Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

TDSS Trojan, Security.Hijack, persist after Windows reinstall


  • This topic is locked This topic is locked
8 replies to this topic

#1 Pen_Rich

Pen_Rich

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 04 November 2015 - 12:38 AM

My Windows 10, 64-bit OS, PC was running slowly.  TDSSKiller quarantined the following object:
 
  c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
  AdaptiveSleepService ( UnsignedFile.Multi.Generic )
  KLMD registered as C:\WINDOWS\system32\drivers\43299166.sys
 
I deleted the object, restarted Windows, re-ran TDSSKiller then Malwarebytes Anti-Rootkit BETA, Malwarebytes Anti-Malware and ESET, all of which came up clean.  But the computer was still slow so I tried to reinstall Windows 10 using the built-in option.  The reinstall failed and my computer got stuck in a loop in which it would attempt to load Windows, fail and restart.  All further attempts to reset/refresh/reinstall Windows failed so HP sent me a USB to reinstall Windows 10.  Upon receiving the USB, I "Factory Reset the computer by erasing the entire drive and restoring it to the factory state."  Once Windows started, I was concerned about lingering infection so I installed and ran the same scans mentioned above.  All results were clean except Malwarebytes Anti-Rootkit BETA quarantined the following:
 
  Trojan.Agent       HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe
  Security.Hijack    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe
  Security.Hijack    HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe
  Security.Hijack    HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe
  Trojan.Agent       HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe
  Security.Hijack    HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe
 
I am concerned my computer is still infected because suspicious programs keep installing (and re-installing upon removal) themselves like, "Realtek HD Auido" (note that "Audio" is misspelled in the program name!), "HP Support Assist" from an "unknown" source, and a third-party app called "Voice Recorder".
 
 
FRST.txt report:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Marissa (administrator) on DESKTOP-J47B0P3 (03-11-2015 20:21:29)
Running from C:\Users\Marissa\Downloads
Loaded Profiles: Marissa (Available Profiles: Marissa)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKU\S-1-5-21-1870322798-3462431827-2921590714-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{ee1ac038-d9ba-4ad4-8d97-9f9a3f29b6ef}: [DhcpNameServer] 192.168.15.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1870322798-3462431827-2921590714-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {25381D78-E333-4CCA-BCC2-151EBF252DB0} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
 
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-02] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
 
