 02:21 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys 2017-12-15 07:40 - 2016-12-25 02:14 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2017-12-15 07:40 - 2016-12-25 01:48 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2017-12-15 07:40 - 2016-12-25 01:19 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2017-12-15 07:40 - 2016-12-25 00:39 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll 2017-12-15 07:40 - 2016-11-19 18:22 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-12-15 07:40 - 2016-11-12 22:06 - 000738104 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2017-12-15 07:40 - 2016-11-12 20:38 - 000613632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2017-12-15 07:40 - 2016-10-12 22:11 - 000922968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys 2017-12-15 07:40 - 2016-10-11 21:21 - 000497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2017-12-15 07:40 - 2016-10-11 21:21 - 000399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2017-12-15 07:40 - 2016-10-11 18:47 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2017-12-15 07:40 - 2016-10-11 17:55 - 000226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll 2017-12-15 07:40 - 2016-10-10 19:18 - 000069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-12-15 07:40 - 2016-10-09 15:17 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2017-12-15 07:40 - 2016-10-09 15:08 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2017-12-15 07:40 - 2016-10-09 15:08 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll 2017-12-15 07:40 - 2016-10-08 23:07 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2017-12-15 07:40 - 2016-10-08 22:21 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2017-12-15 07:40 - 2016-10-05 05:15 - 000324896 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2017-12-15 07:40 - 2016-10-05 05:15 - 000245320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2017-12-15 07:40 - 2016-10-04 21:39 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2017-12-15 07:40 - 2016-10-04 21:08 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2017-12-15 07:40 - 2016-09-17 19:16 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll 2017-12-15 07:40 - 2016-09-17 18:21 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll 2017-12-15 07:40 - 2016-09-12 23:03 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll 2017-12-15 07:40 - 2016-09-12 22:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll 2017-12-15 07:40 - 2016-09-08 15:00 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2017-12-15 07:40 - 2016-09-03 19:20 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll 2017-12-15 07:40 - 2016-09-03 19:06 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll 2017-12-15 07:40 - 2016-09-03 18:21 - 000055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll 2017-12-15 07:40 - 2016-09-03 17:12 - 000512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2017-12-15 07:40 - 2016-09-03 16:58 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2017-12-15 07:40 - 2016-09-02 15:05 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2017-12-15 07:40 - 2016-09-02 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll 2017-12-15 07:40 - 2016-09-01 15:33 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll 2017-12-15 07:40 - 2016-08-30 15:11 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2017-12-15 07:40 - 2016-08-30 03:45 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll 2017-12-15 07:40 - 2016-08-30 03:18 - 000871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll 2017-12-15 07:40 - 2016-08-30 03:18 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll 2017-12-15 07:40 - 2016-08-30 03:03 - 000721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll 2017-12-15 07:40 - 2016-08-25 21:50 - 000747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2017-12-15 07:40 - 2016-08-25 20:40 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2017-12-15 07:40 - 2016-08-22 14:34 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2017-12-15 07:40 - 2016-08-13 01:05 - 009323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2017-12-15 07:40 - 2016-08-13 01:03 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys 2017-12-15 07:40 - 2016-08-13 01:02 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys 2017-12-15 07:40 - 2016-08-13 01:01 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys 2017-12-15 07:40 - 2016-08-12 23:35 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2017-12-15 07:40 - 2016-08-12 23:19 - 009323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2017-12-15 07:40 - 2016-08-12 22:17 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll 2017-12-15 07:40 - 2016-08-12 02:58 - 002315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2017-12-15 07:40 - 2016-08-12 02:58 - 001946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2017-12-15 07:40 - 2016-08-11 19:33 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys 2017-12-15 07:40 - 2016-08-11 19:33 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys 2017-12-15 07:40 - 2016-08-11 19:33 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys 2017-12-15 07:40 - 2016-08-11 18:17 - 001574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2017-12-15 07:40 - 2016-08-03 16:42 - 001317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2017-12-15 07:40 - 2016-08-03 16:36 - 001102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2017-12-15 07:40 - 2016-08-03 16:36 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2017-12-15 07:40 - 2016-08-03 16:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2017-12-15 07:40 - 2016-07-30 18:12 - 002896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2017-12-15 07:40 - 2016-07-30 17:36 - 002537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2017-12-15 07:40 - 2016-07-26 14:40 - 000162850 _____ C:\Windows\SysWOW64\C_932.NLS 2017-12-15 07:40 - 2016-07-26 14:40 - 000162850 _____ C:\Windows\system32\C_932.NLS 2017-12-15 07:40 - 2016-06-25 19:13 