Chrome: 
=======
CHR Profile: C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Google Search) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02]
CHR Extension: (Gmail) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015936 2015-09-29] (Adobe Systems, Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [18968 2015-07-14] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-14] (Advanced Micro Devices)
S3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-28] (CyberLink Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-07-30] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-07-30] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-07-30] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2015-07-30] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 MFE_RR; C:\Users\Marissa\AppData\Local\Temp\mfe_rr.sys [24120 2015-11-02] (McAfee, Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-11-02] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-13] (Realtek                                            )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-11-02] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-07] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-07] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-11-02] (HP)
S3 RTSUER; \SystemRoot\system32\Drivers\RtsUer.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-03 20:21 - 2015-11-03 20:22 - 00010722 _____ C:\Users\Marissa\Downloads\FRST.txt
2015-11-03 20:19 - 2015-11-03 20:19 - 00016148 _____ C:\Windows\system32\DESKTOP-J47B0P3_Marissa_HistoryPrediction.bin
2015-11-03 20:17 - 2015-11-03 20:17 - 00001856 _____ C:\Users\Marissa\Documents\ads.txt
2015-11-03 19:37 - 2015-11-03 20:21 - 00000000 ____D C:\FRST
2015-11-03 19:33 - 2015-11-03 19:34 - 02198016 _____ (Farbar) C:\Users\Marissa\Downloads\FRST64.exe
2015-11-03 14:59 - 2015-11-03 14:59 - 00003642 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-J47B0P3-Marissa
2015-11-03 14:31 - 2015-11-03 14:31 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-11-03 14:31 - 2015-11-03 14:31 - 00000000 ____D C:\Users\Marissa\Documents\Adobe
2015-11-03 14:24 - 2015-11-03 14:50 - 00000000 ____D C:\Program Files\Adobe
2015-11-03 13:35 - 2015-11-03 20:21 - 00000000 ___RD C:\Users\Marissa\Creative Cloud Files
2015-11-03 13:33 - 2015-11-03 13:33 - 00001269 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-03 13:32 - 2015-11-03 13:33 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-03 13:21 - 2015-11-03 13:21 - 00686768 _____ (Adobe Systems Incorporated) C:\Users\Marissa\Downloads\CreativeCloudSet-Up.exe
2015-11-03 12:26 - 2015-11-03 12:26 - 00000424 _____ C:\Users\Marissa\Documents\PresentationHost . exe.reg
2015-11-03 12:19 - 2015-11-03 12:19 - 72121872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-11-03 12:19 - 2015-11-03 12:19 - 31085611 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-11-03 12:19 - 2015-11-03 12:19 - 04577024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-11-03 12:19 - 2015-11-03 12:19 - 03271912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 02984208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 02946304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 02711296 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-11-03 12:19 - 2015-11-03 12:19 - 01759488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 01435152 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 01331336 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 01122648 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00961024 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00749776 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00645464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00259288 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00195192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00110992 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-11-03 12:19 - 2015-11-03 12:19 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-11-03 12:18 - 2015-11-03 12:18 - 00206536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-03 12:14 - 2015-11-03 12:14 - 00005480 _____ C:\Users\Marissa\Documents\cc_20151103_121452.reg
2015-11-03 12:14 - 2015-11-03 12:14 - 00002588 _____ C:\Users\Marissa\Documents\cc_20151103_121401.reg
2015-11-03 12:13 - 2015-11-03 12:13 - 00007500 _____ C:\Users\Marissa\Documents\cc_20151103_121316.reg
2015-11-03 12:13 - 2015-11-03 12:13 - 00000818 _____ C:\Users\Marissa\Documents\cc_20151103_121334.reg
2015-11-03 12:12 - 2015-11-03 12:12 - 00038524 _____ C:\Users\Marissa\Documents\cc_20151103_121251.reg
2015-11-03 12:12 - 2015-11-03 12:12 - 00018682 _____ C:\Users\Marissa\Documents\cc_20151103_121220.reg
2015-11-03 12:11 - 2015-11-03 12:11 - 00005462 _____ C:\Users\Marissa\Documents\cc_20151103_121128.reg
2015-11-03 12:11 - 2015-11-03 12:11 - 00000442 _____ C:\Users\Marissa\Documents\cc_20151103_121147.reg
2015-11-03 11:54 - 2015-11-03 11:54 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\hpqLog
2015-11-03 11:34 - 2015-11-03 11:34 - 00000000 ____D C:\Users\Marissa\AppData\LocalLow\Adobe
2015-11-03 10:34 - 2015-11-03 12:20 - 00000412 _____ C:\Windows\setupact.log
2015-11-03 10:34 - 2015-11-03 10:34 - 00000000 _____ C:\Windows\setuperr.log
2015-11-03 10:33 - 2015-11-03 12:55 - 00002212 _____ C:\Windows\PFRO.log
2015-11-03 01:27 - 2015-11-03 20:08 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-11-03 00:25 - 2015-11-03 00:25 - 00000000 ____D C:\Users\Marissa\AppData\Local\kingsoft
2015-11-02 23:53 - 2015-11-03 00:41 - 00002348 _____ C:\Windows\System32\Tasks\{6289D36A-2146-4B55-ADED-778CF11D64D5}
2015-11-02 23:53 - 2015-11-02 23:53 - 00000000 ____D C:\Users\Marissa\Pavark
2015-11-02 23:47 - 2015-11-03 00:58 - 00000000 ____D C:\Windows\Minidump
2015-11-02 21:17 - 2015-11-02 21:17 - 00000000 ____D C:\Windows\system32\SleepStudy
2015-11-02 17:03 - 2015-11-03 19:32 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-11-02 17:03 - 2015-11-03 19:32 - 00000000 ____D C:\Program Files\Realtek
2015-11-02 17:03 - 2015-11-02 17:03 - 00000000 ____D C:\Windows\LastGood
2015-11-02 17:02 - 2015-11-02 17:02 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-11-02 16:49 - 2015-11-02 16:49 - 09898752 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-11-02 16:49 - 2015-11-02 16:49 - 00310528 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2015-11-02 16:49 - 2015-11-02 16:49 - 00091904 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2015-11-02 16:49 - 2015-11-02 16:49 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-11-02 15:55 - 2015-11-02 15:55 - 00000000 ____D C:\Users\Marissa\AppData\Local\AMD
2015-11-02 15:55 - 2015-11-02 15:55 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-11-02 15:23 - 2015-11-03 14:59 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-11-02 13:45 - 2015-11-03 13:35 - 00000000 ___RD C:\Users\Marissa\Creative Cloud Files (1)
2015-11-02 12:46 - 2015-11-03 20:21 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-02 12:43 - 2015-11-03 14:23 - 00000000 ____D C:\ProgramData\Adobe
2015-11-02 12:42 - 2015-11-03 14:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-02 12:32 - 2015-11-03 20:21 - 00000000 ____D C:\Users\Marissa\AppData\Local\Adobe
2015-11-02 11:58 - 2015-11-02 11:58 - 00000000 ____D C:\Users\Marissa\AppData\Local\Apps\2.0
2015-11-02 10:57 - 2015-11-02 10:57 - 00000000 ____D C:\Users\Marissa\AppData\Local\Evernote
2015-11-02 04:31 - 2015-11-02 04:31 - 00000000 ____D C:\Users\Marissa\Documents\YouCam
2015-11-02 03:51 - 2015-11-03 12:09 - 00000000 ____D C:\Users\Marissa\Desktop\mbar
2015-11-02 03:51 - 2015-11-03 12:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-02 03:24 - 2015-11-02 03:24 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\CyberLink
2015-11-02 02:30 - 2015-11-03 10:42 - 00002164 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-02 02:30 - 2015-11-02 02:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-02 02:29 - 2015-11-02 02:30 - 00000000 ____D C:\Program Files\CCleaner
2015-11-02 02:12 - 2015-11-02 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-02 02:12 - 2015-11-02 02:12 - 00000000 ____D C:\ProgramData\ESET
2015-11-02 02:12 - 2015-11-02 02:12 - 00000000 ____D C:\Program Files\ESET
2015-11-02 01:48 - 2015-07-05 02:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-02 01:29 - 2015-11-03 16:51 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D1432ECA-06C3-4DDD-9475-2B697D673EEF}
2015-11-02 01:26 - 2015-11-02 01:34 - 00000000 ____D C:\Windows\system32\MRT
2015-11-02 01:25 - 2015-10-02 12:09 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-02 01:24 - 2015-08-02 18:18 - 08613200 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2015-11-02 01:24 - 2015-08-02 17:56 - 06878256 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-11-02 01:23 - 2015-10-27 15:38 - 21871616 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-11-02 01:23 - 2015-10-27 15:16 - 18801664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-11-02 01:23 - 2015-10-21 04:00 - 24595968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-02 01:23 - 2015-10-20 21:13 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-02 01:23 - 2015-10-05 19:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-11-02 01:23 - 2015-10-05 18:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-11-02 01:23 - 2015-09-30 20:00 - 08020320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-02 01:23 - 2015-09-24 20:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-02 01:23 - 2015-09-24 19:56 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-02 01:23 - 2015-09-24 19:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-11-02 01:23 - 2015-09-24 19:26 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-02 01:23 - 2015-09-24 19:09 - 12504064 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-02 01:23 - 2015-09-24 19:02 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-11-02 01:23 - 2015-09-24 19:01 - 04792320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-02 01:23 - 2015-09-24 19:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-11-02 01:23 - 2015-09-24 18:38 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-02 01:23 - 2015-09-24 18:36 - 11262976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-02 01:23 - 2015-09-24 18:36 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-11-02 01:23 - 2015-09-16 22:50 - 02464216 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-11-02 01:23 - 2015-09-16 22:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-11-02 01:23 - 2015-09-16 22:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2015-11-02 01:23 - 2015-09-16 22:48 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-11-02 01:23 - 2015-09-16 22:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2015-11-02 01:23 - 2015-09-16 22:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-11-02 01:23 - 2015-09-16 22:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-11-02 01:23 - 2015-09-16 22:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2015-11-02 01:23 - 2015-09-16 22:28 - 02154808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-11-02 01:23 - 2015-09-16 22:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-11-02 01:23 - 2015-09-16 22:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2015-11-02 01:23 - 2015-09-16 22:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2015-11-02 01:23 - 2015-09-16 21:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-11-02 01:23 - 2015-09-16 21:55 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-02 01:23 - 2015-09-16 21:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2015-11-02 01:23 - 2015-09-16 21:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2015-11-02 01:23 - 2015-09-16 21:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2015-11-02 01:23 - 2015-09-16 21:49 - 02740224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-02 01:23 - 2015-09-16 21:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-11-02 01:23 - 2015-09-16 21:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2015-11-02 01:23 - 2015-09-16 21:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2015-11-02 01:23 - 2015-09-16 21:35 - 02207232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-02 01:23 - 2015-09-16 21:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2015-11-02 01:23 - 2015-08-17 22:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-11-02 01:23 - 2015-08-11 02:04 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-11-02 01:23 - 2015-08-11 01:50 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-11-02 01:23 - 2015-08-11 01:40 - 04048808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-11-02 01:23 - 2015-08-11 01:05 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-11-02 01:23 - 2015-08-11 01:03 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-11-02 01:23 - 2015-08-11 00:43 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-11-02 01:23 - 2015-08-11 00:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-11-02 01:23 - 2015-08-07 22:24 - 02415104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-11-02 01:23 - 2015-07-29 19:49 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-11-02 01:23 - 2015-07-29 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-11-02 01:23 - 2015-07-29 19:15 - 09889792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-11-02 01:23 - 2015-07-29 19:04 - 01714176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-11-02 01:22 - 2015-10-21 04:45 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-02 01:22 - 2015-10-21 04:43 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-11-02 01:22 - 2015-10-21 04:39 - 03621248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-02 01:22 - 2015-10-21 04:00 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-11-02 01:22 - 2015-10-21 03:57 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-11-02 01:22 - 2015-10-21 03:52 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-11-02 01:22 - 2015-10-21 03:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2015-11-02 01:22 - 2015-10-21 03:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-11-02 01:22 - 2015-10-21 03:46 - 02179584 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-11-02 01:22 - 2015-10-21 03:46 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-02 01:22 - 2015-10-21 03:44 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2015-11-02 01:22 - 2015-10-21 03:44 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-11-02 01:22 - 2015-10-21 03:43 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2015-11-02 01:22 - 2015-10-21 03:42 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-11-02 01:22 - 2015-10-21 03:41 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-02 01:22 - 2015-10-21 03:40 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2015-11-02 01:22 - 2015-10-21 03:38 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2015-11-02 01:22 - 2015-10-20 21:53 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-11-02 01:22 - 2015-10-20 21:49 - 02878512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-02 01:22 - 2015-10-20 21:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-11-02 01:22 - 2015-10-20 21:08 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-11-02 01:22 - 2015-10-20 21:05 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-11-02 01:22 - 2015-10-20 21:03 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-02 01:22 - 2015-10-20 20:58 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2015-11-02 01:22 - 2015-10-20 20:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-11-02 01:22 - 2015-10-09 23:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-02 01:22 - 2015-09-30 20:01 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-02 01:22 - 2015-09-30 20:01 - 01123400 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-02 01:22 - 2015-09-30 20:01 - 01018568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-02 01:22 - 2015-09-30 20:01 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-02 01:22 - 2015-09-30 19:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-11-02 01:22 - 2015-09-24 20:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-11-02 01:22 - 2015-09-24 19:52 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2015-11-02 01:22 - 2015-09-24 19:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-11-02 01:22 - 2015-09-24 19:04 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-02 01:22 - 2015-09-24 19:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-11-02 01:22 - 2015-09-24 19:03 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-02 01:22 - 2015-09-24 19:02 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-02 01:22 - 2015-09-24 19:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-11-02 01:22 - 2015-09-24 19:00 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-11-02 01:22 - 2015-09-24 19:00 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-11-02 01:22 - 2015-09-24 19:00 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-11-02 01:22 - 2015-09-24 19:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-11-02 01:22 - 2015-09-24 18:59 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-11-02 01:22 - 2015-09-24 18:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-11-02 01:22 - 2015-09-24 18:59 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-11-02 01:22 - 2015-09-24 18:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-11-02 01:22 - 2015-09-24 18:59 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-11-02 01:22 - 2015-09-24 18:58 - 01871360 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-02 01:22 - 2015-09-24 18:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-11-02 01:22 - 2015-09-24 18:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-11-02 01:22 - 2015-09-24 18:38 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-02 01:22 - 2015-09-24 18:38 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-02 01:22 - 2015-09-24 18:37 - 00766976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-02 01:22 - 2015-09-24 18:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-11-02 01:22 - 2015-09-24 18:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-11-02 01:22 - 2015-09-24 18:34 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-11-02 01:22 - 2015-09-24 18:34 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-11-02 01:22 - 2015-09-24 18:34 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-11-02 01:22 - 2015-09-24 18:34 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-11-02 01:22 - 2015-09-24 18:34 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-11-02 01:22 - 2015-09-24 18:32 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-11-02 01:22 - 2015-09-24 18:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-11-02 01:22 - 2015-09-16 22:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-11-02 01:22 - 2015-09-16 22:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2015-11-02 01:22 - 2015-09-16 22:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-11-02 01:22 - 2015-09-16 22:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-11-02 01:22 - 2015-09-16 22:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-11-02 01:22 - 2015-09-16 22:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-11-02 01:22 - 2015-09-16 22:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2015-11-02 01:22 - 2015-09-16 22:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-11-02 01:22 - 2015-09-16 22:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-11-02 01:22 - 2015-09-16 22:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-11-02 01:22 - 2015-09-16 22:48 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-11-02 01:22 - 2015-09-16 22:44 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-11-02 01:22 - 2015-09-16 22:43 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-11-02 01:22 - 2015-09-16 22:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2015-11-02 01:22 - 2015-09-16 22:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-11-02 01:22 - 2015-09-16 22:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-11-02 01:22 - 2015-09-16 22:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-11-02 01:22 - 2015-09-16 22:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2015-11-02 01:22 - 2015-09-16 22:26 - 02446648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-11-02 01:22 - 2015-09-16 22:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2015-11-02 01:22 - 2015-09-16 22:26 - 00646672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-11-02 01:22 - 2015-09-16 22:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-11-02 01:22 - 2015-09-16 22:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-11-02 01:22 - 2015-09-16 22:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-11-02 01:22 - 2015-09-16 22:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-11-02 01:22 - 2015-09-16 22:20 - 00764416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-11-02 01:22 - 2015-09-16 22:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2015-11-02 01:22 - 2015-09-16 22:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2015-11-02 01:22 - 2015-09-16 22:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2015-11-02 01:22 - 2015-09-16 22:06 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2015-11-02 01:22 - 2015-09-16 22:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2015-11-02 01:22 - 2015-09-16 22:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2015-11-02 01:22 - 2015-09-16 22:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2015-11-02 01:22 - 2015-09-16 22:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2015-11-02 01:22 - 2015-09-16 22:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2015-11-02 01:22 - 2015-09-16 22:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2015-11-02 01:22 - 2015-09-16 21:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2015-11-02 01:22 - 2015-09-16 21:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2015-11-02 01:22 - 2015-09-16 21:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2015-11-02 01:22 - 2015-09-16 21:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2015-11-02 01:22 - 2015-09-16 21:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2015-11-02 01:22 - 2015-09-16 21:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2015-11-02 01:22 - 2015-09-16 21:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2015-11-02 01:22 - 2015-09-16 21:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2015-11-02 01:22 - 2015-09-16 21:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-11-02 01:22 - 2015-09-16 21:55 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2015-11-02 01:22 - 2015-09-16 21:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2015-11-02 01:22 - 2015-09-16 21:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2015-11-02 01:22 - 2015-09-16 21:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-11-02 01:22 - 2015-09-16 21:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2015-11-02 01:22 - 2015-09-16 21:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-11-02 01:22 - 2015-09-16 21:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-11-02 01:22 - 2015-09-16 21:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-11-02 01:22 - 2015-09-16 21:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-11-02 01:22 - 2015-09-16 21:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-11-02 01:22 - 2015-09-16 21:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2015-11-02 01:22 - 2015-09-16 21:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2015-11-02 01:22 - 2015-09-16 21:49 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-11-02 01:22 - 2015-09-16 21:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2015-11-02 01:22 - 2015-09-16 21:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2015-11-02 01:22 - 2015-09-16 21:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2015-11-02 01:22 - 2015-09-16 21:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2015-11-02 01:22 - 2015-09-16 21:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2015-11-02 01:22 - 2015-09-16 21:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2015-11-02 01:22 - 2015-09-16 21:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2015-11-02 01:22 - 2015-09-16 21:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2015-11-02 01:22 - 2015-09-16 21:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2015-11-02 01:22 - 2015-09-16 21:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2015-11-02 01:22 - 2015-09-16 21:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-11-02 01:22 - 2015-09-16 21:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2015-11-02 01:22 - 2015-09-16 21:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2015-11-02 01:22 - 2015-09-16 21:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2015-11-02 01:22 - 2015-09-16 21:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2015-11-02 01:22 - 2015-09-16 21:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-11-02 01:22 - 2015-09-16 21:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2015-11-02 01:22 - 2015-09-16 21:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2015-11-02 01:22 - 2015-09-16 21:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-11-02 01:22 - 2015-09-16 21:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-11-02 01:22 - 2015-09-16 21:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-11-02 01:22 - 2015-09-16 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2015-11-02 01:22 - 2015-09-16 21:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2015-11-02 01:22 - 2015-09-16 21:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-11-02 01:22 - 2015-09-16 21:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-11-02 01:22 - 2015-09-16 21:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2015-11-02 01:22 - 2015-09-16 21:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2015-11-02 01:22 - 2015-09-16 21:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-11-02 01:22 - 2015-09-16 21:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2015-11-02 01:22 - 2015-09-16 21:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2015-11-02 01:22 - 2015-09-16 21:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-11-02 01:22 - 2015-09-16 21:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-11-02 01:22 - 2015-09-16 21:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2015-11-02 01:22 - 2015-09-16 21:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2015-11-02 01:22 - 2015-09-16 21:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-11-02 01:22 - 2015-09-16 21:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2015-11-02 01:22 - 2015-09-16 21:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-11-02 01:22 - 2015-09-16 21:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-11-02 01:22 - 2015-09-16 21:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2015-11-02 01:22 - 2015-09-16 21:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2015-11-02 01:22 - 2015-09-16 21:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-11-02 01:22 - 2015-09-16 21:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2015-11-02 01:22 - 2015-09-16 21:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2015-11-02 01:22 - 2015-08-26 22:32 - 00608936 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2015-11-02 01:22 - 2015-08-26 21:54 - 00541248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2015-11-02 01:22 - 2015-08-26 21:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-11-02 01:22 - 2015-08-26 21:51 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-11-02 01:22 - 2015-08-26 21:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-11-02 01:22 - 2015-08-26 21:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-11-02 01:22 - 2015-08-26 21:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-11-02 01:22 - 2015-08-26 21:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2015-11-02 01:22 - 2015-08-26 21:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-11-02 01:22 - 2015-08-26 21:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-11-02 01:22 - 2015-08-26 21:16 - 02153472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-11-02 01:22 - 2015-08-26 21:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-11-02 01:22 - 2015-08-26 21:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-11-02 01:22 - 2015-08-26 21:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-11-02 01:22 - 2015-08-19 22:06 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-11-02 01:22 - 2015-08-19 21:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2015-11-02 01:22 - 2015-08-17 23:55 - 00373072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-11-02 01:22 - 2015-08-17 23:13 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2015-11-02 01:22 - 2015-08-17 23:13 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2015-11-02 01:22 - 2015-08-17 22:59 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2015-11-02 01:22 - 2015-08-17 22:58 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2015-11-02 01:22 - 2015-08-17 22:56 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2015-11-02 01:22 - 2015-08-17 22:54 - 00247296 _____ C:\Windows\system32\facecredentialprovider.dll
2015-11-02 01:22 - 2015-08-17 22:49 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-11-02 01:22 - 2015-08-17 22:49 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2015-11-02 01:22 - 2015-08-17 22:29 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-11-02 01:22 - 2015-08-17 20:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2015-11-02 01:22 - 2015-08-11 02:04 - 01087296 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-11-02 01:22 - 2015-08-11 02:02 - 00292856 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2015-11-02 01:22 - 2015-08-11 01:52 - 00993104 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-11-02 01:22 - 2015-08-11 01:40 - 00918320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-11-02 01:22 - 2015-08-11 01:37 - 00243800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2015-11-02 01:22 - 2015-08-11 01:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2015-11-02 01:22 - 2015-08-11 01:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2015-11-02 01:22 - 2015-08-11 01:14 - 00404480 _____ C:\Windows\system32\diagtrack_wininternal.dll
2015-11-02 01:22 - 2015-08-11 01:13 - 00413184 _____ C:\Windows\system32\diagtrack_win.dll
2015-11-02 01:22 - 2015-08-11 01:11 - 02446336 _____ C:\Windows\system32\InputService.dll
2015-11-02 01:22 - 2015-08-11 01:10 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2015-11-02 01:22 - 2015-08-11 01:08 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2015-11-02 01:22 - 2015-08-11 01:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-11-02 01:22 - 2015-08-11 01:05 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\LocationPermissions.dll
2015-11-02 01:22 - 2015-08-11 01:00 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-11-02 01:22 - 2015-08-11 00:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-11-02 01:22 - 2015-08-11 00:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2015-11-02 01:22 - 2015-08-11 00:51 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2015-11-02 01:22 - 2015-08-11 00:50 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2015-11-02 01:22 - 2015-08-11 00:48 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2015-11-02 01:22 - 2015-08-07 22:24 - 01679360 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-11-02 01:22 - 2015-08-07 22:00 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-11-02 01:22 - 2015-08-05 19:17 - 00237392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2015-11-02 01:22 - 2015-08-05 19:17 - 00200528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2015-11-02 01:22 - 2015-08-05 18:22 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2015-11-02 01:22 - 2015-08-04 20:00 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2015-11-02 01:22 - 2015-08-04 19:39 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2015-11-02 01:22 - 2015-08-03 20:07 - 00102752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-11-02 01:22 - 2015-08-03 19:23 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2015-11-02 01:22 - 2015-08-02 18:32 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2015-11-02 01:22 - 2015-08-02 18:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2015-11-02 01:22 - 2015-08-02 18:12 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-11-02 01:22 - 2015-08-02 17:49 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-11-02 01:22 - 2015-08-02 17:30 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_UserAccount.dll
2015-11-02 01:22 - 2015-08-02 17:23 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2015-11-02 01:22 - 2015-08-02 17:18 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2015-11-02 01:22 - 2015-08-02 17:15 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2015-11-02 01:22 - 2015-08-02 17:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2015-11-02 01:22 - 2015-08-02 17:15 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2015-11-02 01:22 - 2015-08-02 17:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2015-11-02 01:22 - 2015-08-02 17:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2015-11-02 01:22 - 2015-08-02 17:03 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2015-11-02 01:22 - 2015-08-02 16:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2015-11-02 01:22 - 2015-07-29 22:23 - 00527952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-11-02 01:22 - 2015-07-29 22:21 - 00816576 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-11-02 01:22 - 2015-07-29 22:17 - 01200400 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-02 01:22 - 2015-07-29 22:17 - 01025840 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-11-02 01:22 - 2015-07-29 22:16 - 02147080 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-11-02 01:22 - 2015-07-29 22:14 - 00333168 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2015-11-02 01:22 - 2015-07-29 22:06 - 01043872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-11-02 01:22 - 2015-07-29 22:03 - 02116448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-11-02 01:22 - 2015-07-29 21:24 - 00252768 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2015-11-02 01:22 - 2015-07-29 20:29 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-02 01:22 - 2015-07-29 20:26 - 01867160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-11-02 01:22 - 2015-07-29 20:26 - 00877016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-11-02 01:22 - 2015-07-29 20:25 - 00713312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-11-02 01:22 - 2015-07-29 20:24 - 00445240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-11-02 01:22 - 2015-07-29 20:24 - 00285632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2015-11-02 01:22 - 2015-07-29 20:12 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2015-11-02 01:22 - 2015-07-29 20:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2015-11-02 01:22 - 2015-07-29 19:52 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2015-11-02 01:22 - 2015-07-29 19:46 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2015-11-02 01:22 - 2015-07-29 19:44 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-11-02 01:22 - 2015-07-29 19:44 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2015-11-02 01:22 - 2015-07-29 19:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-11-02 01:22 - 2015-07-29 19:29 - 00654848 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2015-11-02 01:22 - 2015-07-29 19:06 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2015-11-02 01:22 - 2015-07-29 18:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2015-11-02 01:21 - 2015-11-02 01:21 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Marissa\Downloads\tdsskiller.exe
2015-11-02 01:21 - 2015-10-21 04:44 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-11-02 01:21 - 2015-10-21 03:59 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2015-11-02 01:21 - 2015-10-21 03:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-02 01:21 - 2015-10-20 21:03 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-11-02 01:21 - 2015-10-20 20:55 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2015-11-02 01:21 - 2015-09-24 19:11 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-11-02 01:21 - 2015-09-24 19:11 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-11-02 01:21 - 2015-09-24 19:04 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-11-02 01:21 - 2015-09-24 18:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-11-02 01:21 - 2015-09-24 18:38 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-11-02 01:21 - 2015-09-24 18:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-11-02 01:21 - 2015-09-18 21:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2015-11-02 01:21 - 2015-09-16 22:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-11-02 01:21 - 2015-09-16 22:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-11-02 01:21 - 2015-09-16 22:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-02 01:21 - 2015-09-16 22:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-11-02 01:21 - 2015-09-16 22:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2015-11-02 01:21 - 2015-09-16 22:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-11-02 01:21 - 2015-09-16 22:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2015-11-02 01:21 - 2015-09-16 22:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2015-11-02 01:21 - 2015-09-16 22:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2015-11-02 01:21 - 2015-09-16 22:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2015-11-02 01:21 - 2015-09-16 22:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2015-11-02 01:21 - 2015-09-16 22:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2015-11-02 01:21 - 2015-09-16 22:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2015-11-02 01:21 - 2015-09-16 22:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2015-11-02 01:21 - 2015-09-16 22:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2015-11-02 01:21 - 2015-09-16 22:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-11-02 01:21 - 2015-09-16 21:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2015-11-02 01:21 - 2015-09-16 21:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2015-11-02 01:21 - 2015-09-16 21:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2015-11-02 01:21 - 2015-09-16 21:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-11-02 01:21 - 2015-09-16 21:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-11-02 01:21 - 2015-09-16 21:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-11-02 01:21 - 2015-09-16 21:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-11-02 01:21 - 2015-09-16 21:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-11-02 01:21 - 2015-09-16 21:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2015-11-02 01:21 - 2015-09-16 21:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2015-11-02 01:21 - 2015-09-16 21:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2015-11-02 01:21 - 2015-09-16 21:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2015-11-02 01:21 - 2015-09-16 21:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2015-11-02 01:21 - 2015-09-16 21:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2015-11-02 01:21 - 2015-09-16 21:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2015-11-02 01:21 - 2015-09-16 21:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2015-11-02 01:21 - 2015-09-16 21:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2015-11-02 01:21 - 2015-09-16 21:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2015-11-02 01:21 - 2015-09-16 21:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2015-11-02 01:21 - 2015-09-16 21:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2015-11-02 01:21 - 2015-09-16 21:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2015-11-02 01:21 - 2015-09-16 21:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-11-02 01:21 - 2015-09-16 21:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2015-11-02 01:21 - 2015-08-26 21:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-11-02 01:21 - 2015-08-26 21:08 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-11-02 01:21 - 2015-08-19 21:21 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2015-11-02 01:21 - 2015-08-17 23:04 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-11-02 01:21 - 2015-08-17 22:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2015-11-02 01:21 - 2015-08-17 22:58 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2015-11-02 01:21 - 2015-08-17 22:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-11-02 01:21 - 2015-08-17 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2015-11-02 01:21 - 2015-08-17 22:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2015-11-02 01:21 - 2015-08-17 22:54 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2015-11-02 01:21 - 2015-08-17 22:49 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2015-11-02 01:21 - 2015-08-17 22:36 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2015-11-02 01:21 - 2015-08-17 22:35 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2015-11-02 01:21 - 2015-08-17 22:35 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2015-11-02 01:21 - 2015-08-17 22:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2015-11-02 01:21 - 2015-08-17 22:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2015-11-02 01:21 - 2015-08-11 02:03 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-11-02 01:21 - 2015-08-11 02:02 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2015-11-02 01:21 - 2015-08-11 01:26 - 00845664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-11-02 01:21 - 2015-08-11 01:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2015-11-02 01:21 - 2015-08-11 01:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2015-11-02 01:21 - 2015-08-11 01:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2015-11-02 01:21 - 2015-08-11 01:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2015-11-02 01:21 - 2015-08-11 00:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2015-11-02 01:21 - 2015-08-11 00:59 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-11-02 01:21 - 2015-08-11 00:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2015-11-02 01:21 - 2015-08-11 00:50 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2015-11-02 01:21 - 2015-08-11 00:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2015-11-02 01:21 - 2015-08-11 00:39 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-11-02 01:21 - 2015-08-11 00:38 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2015-11-02 01:21 - 2015-08-07 23:29 - 01822280 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-02 01:21 - 2015-08-07 23:01 - 01533496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-02 01:21 - 2015-08-02 18:18 - 00594472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2015-11-02 01:21 - 2015-08-02 18:18 - 00046432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2015-11-02 01:21 - 2015-08-02 18:17 - 00052264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2015-11-02 01:21 - 2015-08-02 17:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2015-11-02 01:21 - 2015-08-02 17:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2015-11-02 01:21 - 2015-08-02 17:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-11-02 01:21 - 2015-08-02 17:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-11-02 01:21 - 2015-08-02 17:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-11-02 01:21 - 2015-07-29 22:15 - 00632168 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-11-02 01:21 - 2015-07-29 20:22 - 00896144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-11-02 01:21 - 2015-07-29 20:22 - 00507696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-11-02 01:21 - 2015-07-29 19:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2015-11-02 01:21 - 2015-07-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-02 01:21 - 2015-07-29 19:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2015-11-02 01:21 - 2015-07-29 19:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-11-02 01:21 - 2015-07-29 19:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\VoiceActivationManager.dll
2015-11-02 01:21 - 2015-07-29 19:41 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2015-11-02 01:21 - 2015-07-29 19:38 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2015-11-02 01:21 - 2015-07-29 19:07 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2015-11-02 01:21 - 2015-07-29 19:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2015-11-02 01:21 - 2015-07-29 19:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoiceActivationManager.dll
2015-11-02 01:20 - 2015-11-02 01:20 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Macromedia
2015-11-02 01:19 - 2015-11-02 01:19 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2015-11-02 01:19 - 2015-11-02 01:19 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2015-11-02 01:13 - 2015-11-03 20:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-02 01:13 - 2015-11-03 11:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-02 01:13 - 2015-11-02 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-02 01:13 - 2015-11-02 01:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-02 01:13 - 2015-11-02 01:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-02 01:13 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-02 01:13 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-02 01:10 - 2015-11-03 00:24 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\kingsoft
2015-11-02 01:10 - 2015-11-02 03:50 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Marissa\Downloads\mbar-1.09.3.1001.exe
2015-11-02 01:06 - 2015-11-02 01:06 - 04629744 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-11-02 01:05 - 2015-11-02 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-02 01:04 - 2015-11-02 01:04 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-11-02 01:04 - 2015-11-02 01:04 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-11-02 01:04 - 2015-11-02 01:04 - 00042184 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-11-02 01:00 - 2015-11-03 10:34 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-02 01:00 - 2015-11-03 10:34 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 01:00 - 2015-11-03 00:41 - 00003504 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-02 01:00 - 2015-11-03 00:41 - 00003280 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-02 01:00 - 2015-11-02 01:05 - 00000000 ____D C:\Users\Marissa\AppData\Local\Google
2015-11-02 01:00 - 2015-11-02 01:05 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-02 00:59 - 2015-11-02 00:59 - 39731728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 30783520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 25329680 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 22336032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 15734304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 14319648 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 10288368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 09429368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 08950512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 08087568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 07744400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 07555672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 06496264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 05085728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-11-02 00:59 - 2015-11-02 00:59 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-11-02 00:59 - 2015-11-02 00:59 - 01238224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 01204784 _____ C:\Windows\system32\amdocl_as64.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 01080864 _____ C:\Windows\system32\amdocl_ld64.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 01014304 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00944152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00944152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00833800 _____ C:\Windows\system32\amdicdxx.dat
2015-11-02 00:59 - 2015-11-02 00:59 - 00816176 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00662032 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-11-02 00:59 - 2015-11-02 00:59 - 00662032 _____ C:\Windows\system32\atiapfxx.blb
2015-11-02 00:59 - 2015-11-02 00:59 - 00484176 _____ C:\Windows\system32\amdmiracast.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00459800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00384536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00350232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00315104 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-11-02 00:59 - 2015-11-02 00:59 - 00252440 _____ C:\Windows\system32\clinfo.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00222240 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00209936 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00208912 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00177688 _____ C:\Windows\system32\atieah64.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00177344 _____ C:\Windows\system32\ativce03.dat
2015-11-02 00:59 - 2015-11-02 00:59 - 00175648 _____ C:\Windows\system32\amde31a.dat
2015-11-02 00:59 - 2015-11-02 00:59 - 00163608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00161312 _____ C:\Windows\SysWOW64\atieah32.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00159264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00153608 _____ C:\Windows\system32\amdhdl64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00153104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00148400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00146448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00141528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00140832 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00131104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00127440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00123648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00120352 _____ C:\Windows\system32\hsa-thunk64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00120080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00119840 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00110624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00106520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00103968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00100816 _____ C:\Windows\system32\ativce02.dat
2015-11-02 00:59 - 2015-11-02 00:59 - 00099104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00098336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00097584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00092704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00092152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00087072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00087072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00082456 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00079904 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00076832 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00073240 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00069664 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00069648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00068632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2015-11-02 00:59 - 2015-11-02 00:59 - 00066592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00062480 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00056864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00047664 _____ C:\Windows\system32\kapp_ci.sbin
2015-11-02 00:59 - 2015-11-02 00:59 - 00047128 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00043536 _____ C:\Windows\system32\kapp_si.sbin
2015-11-02 00:59 - 2015-11-02 00:59 - 00023056 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2015-11-02 00:59 - 2015-11-02 00:59 - 00023048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2015-11-02 00:41 - 2015-11-02 00:41 - 00000000 ____D C:\Users\Marissa\AppData\Local\NetworkTiles
2015-11-01 23:08 - 2015-11-01 23:08 - 00000000 ____H C:\Users\Marissa\Documents\Default.rdp
2015-11-01 23:04 - 2015-11-02 00:41 - 00000000 ____D C:\Users\Marissa\AppData\Local\MicrosoftEdge
2015-11-01 21:38 - 2015-11-01 21:40 - 00000000 ____D C:\Users\Marissa\AppData\Local\Comms
2015-11-01 21:37 - 2015-11-03 00:41 - 00003374 _____ C:\Windows\System32\Tasks\HPGenoobeReminder
2015-11-01 21:30 - 2015-11-03 00:41 - 00003358 _____ C:\Windows\System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-1870322798-3462431827-2921590714-1001
2015-11-01 21:26 - 2015-11-01 21:26 - 00002351 _____ C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 21:26 - 2015-11-01 21:26 - 00000000 ___RD C:\Users\Marissa\OneDrive
2015-11-01 21:26 - 2015-11-01 21:26 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Hewlett-Packard
2015-11-01 21:25 - 2015-11-02 00:41 - 00000000 ____D C:\Users\Marissa\AppData\Local\Hewlett-Packard
2015-11-01 21:25 - 2015-11-01 21:25 - 00000000 ____D C:\Users\Marissa\AppData\Local\HP_Inc
2015-11-01 21:23 - 2015-11-01 21:23 - 00000184 _____ C:\Windows\insFileSpec
2015-11-01 21:23 - 2015-11-01 21:23 - 00000000 ____D C:\Users\Marissa\AppData\Local\Publishers
2015-11-01 21:23 - 2015-11-01 21:23 - 00000000 ____D C:\Users\Marissa\AppData\Local\DropboxOEM
2015-11-01 21:22 - 2015-11-03 19:38 - 00000000 ____D C:\Users\Marissa
2015-11-01 21:22 - 2015-11-03 13:35 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Adobe
2015-11-01 21:22 - 2015-11-03 11:59 - 00000000 ____D C:\Users\Marissa\AppData\Local\Packages
2015-11-01 21:22 - 2015-11-02 12:39 - 00000000 ____D C:\Users\Marissa\AppData\Local\VirtualStore
2015-11-01 21:22 - 2015-11-01 21:22 - 00016148 _____ C:\Windows\system32\DESKTOP-J47B0P3_defaultuser0_HistoryPrediction.bin
2015-11-01 21:22 - 2015-11-01 21:22 - 00000020 ___SH C:\Users\Marissa\ntuser.ini
2015-11-01 21:22 - 2015-11-01 21:22 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-01 21:22 - 2015-11-01 21:22 - 00000000 ____D C:\Users\Marissa\AppData\Local\TileDataLayer
2015-11-01 21:22 - 2015-07-10 03:04 - 00000000 __RSD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-01 21:22 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-01 21:22 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-01 21:22 - 2015-07-10 03:04 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-01 21:01 - 2015-11-01 21:01 - 00016148 _____ C:\Windows\system32\HANCA9RPB1343_Administrator_HistoryPrediction.bin
2015-11-01 20:57 - 2015-11-01 20:57 - 00016148 _____ C:\Windows\system32\WIN-JTNLK9GNITI_Administrator_HistoryPrediction.bin
2015-11-01 20:11 - 2015-11-01 20:57 - 00015243 _____ C:\Windows\diagwrn.xml
2015-11-01 20:11 - 2015-11-01 20:57 - 00015243 _____ C:\Windows\diagerr.xml
2015-11-01 19:54 - 2015-11-01 19:54 - 00016148 _____ C:\Windows\system32\UVH6HM9E62MH1_Administrator_HistoryPrediction.bin