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2017-12-15 07:40 - 2016-05-12 19:38 - 000135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2017-12-15 07:40 - 2016-05-12 18:43 - 000115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2017-12-15 07:40 - 2016-02-08 19:14 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2017-12-15 07:40 - 2016-02-02 18:51 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2017-12-15 07:40 - 2016-02-02 18:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2017-12-15 07:40 - 2016-02-02 18:01 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll 2017-12-15 07:40 - 2016-02-02 17:46 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll 2017-12-15 07:40 - 2016-01-30 20:00 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2017-12-15 07:40 - 2016-01-30 19:18 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2017-12-15 07:40 - 2016-01-30 18:48 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2017-12-15 07:39 - 2015-10-13 18:10 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2017-12-15 07:38 - 2017-10-11 08:35 - 000143016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-12-15 07:38 - 2017-10-10 16:21 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2017-12-15 07:38 - 2017-10-10 14:18 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-12-15 07:38 - 2017-10-10 14:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-12-15 07:38 - 2016-07-08 15:17 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2017-12-15 07:38 - 2016-07-08 15:17 - 000319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll 2017-12-15 07:38 - 2016-07-07 23:32 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys 2017-12-15 07:38 - 2016-07-07 23:10 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll 2017-12-15 07:38 - 2016-07-07 23:01 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll 2017-12-15 07:38 - 2016-07-07 22:04 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll 2017-12-15 07:38 - 2016-07-07 21:44 - 000429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2017-12-15 07:38 - 2016-07-07 21:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2017-12-15 07:38 - 2016-07-07 21:29 - 000704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll 2017-12-15 07:38 - 2016-07-07 21:18 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll 2017-12-15 07:38 - 2016-07-07 21:11 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll 2017-12-15 07:38 - 2016-07-07 20:35 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll 2017-12-15 07:38 - 2016-07-07 20:14 - 000628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll 2017-12-15 07:38 - 2016-07-04 04:45 - 000360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2017-12-15 07:38 - 2016-07-01 21:39 - 000197352 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll 2017-12-15 07:38 - 2016-07-01 21:39 - 000157016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll 2017-12-15 07:38 - 2015-07-14 22:59 - 000487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2017-12-15 07:38 - 2015-07-14 22:59 - 000393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2017-12-15 07:38 - 2015-07-01 23:16 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2017-12-15 07:38 - 2015-07-01 22:35 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2017-12-15 07:38 - 2014-06-09 23:13 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2017-12-15 07:38 - 2014-06-09 23:13 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2017-12-15 07:37 - 2016-02-06 19:08 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2017-12-15 07:37 - 2016-02-03 16:11 - 001673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2017-12-15 07:37 - 2016-02-02 18:15 - 000787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2017-12-15 07:37 - 2016-01-26 20:15 - 000072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys 2017-12-15 07:37 - 2015-10-08 17:11 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll 2017-12-15 07:37 - 2015-10-08 16:50 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll 2017-12-15 07:37 - 2015-08-28 23:20 - 000183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2017-12-15 07:37 - 2015-07-10 18:54 - 001217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2017-12-15 07:37 - 2015-03-04 02:32 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2017-12-15 07:37 - 2015-03-04 02:12 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2017-12-15 07:36 - 2016-08-22 17:06 - 000179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-12-15 07:36 - 2016-08-22 17:06 - 000100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-12-15 07:36 - 2016-08-20 23:55 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-12-15 07:36 - 2016-05-19 00:18 - 000397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2017-12-15 07:36 - 2016-05-19 00:16 - 000178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-12-15 07:36 - 2016-05-18 23:28 - 000340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2017-12-15 07:36 - 2016-03-14 17:50 - 000316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2017-12-15 07:36 - 2016-03-10 18:03 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll 2017-12-15 07:36 - 2016-03-10 17:48 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll 2017-12-15 07:36 - 2016-03-05 18:44 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2017-12-15 07:36 - 2016-03-05 18:04 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2017-12-15 07:36 - 2016-02-09 02:31 - 000273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2017-12-15 07:36 - 2016-02-08 21:15 - 002551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2017-12-15 07:36 - 2016-02-08 21:02 - 001197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2017-12-15 07:36 - 2016-02-08 20:43 - 000524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2017-12-15 07:36 - 2016-02-08 20:40 - 000539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2017-12-15 07:36 - 2016-02-08 20:39 - 000305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2017-12-15 07:36 - 2016-02-08 20:37 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2017-12-15 07:36 - 2016-02-08 20:34 - 000667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2017-12-15 07:36 - 2016-02-08 20:33 - 000520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2017-12-15 07:36 - 2016-02-08 18:55 - 002592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2017-12-15 07:36 - 2016-02-08 18:33 - 001278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2017-12-15 07:36 - 2016-02-08 18:02 - 000653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2017-12-15 07:36 - 2016-02-08 18:00 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2017-12-15 07:36 - 2016-02-08 17:58 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2017-12-15 07:36 - 2016-02-08 17:55 - 000173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2017-12-15 07:36 - 2016-02-08 17:53 - 002171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2017-12-15 07:36 - 2016-02-08 17:53 - 001348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2017-12-15 07:36 - 2016-02-08 17:50 - 000841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2017-12-15 07:36 - 2016-02-08 17:48 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2017-12-15 07:36 - 2016-02-08 17:47 - 002819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2017-12-15 07:36 - 2016-02-08 17:44 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2017-12-15 07:36 - 2016-02-05 20:07 - 000292696 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2017-12-15 07:36 - 2016-02-05 20:07 - 000243032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL 2017-12-15 07:36 - 2016-02-04 19:07 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll 2017-12-15 07:36 - 2016-02-04 18:35 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll 2017-12-15 07:36 - 2016-02-03 16:14 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2017-12-15 07:36 - 2016-01-31 20:16 - 000148832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2017-12-15 07:36 - 2016-01-31 18:17 - 000779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe 2017-12-15 07:36 - 2016-01-10 17:41 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2017-12-15 07:36 - 2016-01-10 17:31 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2017-12-15 07:36 - 2016-01-09 02:49 - 000218448 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2017-12-15 07:36 - 2016-01-09 02:49 - 000192120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2017-12-15 07:36 - 2016-01-07 00:46 - 000148752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll 2017-12-15 07:36 - 2016-01-07 00:45 - 000177712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2017-12-15 07:36 - 2016-01-06 17:47 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 002745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 002528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 002450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 002447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 002334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 002324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 001877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 001798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 001484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 001288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 001210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 001150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 001115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 001037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2017-12-15 07:36 - 2015-12-05 06:58 - 000090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2017-12-15 07:36 - 2015-12-05 06:58 - 000076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2017-12-15 07:36 - 2015-12-03 19:07 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2017-12-15 07:36 - 2015-12-03 19:07 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2017-12-15 07:36 - 2015-12-03 19:05 - 000644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2017-12-15 07:36 - 2015-12-03 19:02 - 001664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2017-12-15 07:36 - 2015-12-03 19:00 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2017-12-15 07:36 - 2015-12-03 18:58 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll 2017-12-15 07:36 - 2015-12-03 18:30 - 000468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2017-12-15 07:36 - 2015-12-03 18:28 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2017-12-15 07:36 - 2015-12-03 18:28 - 000245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2017-12-15 07:36 - 2015-12-03 18:27 - 000736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2017-12-15 07:36 - 2015-12-03 18:24 - 001411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2017-12-15 07:36 - 2015-12-03 18:23 - 000402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2017-12-15 07:36 - 2015-12-03 18:01 - 000743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2017-12-15 07:36 - 2015-12-03 17:40 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2017-12-15 07:36 - 2015-12-03 17:29 - 000887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2017-12-15 07:36 - 2015-11-21 17:47 - 000522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2017-12-15 07:36 - 2015-11-21 17:40 - 000414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2017-12-15 07:36 - 2015-10-11 07:34 - 000468824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2017-12-15 07:36 - 2015-10-11 07:34 - 000027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2017-12-15 07:36 - 2015-10-10 19:41 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2017-12-15 07:36 - 2015-10-10 19:41 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2017-12-15 07:36 - 2015-09-07 17:17 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2017-12-15 07:36 - 2015-08-06 18:05 - 000669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx 2017-12-15 07:36 - 2015-08-06 17:37 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx 2017-12-15 07:36 - 2015-07-30 18:18 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2017-12-15 07:36 - 2015-07-30 17:22 - 000230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2017-12-15 07:36 - 2015-07-22 15:33 - 001728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2017-12-15 07:36 - 2015-07-22 15:25 - 001546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2017-12-15 07:36 - 2015-07-09 17:14 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2017-12-15 07:36 - 2015-04-08 23:41 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll 2017-12-15 07:35 - 2016-08-27 20:44 - 002755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2017-12-15 07:35 - 2016-08-27 20:44 - 000133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe 2017-12-15 07:35 - 2016-08-27 19:26 - 002411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2017-12-15 07:35 - 2016-08-27 19:26 - 000113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe 2017-12-15 07:35 - 2016-08-27 17:33 - 002881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2017-12-15 07:35 - 2016-08-27 17:11 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2017-12-15 07:35 - 2016-03-10 18:43 - 000161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2017-12-15 07:35 - 2016-03-10 17:55 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2017-12-15 07:35 - 2016-03-10 17:42 - 000116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2017-12-15 07:34 - 2016-08-13 01:04 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-12-15 07:34 - 2016-05-14 21:01 - 000363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2017-12-15 07:34 - 2016-05-14 21:01 - 000320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll 2017-12-15 07:34 - 2016-05-13 22:58 - 000339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2017-12-15 07:34 - 2016-05-13 22:35 - 000286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2017-12-15 07:34 - 2016-03-12 01:47 - 000160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2017-12-15 07:34 - 2016-03-12 01:47 - 000121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2017-12-15 07:34 - 2015-12-28 22:42 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll 2017-12-15 07:34 - 2015-12-28 21:31 - 000578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll 2017-12-15 07:34 - 2015-08-01 04:47 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2017-12-15 07:34 - 2015-08-01 04:45 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe 2017-12-15 07:34 - 2015-08-01 04:38 - 001265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2017-12-15 07:34 - 2015-08-01 04:37 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2017-12-15 07:34 - 2015-08-01 04:37 - 000359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe 2017-12-15 07:34 - 2015-07-16 19:58 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll 2017-12-15 07:34 - 2015-07-10 19:19 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2017-12-15 07:34 - 2015-07-10 18:14 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2017-12-15 07:34 - 2015-07-10 18:13 - 007032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2017-12-15 07:34 - 2015-07-10 17:31 - 006213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2017-12-15 07:33 - 2016-06-21 19:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2017-12-15 07:33 - 2016-06-21 15:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2017-12-15 07:33 - 2016-04-11 07:21 - 000074584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2017-12-15 07:33 - 2016-03-03 17:13 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2017-12-15 07:33 - 2016-02-04 18:24 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2017-12-15 07:33 - 2016-02-04 18:02 - 000483328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2017-12-15 07:33 - 2016-01-05 16:00 - 000570880 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2017-12-15 07:33 - 2015-12-20 15:56 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe 2017-12-15 07:33 - 2015-07-14 04:27 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe 2017-12-15 07:33 - 2015-07-09 18:13 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe 2017-12-15 07:33 - 2015-07-09 18:13 - 000221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe 2017-12-15 07:33 - 2015-07-09 17:30 - 000212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe 2017-12-15 07:32 - 2016-08-11 17:26 - 001156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2017-12-15 07:32 - 2016-08-11 17:17 - 000627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2017-12-15 07:32 - 2016-08-11 17:16 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2017-12-15 07:32 - 2015-01-30 03:02 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2017-12-15 07:32 - 2015-01-30 02:40 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll 2017-12-15 07:32 - 2015-01-30 02:37 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2017-12-15 07:32 - 2015-01-30 02:24 - 000339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2017-12-15 07:32 - 2015-01-30 02:24 - 000250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll 2017-12-15 07:32 - 2015-01-30 02:16 - 000266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll 2017-12-15 07:32 - 2015-01-30 02:08 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll 2017-12-15 07:32 - 2015-01-30 02:06 - 000278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll 2017-12-15 07:30 - 2015-05-12 14:19 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2017-12-14 21:14 - 2017-12-18 15:12 - 000000000 ____D C:\Users\NB-EDOARDO\AppData\LocalLow\Mozilla 2017-12-14 21:11 - 2017-12-14 22:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-12-14 19:09 - 2017-12-14 19:10 - 000000000 ____D C:\ProgramData\AVAST Software 2017-12-07 21:00 - 2017-12-07 21:00 - 000003808 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration 2017-12-07 18:35 - 2017-12-07 18:35 - 000000000 ____D C:\Users\NB-EDOARDO\AppData\Roaming\AVG 2017-12-07 18:34 - 2017-12-07 18:34 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2017-12-07 18:34 - 2017-12-07 