2015-11-01 19:26 - 2015-11-01 19:26 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-11-01 19:24 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-01 19:24 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-01 19:24 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-01 19:24 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-01 19:24 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-01 19:24 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-11-01 19:24 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-11-01 19:24 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-01 19:24 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-01 19:24 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-01 19:24 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-01 19:24 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-01 19:24 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-01 19:24 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-01 19:24 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-01 19:24 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-01 19:24 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-01 19:24 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-01 19:24 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-01 19:24 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-01 19:24 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-01 19:24 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-01 19:24 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-01 19:24 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-01 19:24 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-01 19:24 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-01 19:24 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-01 19:24 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-01 19:24 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-01 19:24 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-01 19:24 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-01 19:24 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-01 19:24 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-01 19:24 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-01 19:24 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-01 19:24 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-01 19:24 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-01 19:24 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-01 19:24 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-01 19:24 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-01 19:24 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-01 19:24 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-01 19:24 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-01 19:24 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-01 19:24 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-11-01 19:24 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-01 19:24 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-11-01 19:24 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-01 19:24 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-11-01 19:24 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-01 19:24 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-01 19:24 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-01 19:24 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-01 19:24 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-01 19:24 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-01 19:24 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-01 19:24 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-01 19:24 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-01 19:24 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-01 19:24 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-01 19:24 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-01 19:24 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-01 19:24 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-01 19:24 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-01 19:24 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-01 19:24 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-01 19:24 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-01 19:24 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-01 19:24 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-01 19:24 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-01 19:24 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-01 19:24 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-01 19:24 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-01 19:24 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-01 19:24 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-01 19:24 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-01 19:24 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-01 19:24 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-01 19:24 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-01 19:24 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-01 19:24 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-01 19:24 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-01 19:24 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-01 19:24 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-01 19:24 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-01 19:24 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-01 19:24 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-01 19:24 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-01 19:24 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-01 19:24 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-01 19:24 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-01 19:24 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-01 19:24 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-01 19:24 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-01 19:24 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-01 19:24 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-01 19:24 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-01 19:24 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-01 19:24 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-01 19:24 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-01 19:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-01 19:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-01 19:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-01 19:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-01 19:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-01 19:23 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-01 19:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-01 19:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-01 19:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-01 19:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-01 19:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-01 19:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-01 19:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-01 19:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-01 19:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-01 19:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-01 19:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-01 19:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-01 19:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-01 19:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-01 19:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-01 19:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-01 19:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-01 19:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-01 19:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-01 19:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-01 19:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-01 19:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-01 19:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-01 19:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-01 19:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-01 19:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-01 19:23 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-01 19:23 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-01 19:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-01 19:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-01 19:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-01 19:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-01 19:23 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-01 19:23 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-01 19:23 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-01 19:23 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-01 19:23 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-01 19:23 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-01 19:23 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-01 19:23 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-01 19:23 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-01 19:23 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-01 19:23 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-01 19:23 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-01 19:23 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-01 19:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-01 19:23 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-01 19:23 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-01 19:20 - 2015-11-02 02:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-01 19:20 - 2015-11-02 02:43 - 00000000 ____D C:\ProgramData\WildTangent
2015-11-01 19:17 - 2013-10-28 23:26 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd6.sys
2015-11-01 19:15 - 2015-11-03 11:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-01 19:15 - 2015-11-01 19:15 - 00000000 ____D C:\ProgramData\Kingsoft
2015-11-01 19:14 - 2015-11-01 19:14 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 04760576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 04611584 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 04350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 02112512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01591856 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01365072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 01135312 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 01043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00750592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00695136 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00584544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00521568 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00505344 _____ C:\Windows\system32\EditionUpgradeManagerObj.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00425824 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00325984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00290312 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\OmaDmAgent.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00082616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\unenrollhook.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00061280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.PAL.Desktop.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\omadmprc.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2015-11-01 19:14 - 2015-11-01 19:14 - 00032768 _____ C:\Windows\system32\LicenseManagerApi.dll
2015-11-01 19:14 - 2015-11-01 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-11-01 19:14 - 2015-11-01 19:14 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-11-01 19:11 - 2015-11-02 11:02 - 00000000 ____D C:\ProgramData\Temp
2015-11-01 19:11 - 2015-11-02 11:02 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-11-01 19:11 - 2015-11-01 19:28 - 00000000 ____D C:\ProgramData\install_clap
2015-11-01 19:10 - 2015-11-01 19:10 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk
2015-11-01 19:09 - 2015-07-10 03:01 - 00031816 _____ C:\Windows\Core.xml
2015-11-01 19:04 - 2015-11-02 02:02 - 00000000 ____D C:\ProgramData\mcafee
2015-11-01 19:02 - 2015-11-01 19:41 - 00000000 ___RD C:\Program Files\Online Services
2015-11-01 19:02 - 2015-11-01 19:02 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cNB_15 Notebook PC_Y5335KV_0U_Q5CD5300NL6_E15WW3TDT601_4A_I2330_SHP_V99.24_BF.31_T150714_W1101-0_L409_M3555_J500_7AMD_8F01_92.00_#151101_N10EC8179;10EC8136_(N5Y24UA#ABA)_XMOBILE_CN10_Z.MRK
2015-11-01 19:02 - 2015-11-01 19:02 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cNB_15 Notebook PC_Y5335KV_0U_Q5CD5300NL6_E15WW3TDT601_4A_I2330_SHP_V99.24_BF.31_T150714_W1101-0_L409_M3555_J500_7AMD_8F01_92.00_#151101_N10EC8179;10EC8136_(N5Y24UA#ABA)_XMOBILE_CN10_Z.MRK
2015-11-01 19:00 - 2015-07-10 17:05 - 00432648 _____ (HP) C:\Windows\system32\hpbprtmon.dll
2015-11-01 19:00 - 2015-07-10 17:05 - 00420872 _____ (HP) C:\Windows\system32\hpbrprtmon.dll
2015-11-01 19:00 - 2015-07-10 17:05 - 00239624 _____ (HP) C:\Windows\system32\hpbprtmonui.dll
2015-11-01 18:59 - 2015-11-02 11:32 - 00000000 ____D C:\Program Files\HP
2015-11-01 18:56 - 2015-11-01 18:56 - 00000000 ____D C:\ProgramData\Synaptics
2015-11-01 18:49 - 2015-11-02 16:49 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-11-01 18:48 - 2015-11-02 16:50 - 00006998 _____ C:\Windows\SysWOW64\RealtekWLAN.log
2015-11-01 18:48 - 2015-07-13 01:24 - 00886528 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2015-11-01 18:48 - 2010-12-01 09:31 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2015-11-01 18:47 - 2015-11-01 18:47 - 00067777 _____ C:\Windows\SysWOW64\CCCInstall_201511011847110068.log
2015-11-01 18:47 - 2015-11-01 18:47 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-11-01 18:46 - 2015-11-03 20:17 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-01 18:46 - 2015-11-01 18:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-11-01 18:46 - 2015-11-01 18:46 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-11-01 18:46 - 2015-11-01 18:46 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-11-01 18:45 - 2015-11-02 04:46 - 00000000 ____D C:\Program Files\AMD
2015-11-01 18:45 - 2015-11-02 00:59 - 47804432 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 27553312 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 21653520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-11-01 18:45 - 2015-11-02 00:59 - 12175392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 09069104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 01494528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 01265184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 00884752 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 00692256 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-11-01 18:45 - 2015-11-02 00:59 - 00683032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-11-01 18:45 - 2015-11-02 00:59 - 00264224 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-11-01 18:45 - 2015-11-02 00:59 - 00175632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-11-01 18:45 - 2015-11-02 00:59 - 00172432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-11-01 18:45 - 2015-07-14 02:39 - 00737410 _____ C:\Windows\system32\atiicdxx.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00250884 _____ C:\Windows\system32\ativvaxy_FJ.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-11-01 18:45 - 2015-07-14 02:39 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2015-11-01 18:45 - 2015-07-14 02:39 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-11-01 18:45 - 2015-07-14 02:39 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-11-01 18:45 - 2015-07-14 02:39 - 00102912 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2015-11-01 18:45 - 2015-07-14 02:39 - 00018968 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\AmdAS4.sys
2015-11-01 18:44 - 2015-11-03 12:20 - 00011070 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2015-11-01 18:44 - 2015-11-01 18:44 - 00000000 ____D C:\Windows\system32\SRSLabs
2015-11-01 18:43 - 2015-11-02 16:47 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-11-01 18:42 - 2015-11-03 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-11-01 18:42 - 2015-11-02 00:41 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-11-01 18:41 - 2015-11-02 16:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-01 18:38 - 2015-11-01 18:38 - 00000000 ____D C:\ProgramData\{C6FA530F-BB98-4D9F-BA00-45FD0698077C}
2015-11-01 18:36 - 2015-11-01 18:36 - 00016148 _____ C:\Windows\system32\WIN-55ADGM6MSLN_Administrator_HistoryPrediction.bin
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-03 20:18 - 2015-07-10 04:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-03 20:17 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\sru
2015-11-03 20:17 - 2015-07-10 01:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-03 19:15 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\AppReadiness
2015-11-03 13:32 - 2015-07-10 03:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-03 11:56 - 2015-07-24 02:35 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-11-03 11:56 - 2015-07-24 02:25 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-11-02 19:57 - 2015-07-15 22:09 - 00968010 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-02 16:30 - 2015-06-23 21:24 - 00030544 _____ (HP) C:\Windows\system32\Drivers\WirelessButtonDriver64.sys
2015-11-02 11:34 - 2015-07-24 02:25 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-11-02 03:07 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\appcompat
2015-11-02 02:31 - 2015-07-15 22:50 - 00000000 ____D C:\Windows\Panther
2015-11-02 02:13 - 2015-07-10 03:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-02 01:58 - 2015-07-10 05:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ___SD C:\Windows\system32\F12
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\oobe
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\Provisioning
2015-11-02 01:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\L2Schemas
2015-11-02 01:54 - 2015-07-10 02:55 - 00000000 ____D C:\Windows\CbsTemp
2015-11-02 01:42 - 2015-07-10 01:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2015-11-02 01:04 - 2015-07-07 04:43 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-11-02 01:04 - 2015-07-07 04:43 - 00764616 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-11-02 01:04 - 2015-07-07 04:43 - 00614088 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-11-02 01:04 - 2015-07-07 04:43 - 00269000 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-11-02 01:04 - 2015-07-07 04:43 - 00255688 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo31.dll
2015-11-01 21:58 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\restore
2015-11-01 21:48 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2015-11-01 21:23 - 2015-07-13 08:28 - 00000000 ___HD C:\SYSTEM.SAV
2015-11-01 21:11 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\rescache
2015-11-01 21:01 - 2015-07-10 01:05 - 00000000 ____D C:\Windows\system32\Sysprep
2015-11-01 20:11 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\Registration
2015-11-01 20:09 - 2015-07-15 22:01 - 00000000 __SHD C:\Recovery
2015-11-01 20:09 - 2015-07-13 08:28 - 00000000 ____D C:\SWSetup
2015-11-01 20:09 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\Recovery
2015-11-01 19:41 - 2015-07-24 02:26 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-11-01 19:16 - 2015-07-10 03:04 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-11-01 19:16 - 2015-07-10 03:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-11-01 19:16 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-11-01 19:16 - 2015-07-10 01:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-11-01 19:16 - 2015-07-10 01:05 - 00000000 ____D C:\Windows\system32\Dism
2015-11-01 19:10 - 2015-07-24 03:10 - 00000012 _____ C:\Windows\CSUP.txt
2015-11-01 19:07 - 2015-07-10 03:04 - 00000124 _____ C:\Windows\win.ini
2015-11-01 19:03 - 2015-07-16 18:35 - 00000000 ___HD C:\hp
2015-10-15 19:10 - 2015-07-10 03:06 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-15 19:10 - 2015-07-10 03:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
Some files in TEMP:
====================
C:\Users\Marissa\AppData\Local\Temp\ACLMInstaller.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-15 22:00
 
==================== End of FRST.txt ============================

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,977 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:26 PM

Posted 06 November 2015 - 11:37 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

===

Please post the Addition.txt file that was created by the Farbar tool.
I need to review it with your FRST log provided.

#3 Pen_Rich

Pen_Rich
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 08 November 2015 - 02:29 AM

Sorry, I thought i'd attached it.  I had to rerun the tool to provide them for you so here are the new logs.  Since the attachment wasn't successful before, I will post both logs in this message.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Marissa (administrator) on DESKTOP-H2L8P6U (07-11-2015 23:22:40)
Running from C:\Users\Marissa\Downloads
Loaded Profiles: Marissa (Available Profiles: Marissa)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\SystemApps\ContactSupport_cw5n1h2txyewy\ContactSupport.exe
() C:\Program Files\WindowsApps\Microsoft.BingWeather_4.3.201.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-11-07] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-21] (CyberLink Corp.)
HKU\S-1-5-21-1455178037-4009247092-2888788068-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-1455178037-4009247092-2888788068-1001\...\RunOnce: [Uninstall C:\Users\Marissa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marissa\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{856e6e1d-439c-4593-90e2-1797af35e0d8}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-1455178037-4009247092-2888788068-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM-x32 -> {A5303DDA-2F82-42CF-A2CF-416824E9A107} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
 