18:34 - 000003920 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update 2017-12-07 18:34 - 2017-12-07 18:33 - 001018648 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000356880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000196392 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000176000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000140704 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2017-12-07 18:34 - 2017-12-07 18:33 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys 2017-12-07 18:34 - 2017-12-07 18:32 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys 2017-12-07 18:34 - 2017-12-07 18:32 - 000314640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys 2017-12-07 18:34 - 2017-12-07 18:32 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys 2017-12-07 18:34 - 2017-12-07 18:32 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiska.sys 2017-12-07 18:34 - 2017-12-07 18:32 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys 2017-12-07 18:33 - 2017-12-07 18:33 - 000366288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2017-12-07 18:25 - 2017-12-07 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-12-07 18:23 - 2017-12-18 12:07 - 000003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task 2017-12-07 18:23 - 2017-12-07 18:26 - 000000000 ____D C:\Program Files (x86)\AVG 2017-12-07 18:15 - 2017-12-14 20:39 - 000000000 ____D C:\ProgramData\Avg 2017-12-07 18:15 - 2017-12-07 18:35 - 000000000 ____D C:\Users\NB-EDOARDO\AppData\Local\Avg 2017-12-07 18:15 - 2017-12-07 18:25 - 000000000 ____D C:\Users\NB-EDOARDO\AppData\Local\AvgSetupLog 2017-12-07 18:13 - 2017-12-07 18:13 - 000000000 ____D C:\ProgramData\Dell Inc 2017-11-30 07:26 - 2017-12-14 21:55 - 000032503 _____ C:\Users\NB-EDOARDO\Desktop\ResetWUEng.cmd ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-12-18 15:16 - 2015-12-18 15:33 - 000003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-24668139-476789873-1974145459-1001 2017-12-18 15:16 - 2015-11-08 04:33 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery 2017-12-18 15:11 - 2015-12-25 13:25 - 000000000 ____D C:\Users\NB-EDOARDO\OneDrive 2017-12-18 15:11 - 2015-12-18 15:28 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-12-18 15:11 - 2015-12-18 15:28 - 000000000 __SHD C:\Users\NB-EDOARDO\IntelGraphicsProfiles 2017-12-18 15:03 - 2014-11-21 09:59 - 001805768 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-18 15:03 - 2014-11-21 09:09 - 000797758 _____ C:\Windows\system32\perfh010.dat 2017-12-18 15:03 - 2014-11-21 09:09 - 000153938 _____ C:\Windows\system32\perfc010.dat 2017-12-18 15:03 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2017-12-18 14:55 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-12-18 12:23 - 2016-01-21 12:12 - 000000000 ____D C:\Program Files (x86)\Steam 2017-12-18 12:23 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2017-12-18 12:12 - 2015-11-08 04:05 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2017-12-18 12:03 - 2015-11-08 04:19 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-12-18 12:00 - 2015-12-21 08:59 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{52297188-F898-4899-B1E3-FDEA07EAE2AB} 2017-12-16 18:52 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppCompat 2017-12-16 13:56 - 2013-08-22 15:44 - 000493144 _____ C:\Windows\system32\FNTCACHE.DAT 2017-12-15 13:54 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\en-GB 2017-12-15 13:20 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2017-12-15 13:08 - 2015-11-08 04:26 - 000000000 ____D C:\Intel 2017-12-15 13:08 - 2015-11-08 04:22 - 000000000 ____D C:\ProgramData\Package Cache 2017-12-15 13:07 - 2015-11-08 04:23 - 000000000 ____D C:\ProgramData\Intel 2017-12-15 13:07 - 2015-11-08 04:23 - 000000000 ____D C:\Program Files (x86)\Intel 2017-12-15 13:06 - 2015-11-08 04:23 - 000000000 ____D C:\Program Files\Intel 2017-12-15 13:02 - 2015-11-08 04:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2017-12-15 12:46 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2017-12-15 12:31 - 2013-08-22 14:25 - 000000167 _____ C:\Windows\win.ini 2017-12-15 11:42 - 2014-11-21 17:49 - 000000000 ___SD C:\Windows\system32\CompatTel 2017-12-15 11:42 - 2014-11-21 09:37 - 000000000 ____D C:\Windows\ShellNew 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ToastData 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\setup 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\en-GB 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\setup 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Windows Defender 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-12-15 11:42 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2017-12-15 11:42 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe 2017-12-15 11:42 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2017-12-15 08:52 - 2015-12-19 10:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Works 2017-12-15 07:12 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness 2017-12-15 07:11 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-14 22:17 - 2015-12-21 09:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-12-14 22:16 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\AppLocker 2017-12-14 21:55 - 2015-11-08 04:17 - 002056790 _____ C:\Windows\WindowsUpdate.log.bak 2017-12-14 21:52 - 2015-12-21 09:02 - 000001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-12-14 21:49 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Catroot2.bak 2017-12-14 21:33 - 2015-11-08 04:35 - 000000000 ____D C:\ProgramData\McAfee 2017-12-14 21:25 - 2015-12-21 09:02 - 000000000 ____D C:\Users\NB-EDOARDO\AppData\Roaming\Mozilla 2017-12-14 21:23 - 2015-12-21 09:03 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-12-14 21:00 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\ELAMBKUP 2017-12-14 21:00 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\ELAM 2017-12-14 19:56 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\SysWOW64\winrm 2017-12-14 19:56 