FireFox:
========
FF ProfilePath: C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\8gyfzk5r.default
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-07] (Google Inc.)
FF Extension: Download YouTube Videos as MP4 - C:\Users\Marissa\AppData\Roaming\Mozilla\Firefox\Profiles\8gyfzk5r.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2015-11-07]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-07]
CHR Extension: (Gmail) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2505472 2015-10-09] (ESET)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-11] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-07-13] (Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [445240 2015-04-29] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 AdaptiveSleepService; "c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [18968 2015-07-14] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-14] (Advanced Micro Devices)
R3 clwvd6; C:\Windows\system32\DRIVERS\clwvd6.sys [41704 2013-10-28] (CyberLink Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264040 2015-07-30] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-07-30] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-07-30] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2015-07-30] (ESET)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-07] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [301784 2015-07-09] (Realtek Semiconductor Corp.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-13] (Realtek                                            )
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [752856 2015-07-09] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-07-09] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-11-07] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-07] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-07] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-07 23:22 - 2015-11-07 23:23 - 00011966 _____ C:\Users\Marissa\Downloads\FRST.txt
2015-11-07 23:22 - 2015-11-07 23:22 - 02198528 _____ (Farbar) C:\Users\Marissa\Downloads\FRST64.exe
2015-11-07 23:22 - 2015-11-07 23:22 - 00000000 ____D C:\FRST
2015-11-07 23:21 - 2015-11-07 23:21 - 01702400 _____ (Farbar) C:\Users\Marissa\Downloads\FRST (1).exe
2015-11-07 23:20 - 2015-11-07 23:21 - 01702400 _____ (Farbar) C:\Users\Marissa\Downloads\FRST.exe
2015-11-07 23:02 - 2015-11-07 23:02 - 00016148 _____ C:\Windows\system32\DESKTOP-H2L8P6U_Marissa_HistoryPrediction.bin
2015-11-07 18:38 - 2015-11-07 18:38 - 00206568 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-07 18:38 - 2015-11-07 18:38 - 00000678 _____ C:\Windows\PFRO.log
2015-11-07 16:49 - 2015-11-07 16:49 - 01483336 _____ (Microsoft Corporation) C:\Users\Marissa\Downloads\mediacreationtool.exe
2015-11-07 13:45 - 2015-11-07 13:45 - 00000000 ____D C:\Users\Marissa\AppData\Local\NetworkTiles
2015-11-07 02:27 - 2015-11-07 02:27 - 12052186 _____ C:\Users\Marissa\Downloads\Top 7 Panda Cheese Commercials.mp4
2015-11-07 02:20 - 2015-11-07 19:38 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-11-07 01:37 - 2015-11-07 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-11-07 01:37 - 2015-11-07 01:37 - 00000000 ____D C:\ProgramData\ESET
2015-11-07 01:37 - 2015-11-07 01:37 - 00000000 ____D C:\Program Files\ESET
2015-11-07 01:36 - 2015-11-07 01:36 - 00001414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-07 01:36 - 2015-11-07 01:36 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-07 01:36 - 2015-11-07 01:36 - 00000000 ____D C:\Windows\en
2015-11-07 01:35 - 2015-11-07 01:35 - 00000000 ____D C:\Windows\PCHEALTH
2015-11-07 01:35 - 2015-11-07 01:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-11-07 01:34 - 2015-11-07 01:41 - 00000000 ____D C:\Users\Marissa\AppData\Local\Mozilla
2015-11-07 01:34 - 2015-11-07 01:35 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-11-07 01:34 - 2015-11-07 01:34 - 00001199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-07 01:34 - 2015-11-07 01:34 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Mozilla
2015-11-07 01:34 - 2015-11-07 01:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 01:33 - 2015-11-07 01:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-07 01:32 - 2015-11-07 01:32 - 00243656 _____ C:\Users\Marissa\Downloads\Firefox Setup Stub 42.0.exe
2015-11-07 01:31 - 2015-11-07 02:28 - 00000000 ____D C:\Users\Marissa\AppData\Local\Windows Live
2015-11-07 01:30 - 2015-11-07 01:31 - 01239752 _____ (Microsoft Corporation) C:\Users\Marissa\Downloads\wlsetup-web.exe
2015-11-07 01:29 - 2015-11-07 01:30 - 00000000 ____D C:\TDSSKiller
2015-11-07 01:04 - 2015-11-07 01:49 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-11-07 00:50 - 2015-11-07 19:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-07 00:49 - 2015-11-07 00:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-07 00:49 - 2015-11-07 00:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-07 00:49 - 2015-11-07 00:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-07 00:49 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-07 00:49 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-07 00:46 - 2015-11-07 00:49 - 22908888 _____ (Malwarebytes ) C:\Users\Marissa\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-07 00:33 - 2015-11-07 00:33 - 00000000 ____D C:\Users\Marissa\AppData\LocalLow\Evernote
2015-11-07 00:30 - 2015-11-07 19:36 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 00:30 - 2015-11-07 19:32 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 00:30 - 2015-11-07 00:30 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-07 00:30 - 2015-11-07 00:30 - 00003758 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-07 00:30 - 2015-11-07 00:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-07 00:27 - 2015-11-07 00:32 - 00000000 ____D C:\Windows\system32\MRT
2015-11-07 00:27 - 2015-10-02 12:09 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-07 00:26 - 2015-10-27 15:38 - 21871616 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-11-07 00:26 - 2015-10-21 04:00 - 24595968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-07 00:26 - 2015-10-05 19:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-11-07 00:26 - 2015-08-02 18:18 - 08613200 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2015-11-07 00:26 - 2015-08-02 17:56 - 06878256 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-11-07 00:25 - 2015-11-07 00:25 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\WildTangent
2015-11-07 00:25 - 2015-10-27 15:16 - 18801664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2015-11-07 00:25 - 2015-10-21 04:43 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-11-07 00:25 - 2015-10-21 03:46 - 02179584 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-11-07 00:25 - 2015-10-20 21:13 - 19326464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-07 00:25 - 2015-10-05 18:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-11-07 00:25 - 2015-09-30 20:00 - 08020320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-07 00:25 - 2015-09-24 20:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-07 00:25 - 2015-09-24 19:56 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-07 00:25 - 2015-09-24 19:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-11-07 00:25 - 2015-09-24 19:26 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-07 00:25 - 2015-09-24 19:09 - 12504064 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-07 00:25 - 2015-09-24 19:02 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2015-11-07 00:25 - 2015-09-24 19:01 - 04792320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-07 00:25 - 2015-09-24 19:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2015-11-07 00:25 - 2015-09-24 19:00 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2015-11-07 00:25 - 2015-09-24 18:38 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-07 00:25 - 2015-09-24 18:36 - 11262976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-07 00:25 - 2015-09-24 18:36 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2015-11-07 00:25 - 2015-09-16 22:50 - 02464216 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-11-07 00:25 - 2015-09-16 22:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-11-07 00:25 - 2015-09-16 22:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2015-11-07 00:25 - 2015-09-16 22:48 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-11-07 00:25 - 2015-09-16 22:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2015-11-07 00:25 - 2015-09-16 22:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-11-07 00:25 - 2015-09-16 22:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-11-07 00:25 - 2015-09-16 22:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2015-11-07 00:25 - 2015-09-16 22:28 - 02154808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-11-07 00:25 - 2015-09-16 22:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2015-11-07 00:25 - 2015-09-16 22:26 - 02446648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-11-07 00:25 - 2015-09-16 22:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2015-11-07 00:25 - 2015-09-16 22:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2015-11-07 00:25 - 2015-09-16 21:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-11-07 00:25 - 2015-09-16 21:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2015-11-07 00:25 - 2015-09-16 21:55 - 02236416 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-07 00:25 - 2015-09-16 21:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2015-11-07 00:25 - 2015-09-16 21:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2015-11-07 00:25 - 2015-09-16 21:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2015-11-07 00:25 - 2015-09-16 21:49 - 02740224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-07 00:25 - 2015-09-16 21:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2015-11-07 00:25 - 2015-09-16 21:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-11-07 00:25 - 2015-09-16 21:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-11-07 00:25 - 2015-09-16 21:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2015-11-07 00:25 - 2015-09-16 21:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2015-11-07 00:25 - 2015-09-16 21:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2015-11-07 00:25 - 2015-09-16 21:35 - 02207232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-07 00:25 - 2015-09-16 21:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2015-11-07 00:25 - 2015-08-17 22:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-11-07 00:25 - 2015-08-17 22:29 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-11-07 00:25 - 2015-08-11 02:04 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-11-07 00:25 - 2015-08-11 01:50 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-11-07 00:25 - 2015-08-11 01:40 - 04048808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-11-07 00:25 - 2015-08-11 01:11 - 02446336 _____ C:\Windows\system32\InputService.dll
2015-11-07 00:25 - 2015-08-11 01:05 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-11-07 00:25 - 2015-08-11 01:03 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-11-07 00:25 - 2015-08-11 00:51 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2015-11-07 00:25 - 2015-08-11 00:43 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-11-07 00:25 - 2015-08-11 00:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-11-07 00:25 - 2015-08-07 22:24 - 02415104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-11-07 00:25 - 2015-08-07 22:00 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-11-07 00:25 - 2015-07-29 22:16 - 02147080 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-11-07 00:25 - 2015-07-29 22:03 - 02116448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-11-07 00:25 - 2015-07-29 20:26 - 01867160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2015-11-07 00:25 - 2015-07-29 19:49 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-11-07 00:25 - 2015-07-29 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2015-11-07 00:25 - 2015-07-29 19:15 - 09889792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-11-07 00:25 - 2015-07-29 19:04 - 01714176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2015-11-07 00:24 - 2015-10-21 04:45 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-07 00:24 - 2015-10-21 04:44 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-11-07 00:24 - 2015-10-21 04:39 - 03621248 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-07 00:24 - 2015-10-21 04:00 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-11-07 00:24 - 2015-10-21 03:57 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-11-07 00:24 - 2015-10-21 03:52 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-11-07 00:24 - 2015-10-21 03:50 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2015-11-07 00:24 - 2015-10-21 03:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-11-07 00:24 - 2015-10-21 03:46 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-07 00:24 - 2015-10-21 03:44 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2015-11-07 00:24 - 2015-10-21 03:44 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-11-07 00:24 - 2015-10-21 03:43 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2015-11-07 00:24 - 2015-10-21 03:42 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-11-07 00:24 - 2015-10-21 03:41 - 01795072 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-07 00:24 - 2015-10-21 03:40 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2015-11-07 00:24 - 2015-10-21 03:38 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2015-11-07 00:24 - 2015-10-20 21:53 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2015-11-07 00:24 - 2015-10-20 21:49 - 02878512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-07 00:24 - 2015-10-20 21:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-11-07 00:24 - 2015-10-20 21:08 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-11-07 00:24 - 2015-10-20 21:05 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-11-07 00:24 - 2015-10-20 21:03 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-07 00:24 - 2015-10-20 20:58 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2015-11-07 00:24 - 2015-10-20 20:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2015-11-07 00:24 - 2015-10-09 23:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-07 00:24 - 2015-09-30 20:01 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-07 00:24 - 2015-09-30 20:01 - 01123400 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-07 00:24 - 2015-09-30 20:01 - 01018568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-07 00:24 - 2015-09-30 20:01 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-07 00:24 - 2015-09-30 19:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-11-07 00:24 - 2015-09-24 20:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-11-07 00:24 - 2015-09-24 19:52 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2015-11-07 00:24 - 2015-09-24 19:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2015-11-07 00:24 - 2015-09-24 19:04 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-07 00:24 - 2015-09-24 19:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2015-11-07 00:24 - 2015-09-24 19:03 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-07 00:24 - 2015-09-24 19:02 - 00949248 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-07 00:24 - 2015-09-24 19:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2015-11-07 00:24 - 2015-09-24 19:00 - 01382400 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2015-11-07 00:24 - 2015-09-24 19:00 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2015-11-07 00:24 - 2015-09-24 19:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2015-11-07 00:24 - 2015-09-24 18:59 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2015-11-07 00:24 - 2015-09-24 18:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2015-11-07 00:24 - 2015-09-24 18:59 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2015-11-07 00:24 - 2015-09-24 18:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2015-11-07 00:24 - 2015-09-24 18:59 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2015-11-07 00:24 - 2015-09-24 18:58 - 01871360 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-07 00:24 - 2015-09-24 18:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-11-07 00:24 - 2015-09-24 18:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-11-07 00:24 - 2015-09-24 18:38 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-07 00:24 - 2015-09-24 18:38 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-07 00:24 - 2015-09-24 18:37 - 00766976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-07 00:24 - 2015-09-24 18:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2015-11-07 00:24 - 2015-09-24 18:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-11-07 00:24 - 2015-09-24 18:34 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2015-11-07 00:24 - 2015-09-24 18:34 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2015-11-07 00:24 - 2015-09-24 18:34 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2015-11-07 00:24 - 2015-09-24 18:34 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2015-11-07 00:24 - 2015-09-24 18:34 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2015-11-07 00:24 - 2015-09-24 18:32 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-11-07 00:24 - 2015-09-24 18:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-11-07 00:24 - 2015-09-18 21:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2015-11-07 00:24 - 2015-09-16 22:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-11-07 00:24 - 2015-09-16 22:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2015-11-07 00:24 - 2015-09-16 22:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-11-07 00:24 - 2015-09-16 22:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-11-07 00:24 - 2015-09-16 22:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2015-11-07 00:24 - 2015-09-16 22:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-11-07 00:24 - 2015-09-16 22:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2015-11-07 00:24 - 2015-09-16 22:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2015-11-07 00:24 - 2015-09-16 22:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-11-07 00:24 - 2015-09-16 22:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-11-07 00:24 - 2015-09-16 22:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-11-07 00:24 - 2015-09-16 22:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-11-07 00:24 - 2015-09-16 22:48 - 00243760 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-11-07 00:24 - 2015-09-16 22:44 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-11-07 00:24 - 2015-09-16 22:43 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2015-11-07 00:24 - 2015-09-16 22:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2015-11-07 00:24 - 2015-09-16 22:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-07 00:24 - 2015-09-16 22:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-11-07 00:24 - 2015-09-16 22:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2015-11-07 00:24 - 2015-09-16 22:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-11-07 00:24 - 2015-09-16 22:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-11-07 00:24 - 2015-09-16 22:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2015-11-07 00:24 - 2015-09-16 22:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2015-11-07 00:24 - 2015-09-16 22:26 - 00646672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2015-11-07 00:24 - 2015-09-16 22:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-11-07 00:24 - 2015-09-16 22:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-11-07 00:24 - 2015-09-16 22:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-11-07 00:24 - 2015-09-16 22:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2015-11-07 00:24 - 2015-09-16 22:20 - 00764416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2015-11-07 00:24 - 2015-09-16 22:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2015-11-07 00:24 - 2015-09-16 22:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2015-11-07 00:24 - 2015-09-16 22:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2015-11-07 00:24 - 2015-09-16 22:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2015-11-07 00:24 - 2015-09-16 22:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2015-11-07 00:24 - 2015-09-16 22:06 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2015-11-07 00:24 - 2015-09-16 22:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2015-11-07 00:24 - 2015-09-16 22:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2015-11-07 00:24 - 2015-09-16 22:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2015-11-07 00:24 - 2015-09-16 22:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2015-11-07 00:24 - 2015-09-16 22:03 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2015-11-07 00:24 - 2015-09-16 22:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2015-11-07 00:24 - 2015-09-16 22:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2015-11-07 00:24 - 2015-09-16 22:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2015-11-07 00:24 - 2015-09-16 21:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2015-11-07 00:24 - 2015-09-16 21:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2015-11-07 00:24 - 2015-09-16 21:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2015-11-07 00:24 - 2015-09-16 21:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2015-11-07 00:24 - 2015-09-16 21:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2015-11-07 00:24 - 2015-09-16 21:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2015-11-07 00:24 - 2015-09-16 21:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2015-11-07 00:24 - 2015-09-16 21:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2015-11-07 00:24 - 2015-09-16 21:55 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2015-11-07 00:24 - 2015-09-16 21:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2015-11-07 00:24 - 2015-09-16 21:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2015-11-07 00:24 - 2015-09-16 21:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2015-11-07 00:24 - 2015-09-16 21:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-11-07 00:24 - 2015-09-16 21:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2015-11-07 00:24 - 2015-09-16 21:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-11-07 00:24 - 2015-09-16 21:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-11-07 00:24 - 2015-09-16 21:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-11-07 00:24 - 2015-09-16 21:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-11-07 00:24 - 2015-09-16 21:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-11-07 00:24 - 2015-09-16 21:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2015-11-07 00:24 - 2015-09-16 21:49 - 01010176 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2015-11-07 00:24 - 2015-09-16 21:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2015-11-07 00:24 - 2015-09-16 21:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2015-11-07 00:24 - 2015-09-16 21:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2015-11-07 00:24 - 2015-09-16 21:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2015-11-07 00:24 - 2015-09-16 21:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2015-11-07 00:24 - 2015-09-16 21:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2015-11-07 00:24 - 2015-09-16 21:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2015-11-07 00:24 - 2015-09-16 21:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2015-11-07 00:24 - 2015-09-16 21:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2015-11-07 00:24 - 2015-09-16 21:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2015-11-07 00:24 - 2015-09-16 21:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2015-11-07 00:24 - 2015-09-16 21:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2015-11-07 00:24 - 2015-09-16 21:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2015-11-07 00:24 - 2015-09-16 21:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2015-11-07 00:24 - 2015-09-16 21:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-11-07 00:24 - 2015-09-16 21:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2015-11-07 00:24 - 2015-09-16 21:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2015-11-07 00:24 - 2015-09-16 21:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2015-11-07 00:24 - 2015-09-16 21:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2015-11-07 00:24 - 2015-09-16 21:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2015-11-07 00:24 - 2015-09-16 21:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2015-11-07 00:24 - 2015-09-16 21:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-11-07 00:24 - 2015-09-16 21:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-11-07 00:24 - 2015-09-16 21:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-11-07 00:24 - 2015-09-16 21:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2015-11-07 00:24 - 2015-09-16 21:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-11-07 00:24 - 2015-09-16 21:43 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-11-07 00:24 - 2015-09-16 21:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2015-11-07 00:24 - 2015-09-16 21:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2015-11-07 00:24 - 2015-09-16 21:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-11-07 00:24 - 2015-09-16 21:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2015-11-07 00:24 - 2015-09-16 21:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2015-11-07 00:24 - 2015-09-16 21:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-11-07 00:24 - 2015-09-16 21:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-11-07 00:24 - 2015-09-16 21:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2015-11-07 00:24 - 2015-09-16 21:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2015-11-07 00:24 - 2015-09-16 21:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-11-07 00:24 - 2015-09-16 21:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2015-11-07 00:24 - 2015-09-16 21:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-11-07 00:24 - 2015-09-16 21:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-11-07 00:24 - 2015-09-16 21:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2015-11-07 00:24 - 2015-09-16 21:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2015-11-07 00:24 - 2015-09-16 21:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-11-07 00:24 - 2015-09-16 21:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2015-11-07 00:24 - 2015-09-16 21:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2015-11-07 00:24 - 2015-08-26 22:32 - 00608936 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2015-11-07 00:24 - 2015-08-26 21:54 - 00541248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2015-11-07 00:24 - 2015-08-26 21:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-11-07 00:24 - 2015-08-26 21:51 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-11-07 00:24 - 2015-08-26 21:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-11-07 00:24 - 2015-08-26 21:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-11-07 00:24 - 2015-08-26 21:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-11-07 00:24 - 2015-08-26 21:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2015-11-07 00:24 - 2015-08-26 21:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-11-07 00:24 - 2015-08-26 21:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-11-07 00:24 - 2015-08-26 21:16 - 02153472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-11-07 00:24 - 2015-08-26 21:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-11-07 00:24 - 2015-08-26 21:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-11-07 00:24 - 2015-08-26 21:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-11-07 00:24 - 2015-08-19 22:06 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-11-07 00:24 - 2015-08-19 21:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2015-11-07 00:24 - 2015-08-17 23:55 - 00373072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-11-07 00:24 - 2015-08-17 23:13 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2015-11-07 00:24 - 2015-08-17 23:13 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2015-11-07 00:24 - 2015-08-17 22:59 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2015-11-07 00:24 - 2015-08-17 22:58 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2015-11-07 00:24 - 2015-08-17 22:56 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2015-11-07 00:24 - 2015-08-17 22:54 - 00247296 _____ C:\Windows\system32\facecredentialprovider.dll