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\SysWOW64\slmgr 2017-12-14 19:56 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\WinStore 2017-12-14 19:56 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2017-12-14 19:56 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\System 2017-12-14 19:56 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2017-12-14 19:56 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\oobe 2017-12-14 19:56 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\servicing 2017-12-14 19:55 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\SysWOW64\WCN 2017-12-14 19:55 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2017-12-14 19:55 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\system32\winrm 2017-12-14 19:55 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\system32\WCN 2017-12-14 19:55 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\system32\slmgr 2017-12-14 19:55 - 2014-11-21 09:08 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2017-12-14 19:55 - 2013-08-22 16:36 - 000000000 ___SD C:\Windows\system32\dsc 2017-12-14 19:55 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2017-12-14 19:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2017-12-14 19:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\migwiz 2017-12-14 19:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Help 2017-12-14 19:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\FileManager 2017-12-14 19:24 - 2016-06-25 13:02 - 000002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-12-07 18:28 - 2015-12-21 09:11 - 000000000 ____D C:\Users\NB-EDOARDO\AppData\Roaming\PCDr 2017-12-07 18:10 - 2017-11-04 13:53 - 000000000 ____D C:\ProgramData\SupportAssist 2017-11-25 16:18 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF 2017-11-24 20:20 - 2015-12-21 09:04 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-11-24 20:16 - 2015-11-08 04:33 - 000000000 ____D C:\ProgramData\PCDr 2017-11-24 19:05 - 2016-06-25 12:59 - 000003582 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2017-11-24 19:05 - 2016-06-25 12:59 - 000003454 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2016-06-25 12:54 - 2016-06-25 13:05 - 000183296 _____ () C:\Users\NB-EDOARDO\AppData\Roaming\cookies.sqlite Some files in TEMP: ==================== 2016-09-13 21:53 - 2016-09-13 21:53 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\NB-EDOARDO\AppData\Local\Temp\COMAP.EXE 2015-12-19 10:25 - 2006-10-27 23:14 - 000145184 ____R (Microsoft Corporation) C:\Users\NB-EDOARDO\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-12-18 15:06 ==================== End of FRST.txt ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2017 Ran by NB-EDOARDO (18-12-2017 15:24:43) Running from C:\Users\NB-EDOARDO\Downloads Windows 8.1 Pro (Update) (X64) (2015-12-18 14:27:58) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-24668139-476789873-1974145459-500 - Administrator - Disabled) Guest (S-1-5-21-24668139-476789873-1974145459-501 - Limited - Disabled) NB-EDOARDO (S-1-5-21-24668139-476789873-1974145459-1001 - Administrator - Enabled) => C:\Users\NB-EDOARDO ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated) Aggiornamenti NVIDIA 17.12.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 17.12.8 - NVIDIA Corporation) Hidden AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.8.3036 - AVG Technologies) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: - Dell Inc.) Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: - Dell Inc.) Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.) Dell Power Manager Lite (HKLM-x32\...\{BF1F9D57-57A1-4E87-A8E8-41F2B2AD6F53}) (Version: - Compal Inc.) Hidden Dell Power Manager Lite (HKLM-x32\...\InstallShield_{BF1F9D57-57A1-4E87-A8E8-41F2B2AD6F53}) (Version: - Compal Inc.) Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell) Dell SupportAssistAgent (HKLM\...\{4015CD01-07AB-4354-9E43-E63DFAB5A6A2}) (Version: - Dell) Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: - Dell Inc.) Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: - Dropbox, Inc.) FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: - Google Inc.) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation) Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.5073.103 - Waves Audio Ltd.) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft) Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft) Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Mozilla Firefox 57.0.2 (x64 it) (HKLM\...\Mozilla Firefox 57.0.2 (x64 it)) (Version: 57.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: - Mozilla) NVIDIA Driver grafico 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Pannello di controllo NVIDIA 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 347.52 - NVIDIA Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39060 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.) Software Intel® PROSet/Wireless (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation) Software per periferiche con chipset Intel® (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) True Color (HKLM\...\{005C8367-52D6-4642-A920-DBB9320708F0}) (Version: - Entertainment Experience LLC) Hidden True Color (HKLM-x32\...\{f166c3b1-4877-430c-9ecd-7d7e237b3dd9}) (Version: - Entertainment Experience) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS) ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS) ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-12-07] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-08] (Cyberlink) ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-05-08] (Cyberlink) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-04] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-05] (NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-12-07] (AVG Technologies CZ, s.r.o.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A339FEA-FC09-4138-A08A-CDE8FCF36014} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-29] (CyberLink Corp.) Task: {19D9ACEA-B67A-4E8B-99FF-E14881FDC3B0} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {1C04364B-840C-4EAE-A306-2A749260AE4F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.) Task: {212BA022-F37D-4E14-A1DE-81F6A658BBA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-25] (Google Inc.) Task: {291BBE3D-8632-4CF7-B872-5CDCC1EAA3B9} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-11-30] (Dell Inc.) Task: {3783CF66-45CE-4B39-91CB-9BCAEEDE61BD} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.) Task: {386DC1C8-69F1-49F9-B238-189F1AE67A9C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {695A5FCE-CAC9-47B5-8C07-4C31AAEDD58F} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-04] (Realtek Semiconductor) Task: {6ECF3434-DF64-4009-8F11-D6A4BE97CB18} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2015-05-07] (CyberLink) Task: {744ED635-E6BD-4894-898E-17C0FD0CAA08} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-12-07] (AVG Technologies CZ, s.r.o.) Task: {9F6B6116-9500-46D7-A452-78669AA7B93E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated) Task: {A01D8EFA-1CAA-4DDC-ABCA-C46EA9C9E190} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-11-30] (Dell Inc.) Task: {A9890ADF-D437-4FF5-B6CC-92F339B2C8DC} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {B76033F2-FD4B-4FC1-8202-A219CEE067FD} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) Task: {E08CEDBF-EE64-423C-BC70-14456977F8F2} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {E5AD18A2-DF06-4A9B-9421-568229C84812} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation) Task: {E8C5ED30-8E1F-4D2B-B10C-5C2AD85C1492} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {F4110BF1-1151-4AC4-BF76-8BB0432E070C} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe [2015-12-19] () <==== ATTENTION Task: {F954CD76-BD31-44FE-BAE4-FB80E9093FE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-25] (Google Inc.) Task: {FF5D0E83-9EAE-4DFD-ACF3-48BDAB9D2CE1} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-11-14 22:51 - 2014-11-14 22:51 - 000466432 _____ () C:\Windows\system32\DPPPlugin.dll 2015-11-08 04:28 - 2015-02-05 20:07 - 000117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-11-08 04:21 - 2014-04-15 01:59 - 000253776 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2015-04-29 13:56 - 2015-04-29 13:56 - 000093072 _____ () C:\Program Files\TrueColor\TrueColorALS.exe 2015-11-08 05:37 - 2016-11-04 11:05 - 000401912 _____ () C:\Windows\system32\igfxTray.exe 2016-12-21 09:24 - 2016-12-21 09:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll 2015-03-16 18:28 - 2015-03-16 18:28 - 000155528 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll 2014-10-10 16:37 - 2014-10-10 16:37 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2017-12-07 18:23 - 2017-12-07 18:16 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2017-12-07 18:33 - 2017-12-07 18:33 - 000168216 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll 2017-12-07 18:33 - 2017-12-07 18:33 - 000060160 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll 2017-12-07 18:33 - 2017-12-07 18:33 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll 2017-12-07 18:33 - 2017-12-07 18:33 - 000238928 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll 2017-12-07 18:33 - 2017-12-07 18:33 - 000245704 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll 2015-11-08 04:19 - 2014-12-08 08:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll 2014-12-08 22:28 - 2014-12-08 22:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll 2015-11-08 04:34 - 2015-01-27 17:26 - 001905904 ____N () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll 2015-11-08 04:34 - 2012-11-26 05:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll 2015-11-08 04:33 - 2014-02-18 21:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-24668139-476789873-1974145459-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\NB-EDOARDO\AppData\Roaming\Microsoft\Windows Photo Viewer\Sfondo del Visualizzatore foto di Windows.jpg DNS Servers: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "RtHDVBg_MAXX6" HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "BTMTrayAgent" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "TrueColor UI" HKU\S-1-5-21-24668139-476789873-1974145459-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-24668139-476789873-1974145459-1001\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{6C2B5E03-2CDE-426E-AAFF-D5BB1612B9FA}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDirector12\PDR10.EXE FirewallRules: [{8027B575-2074-480B-A4CD-A5E4CD42CFD7}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{57F918EE-9BBD-4316-9AEE-780FA8E4E2B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{43E3C3AE-1854-46ED-A149-02B3BF668C18}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{33A47FE3-536C-4645-8A6A-652C082F0B87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{478A0810-0EC4-4013-BE8F-95C7144D7CE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{C192A250-8C30-48C2-B3CC-A671EB583B36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F5026628-02BD-4967-B1B2-8C8D3CD62BB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{D473D51A-A700-47E1-97A9-5163483BC77B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{43B7E750-9D54-477C-A997-3B1EE1145FC9}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe FirewallRules: [{0FA48CCD-0AAE-4410-B87E-38E80717A5EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3C362461-8FAE-4AFC-9EB0-95A5736578B8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{F7EB34C3-58A3-40B7-AAD7-853DC685244F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B6AFD3A0-9087-4244-A065-70B4ED99B210}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{701172F0-F57C-4E97-BB20-970EA3E153B8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{C4364F47-D38F-4286-9028-051EA595567A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{86290B56-4D52-4671-90F7-2669C93ABAE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe FirewallRules: [{79E294A8-EB28-4AB7-93BD-4D38120489B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe FirewallRules: [{C23737F2-36DA-4CBD-90A3-333473302BD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{748E9CD7-6300-4992-8C0F-AE04C791D28A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{CD4CE14B-3D1E-4C38-B1BA-D4E401882536}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe FirewallRules: [{7FF15E32-7A14-47D0-B45E-DD7F2AA89592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe FirewallRules: [{08F2696F-FADD-4FFB-8D95-B5D9F8990F49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{46C3AB2E-3160-4CC9-B2D1-D4D5DB519002}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{7751A89F-4999-4553-8E33-0756DDD3D66F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{67286441-2A46-4641-9581-F1128EF34281}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{D45D5D42-9A8A-4248-A830-D5238B6DB857}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{2E3481AA-0A1C-4D63-92BF-8296DF4454B2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [TCP Query User{7C255C9A-4B92-4468-AEF6-64CAD4F9885C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{991E1DA8-8046-4048-86A9-074A66D6D7D8}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe ==================== Restore Points ========================= 14-12-2017 19:28:22 Windows Update 18-12-2017 12:01:33 Dell Update: Realtek High Definition Audio Codec Driver ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/18/2017 11:59:52 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 12fc Start Time: 01d377ee95a8803a Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 909237b6-e3e2-11e7-827c-780cb88dc40c Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (12/16/2017 10:05:30 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005). Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY) Description: Event filter with query "select * from MSFT_SCMEventLogEvent" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041033. Events cannot be delivered through this filter until the problem is corrected. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider $Core attempted to register query "select * from __TimerEvent" whose target class "__TimerEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider $Core attempted to register query "select * from __SystemEvent" whose target class "__SystemEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider $Core attempted to register query "select * from __NamespaceOperationEvent" whose target class "__NamespaceOperationEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider $Core attempted to register query "select * from __ClassOperationEvent" whose target class "__ClassOperationEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider $Core attempted to register query "select * from __InstanceOperationEvent" whose target class "__InstanceOperationEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider RegistryEventProvider attempted to register query "select * from RegistryEvent" whose target class "RegistryEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. Error: (12/16/2017 01:56:58 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY) Description: Event provider RouteEventProvider attempted to register query "select * from Win32_IP4RouteTableEvent" whose target class "Win32_IP4RouteTableEvent" in //./root/CIMV2 namespace does not exist. The query will be ignored. System errors: ============= Error: (12/18/2017 02:55:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The tzcast service terminated with the following error: The system cannot find the file specified. Error: (12/18/2017 12:21:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/18/2017 12:21:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (12/18/2017 12:16:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The tzcast service terminated with the following error: A dynamic link library (DLL) initialisation routine failed. Error: (12/18/2017 11:58:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Digital Delivery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/18/2017 11:58:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect. Error: (12/18/2017 11:57:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Foundation Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/18/2017 11:57:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Foundation Services service to connect. Error: (12/18/2017 11:57:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Customer Connect service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (12/18/2017 11:57:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Customer Connect service to connect. CodeIntegrity: =================================== Date: 2017-10-21 17:11:07.312 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-10-21 17:11:07.027 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-10 10:42:20.049 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-09 21:50:45.653 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-09 21:50:45.565 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-09 21:44:10.777 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-09 21:44:10.699 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-09 21:25:15.950 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-09 21:25:15.884 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-06 20:48:54.925 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\d3d10_1.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage of memory in use: 26% Total physical RAM: 12198.44 MB Available physical RAM: 8970.05 MB Total Virtual: 14054.44 MB Available Virtual: 10544.04 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:921.29 GB) (Free:834.68 GB) NTFS Drive e: (ESP) (Fixed) (Total:0.48 GB) (Free:0.1 GB) FAT32 Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.45 GB) NTFS Drive y: (PBR Image) (Fixed) (Total:8.84 GB) (Free:0.75 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: ADAE65DF) Partition: GPT. ==================== End of Addition.txt ============================ |