2015-11-07 00:24 - 2015-08-17 22:49 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-11-07 00:24 - 2015-08-17 22:49 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2015-11-07 00:24 - 2015-08-17 20:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2015-11-07 00:24 - 2015-08-11 02:04 - 01087296 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-11-07 00:24 - 2015-08-11 02:02 - 00292856 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2015-11-07 00:24 - 2015-08-11 02:02 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2015-11-07 00:24 - 2015-08-11 01:52 - 00993104 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-11-07 00:24 - 2015-08-11 01:40 - 00918320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-11-07 00:24 - 2015-08-11 01:37 - 00243800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2015-11-07 00:24 - 2015-08-11 01:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2015-11-07 00:24 - 2015-08-11 01:18 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2015-11-07 00:24 - 2015-08-11 01:14 - 00404480 _____ C:\Windows\system32\diagtrack_wininternal.dll
2015-11-07 00:24 - 2015-08-11 01:13 - 00413184 _____ C:\Windows\system32\diagtrack_win.dll
2015-11-07 00:24 - 2015-08-11 01:10 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2015-11-07 00:24 - 2015-08-11 01:08 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2015-11-07 00:24 - 2015-08-11 01:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-11-07 00:24 - 2015-08-11 01:05 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\LocationPermissions.dll
2015-11-07 00:24 - 2015-08-11 01:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2015-11-07 00:24 - 2015-08-11 01:00 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-11-07 00:24 - 2015-08-11 00:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-11-07 00:24 - 2015-08-11 00:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2015-11-07 00:24 - 2015-08-11 00:59 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-11-07 00:24 - 2015-08-11 00:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2015-11-07 00:24 - 2015-08-11 00:50 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2015-11-07 00:24 - 2015-08-11 00:48 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2015-11-07 00:24 - 2015-08-11 00:39 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-11-07 00:24 - 2015-08-07 23:29 - 01822280 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-07 00:24 - 2015-08-07 23:01 - 01533496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-07 00:24 - 2015-08-07 22:24 - 01679360 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-11-07 00:24 - 2015-08-05 19:17 - 00237392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2015-11-07 00:24 - 2015-08-05 19:17 - 00200528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2015-11-07 00:24 - 2015-08-05 18:22 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2015-11-07 00:24 - 2015-08-04 20:00 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2015-11-07 00:24 - 2015-08-04 19:39 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2015-11-07 00:24 - 2015-08-03 20:07 - 00102752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-11-07 00:24 - 2015-08-03 19:23 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2015-11-07 00:24 - 2015-08-02 18:32 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2015-11-07 00:24 - 2015-08-02 18:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2015-11-07 00:24 - 2015-08-02 18:17 - 00052264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2015-11-07 00:24 - 2015-08-02 18:12 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2015-11-07 00:24 - 2015-08-02 17:49 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2015-11-07 00:24 - 2015-08-02 17:30 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_UserAccount.dll
2015-11-07 00:24 - 2015-08-02 17:23 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2015-11-07 00:24 - 2015-08-02 17:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2015-11-07 00:24 - 2015-08-02 17:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-11-07 00:24 - 2015-08-02 17:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-11-07 00:24 - 2015-08-02 17:18 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2015-11-07 00:24 - 2015-08-02 17:15 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2015-11-07 00:24 - 2015-08-02 17:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2015-11-07 00:24 - 2015-08-02 17:15 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2015-11-07 00:24 - 2015-08-02 17:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2015-11-07 00:24 - 2015-08-02 17:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2015-11-07 00:24 - 2015-08-02 17:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-11-07 00:24 - 2015-08-02 17:03 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2015-11-07 00:24 - 2015-08-02 16:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2015-11-07 00:24 - 2015-07-29 22:23 - 00527952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-11-07 00:24 - 2015-07-29 22:21 - 00816576 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-11-07 00:24 - 2015-07-29 22:17 - 01200400 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-07 00:24 - 2015-07-29 22:17 - 01025840 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2015-11-07 00:24 - 2015-07-29 22:15 - 00632168 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-11-07 00:24 - 2015-07-29 22:14 - 00333168 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2015-11-07 00:24 - 2015-07-29 22:06 - 01043872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-11-07 00:24 - 2015-07-29 21:24 - 00252768 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2015-11-07 00:24 - 2015-07-29 20:29 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-07 00:24 - 2015-07-29 20:26 - 00877016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-11-07 00:24 - 2015-07-29 20:25 - 00713312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-11-07 00:24 - 2015-07-29 20:24 - 00445240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-11-07 00:24 - 2015-07-29 20:24 - 00285632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2015-11-07 00:24 - 2015-07-29 20:22 - 00896144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2015-11-07 00:24 - 2015-07-29 20:22 - 00507696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-11-07 00:24 - 2015-07-29 20:12 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2015-11-07 00:24 - 2015-07-29 20:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2015-11-07 00:24 - 2015-07-29 19:52 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2015-11-07 00:24 - 2015-07-29 19:46 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2015-11-07 00:24 - 2015-07-29 19:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2015-11-07 00:24 - 2015-07-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-07 00:24 - 2015-07-29 19:44 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-11-07 00:24 - 2015-07-29 19:44 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2015-11-07 00:24 - 2015-07-29 19:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-11-07 00:24 - 2015-07-29 19:38 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2015-11-07 00:24 - 2015-07-29 19:29 - 00654848 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2015-11-07 00:24 - 2015-07-29 19:07 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2015-11-07 00:24 - 2015-07-29 19:06 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2015-11-07 00:24 - 2015-07-29 18:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2015-11-07 00:23 - 2015-10-21 03:59 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2015-11-07 00:23 - 2015-10-21 03:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-07 00:23 - 2015-10-20 21:03 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-11-07 00:23 - 2015-10-20 20:55 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2015-11-07 00:23 - 2015-09-24 19:11 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2015-11-07 00:23 - 2015-09-24 19:11 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2015-11-07 00:23 - 2015-09-24 19:04 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2015-11-07 00:23 - 2015-09-24 18:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2015-11-07 00:23 - 2015-09-24 18:38 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2015-11-07 00:23 - 2015-09-24 18:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2015-11-07 00:23 - 2015-09-16 22:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2015-11-07 00:23 - 2015-09-16 22:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2015-11-07 00:23 - 2015-09-16 22:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2015-11-07 00:23 - 2015-09-16 22:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2015-11-07 00:23 - 2015-09-16 22:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2015-11-07 00:23 - 2015-09-16 22:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2015-11-07 00:23 - 2015-09-16 22:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2015-11-07 00:23 - 2015-09-16 22:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-11-07 00:23 - 2015-09-16 21:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2015-11-07 00:23 - 2015-09-16 21:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2015-11-07 00:23 - 2015-09-16 21:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-11-07 00:23 - 2015-09-16 21:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-11-07 00:23 - 2015-09-16 21:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-11-07 00:23 - 2015-09-16 21:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-11-07 00:23 - 2015-09-16 21:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2015-11-07 00:23 - 2015-09-16 21:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2015-11-07 00:23 - 2015-09-16 21:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2015-11-07 00:23 - 2015-09-16 21:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2015-11-07 00:23 - 2015-09-16 21:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2015-11-07 00:23 - 2015-09-16 21:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2015-11-07 00:23 - 2015-09-16 21:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2015-11-07 00:23 - 2015-09-16 21:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2015-11-07 00:23 - 2015-09-16 21:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2015-11-07 00:23 - 2015-09-16 21:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2015-11-07 00:23 - 2015-09-16 21:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-11-07 00:23 - 2015-09-16 21:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2015-11-07 00:23 - 2015-08-26 21:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-11-07 00:23 - 2015-08-26 21:08 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-11-07 00:23 - 2015-08-19 21:21 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2015-11-07 00:23 - 2015-08-17 23:04 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-11-07 00:23 - 2015-08-17 22:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2015-11-07 00:23 - 2015-08-17 22:58 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2015-11-07 00:23 - 2015-08-17 22:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-11-07 00:23 - 2015-08-17 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2015-11-07 00:23 - 2015-08-17 22:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2015-11-07 00:23 - 2015-08-17 22:54 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2015-11-07 00:23 - 2015-08-17 22:49 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2015-11-07 00:23 - 2015-08-17 22:36 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2015-11-07 00:23 - 2015-08-17 22:35 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2015-11-07 00:23 - 2015-08-17 22:35 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2015-11-07 00:23 - 2015-08-17 22:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2015-11-07 00:23 - 2015-08-17 22:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2015-11-07 00:23 - 2015-08-11 02:03 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-11-07 00:23 - 2015-08-11 01:26 - 00845664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-11-07 00:23 - 2015-08-11 01:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2015-11-07 00:23 - 2015-08-11 01:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2015-11-07 00:23 - 2015-08-11 01:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2015-11-07 00:23 - 2015-08-11 00:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2015-11-07 00:23 - 2015-08-11 00:50 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2015-11-07 00:23 - 2015-08-11 00:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2015-11-07 00:23 - 2015-08-11 00:38 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2015-11-07 00:23 - 2015-08-02 18:18 - 00594472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2015-11-07 00:23 - 2015-08-02 18:18 - 00046432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2015-11-07 00:23 - 2015-08-02 17:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2015-11-07 00:23 - 2015-07-29 19:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2015-11-07 00:23 - 2015-07-29 19:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-11-07 00:23 - 2015-07-29 19:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\VoiceActivationManager.dll
2015-11-07 00:23 - 2015-07-29 19:41 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2015-11-07 00:23 - 2015-07-29 19:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2015-11-07 00:23 - 2015-07-29 19:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoiceActivationManager.dll
2015-11-07 00:21 - 2015-11-07 23:20 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FF24C8C8-7A9B-44DF-BBAA-3EE3A31EB946}
2015-11-07 00:19 - 2015-11-07 00:19 - 00002874 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-07 00:18 - 2015-11-07 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-07 00:18 - 2015-11-07 00:18 - 00000000 ____D C:\Program Files\CCleaner
2015-11-07 00:17 - 2015-11-07 00:30 - 00000000 ____D C:\Program Files (x86)\Google
2015-11-07 00:17 - 2015-11-07 00:21 - 00000000 ____D C:\Users\Marissa\AppData\Local\Google
2015-11-07 00:16 - 2015-11-07 00:50 - 02838216 _____ (ESET) C:\Users\Marissa\Downloads\eset_nod32_antivirus_live_installer.exe
2015-11-07 00:14 - 2015-07-05 02:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-11-07 00:10 - 2015-11-07 00:10 - 00419528 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2015-11-07 00:10 - 2015-11-07 00:10 - 00042696 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys
2015-11-07 00:10 - 2015-11-07 00:10 - 00042184 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2015-11-07 00:07 - 2015-11-07 00:07 - 39731728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 30783520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 25329680 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 22336032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 15734304 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 14319648 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 10288368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 09429368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 08950512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 08087568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 07744400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 07555672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 06496264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 05085728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-11-07 00:07 - 2015-11-07 00:07 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-11-07 00:07 - 2015-11-07 00:07 - 01238224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 01204784 _____ C:\Windows\system32\amdocl_as64.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 01080864 _____ C:\Windows\system32\amdocl_ld64.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 01014304 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00944152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00944152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00833800 _____ C:\Windows\system32\amdicdxx.dat
2015-11-07 00:07 - 2015-11-07 00:07 - 00816176 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00662032 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-11-07 00:07 - 2015-11-07 00:07 - 00662032 _____ C:\Windows\system32\atiapfxx.blb
2015-11-07 00:07 - 2015-11-07 00:07 - 00484176 _____ C:\Windows\system32\amdmiracast.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00459800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00384536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00350232 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00315104 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-11-07 00:07 - 2015-11-07 00:07 - 00252440 _____ C:\Windows\system32\clinfo.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00222240 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00209936 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00208912 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00177688 _____ C:\Windows\system32\atieah64.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00177344 _____ C:\Windows\system32\ativce03.dat
2015-11-07 00:07 - 2015-11-07 00:07 - 00175648 _____ C:\Windows\system32\amde31a.dat
2015-11-07 00:07 - 2015-11-07 00:07 - 00163608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00161312 _____ C:\Windows\SysWOW64\atieah32.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00159264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00153608 _____ C:\Windows\system32\amdhdl64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00153104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00148400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00146448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00141528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00140832 _____ C:\Windows\SysWOW64\amdhdl32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00131104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00127440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00123648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00120352 _____ C:\Windows\system32\hsa-thunk64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00120080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00119840 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00110624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00106520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00103968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00100816 _____ C:\Windows\system32\ativce02.dat
2015-11-07 00:07 - 2015-11-07 00:07 - 00099104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00098336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00097584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00092704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00092152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00087072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00087072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00082456 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00079904 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00076832 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00073240 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00069664 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00069648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00068632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2015-11-07 00:07 - 2015-11-07 00:07 - 00066592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00062480 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00056864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00047664 _____ C:\Windows\system32\kapp_ci.sbin
2015-11-07 00:07 - 2015-11-07 00:07 - 00047128 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00043536 _____ C:\Windows\system32\kapp_si.sbin
2015-11-07 00:07 - 2015-11-07 00:07 - 00023056 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2015-11-07 00:07 - 2015-11-07 00:07 - 00023048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2015-11-07 00:05 - 2015-11-07 01:49 - 00000000 ____D C:\mbar
2015-11-07 00:05 - 2015-11-07 01:04 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-07 00:04 - 2015-11-07 00:05 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Marissa\Downloads\mbar-1.09.3.1001.exe
2015-11-06 23:22 - 2015-11-06 23:22 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Macromedia
2015-11-06 23:11 - 2015-11-06 23:11 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\kingsoft
2015-11-06 22:56 - 2015-11-07 00:04 - 00000000 ____D C:\Users\Marissa\AppData\Local\MicrosoftEdge
2015-11-06 22:55 - 2015-11-06 22:57 - 00000000 ____D C:\Users\Marissa\AppData\Local\Comms
2015-11-06 22:55 - 2015-11-06 22:55 - 00004154 _____ C:\Windows\System32\Tasks\HPGenoobeReminder
2015-11-06 22:54 - 2015-11-07 01:03 - 00002351 _____ C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-06 22:54 - 2015-11-07 01:03 - 00000000 ___RD C:\Users\Marissa\OneDrive
2015-11-06 22:54 - 2015-11-06 22:54 - 00004178 _____ C:\Windows\System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-1455178037-4009247092-2888788068-1001
2015-11-06 22:53 - 2015-11-07 13:49 - 00000000 ____D C:\Users\Marissa\AppData\Local\Hewlett-Packard
2015-11-06 22:53 - 2015-11-06 22:54 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Hewlett-Packard
2015-11-06 22:53 - 2015-11-06 22:53 - 00000000 ____D C:\Users\Marissa\AppData\Local\HP_Inc
2015-11-06 22:51 - 2015-11-06 22:53 - 00000000 ____D C:\Users\Marissa\AppData\Local\CyberLink
2015-11-06 22:51 - 2015-11-06 22:51 - 00000000 ____D C:\Users\Marissa\Documents\YouCam
2015-11-06 22:51 - 2015-11-06 22:51 - 00000000 ____D C:\Users\Marissa\AppData\Local\Publishers
2015-11-06 22:51 - 2015-11-06 22:51 - 00000000 ____D C:\Users\Marissa\AppData\Local\DropboxOEM
2015-11-06 22:50 - 2015-11-07 14:21 - 00000000 ____D C:\Users\Marissa\AppData\Local\Packages
2015-11-06 22:50 - 2015-11-07 00:51 - 00000000 ____D C:\Users\Marissa
2015-11-06 22:50 - 2015-11-06 22:50 - 00016148 _____ C:\Windows\system32\DESKTOP-H2L8P6U_defaultuser0_HistoryPrediction.bin
2015-11-06 22:50 - 2015-11-06 22:50 - 00000184 _____ C:\Windows\insFileSpec
2015-11-06 22:50 - 2015-11-06 22:50 - 00000020 ___SH C:\Users\Marissa\ntuser.ini
2015-11-06 22:50 - 2015-11-06 22:50 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-06 22:50 - 2015-11-06 22:50 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Synaptics
2015-11-06 22:50 - 2015-11-06 22:50 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Adobe
2015-11-06 22:50 - 2015-11-06 22:50 - 00000000 ____D C:\Users\Marissa\AppData\Local\VirtualStore
2015-11-06 22:50 - 2015-11-06 22:50 - 00000000 ____D C:\Users\Marissa\AppData\Local\TileDataLayer
2015-11-06 22:50 - 2015-07-24 02:26 - 00000000 ___HD C:\Users\Marissa\Documents\hp.system.package.metadata
2015-11-06 22:50 - 2015-07-10 03:04 - 00000000 __RSD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-11-06 22:50 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-11-06 22:50 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-06 22:50 - 2015-07-10 03:04 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-11-05 13:04 - 2015-11-05 13:04 - 00016148 _____ C:\Windows\system32\AVAFKIU3SVDO0_Administrator_HistoryPrediction.bin
2015-11-05 13:00 - 2015-11-05 13:00 - 00016148 _____ C:\Windows\system32\WIN-1701AA886RE_Administrator_HistoryPrediction.bin
2015-11-05 12:13 - 2015-11-05 12:59 - 00015243 _____ C:\Windows\diagwrn.xml
2015-11-05 12:13 - 2015-11-05 12:59 - 00015243 _____ C:\Windows\diagerr.xml
2015-11-05 11:57 - 2015-11-05 11:57 - 00016148 _____ C:\Windows\system32\I2B6KB1CGJC4A_Administrator_HistoryPrediction.bin
2015-11-05 11:44 - 2015-11-05 11:44 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-11-05 11:36 - 2015-11-05 11:36 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-05 11:30 - 2015-11-05 11:30 - 00003182 _____ C:\Windows\System32\Tasks\DropboxOEM
2015-11-05 11:30 - 2015-11-05 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2015-11-05 11:30 - 2015-11-05 11:30 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-11-05 11:29 - 2015-11-05 11:29 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-11-05 11:27 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-05 11:27 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-05 11:27 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-05 11:27 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-05 11:27 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-05 11:27 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-11-05 11:27 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-11-05 11:27 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-05 11:27 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-05 11:27 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-05 11:27 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-05 11:27 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-05 11:27 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-05 11:27 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-05 11:27 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-05 11:27 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-05 11:27 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-05 11:27 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-05 11:27 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-05 11:27 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-05 11:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-05 11:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-05 11:27 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-05 11:27 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-05 11:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-05 11:27 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-05 11:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-05 11:27 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-05 11:27 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-05 11:27 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-05 11:27 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-05 11:27 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-05 11:27 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-05 11:27 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-05 11:27 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-05 11:27 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-05 11:27 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-05 11:27 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-05 11:27 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-05 11:27 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-05 11:27 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-05 11:27 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-05 11:27 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-05 11:27 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-05 11:27 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-11-05 11:27 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-05 11:27 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-11-05 11:27 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-05 11:27 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-11-05 11:27 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-05 11:27 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-05 11:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-05 11:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-05 11:27 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-05 11:27 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-05 11:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-05 11:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-05 11:27 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-05 11:27 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-05 11:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-05 11:27 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-05 11:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-05 11:27 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-05 11:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-05 11:27 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-05 11:27 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-05 11:27 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-05 11:27 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-05 11:27 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-05 11:27 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-05 11:27 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-05 11:27 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-05 11:27 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-05 11:27 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-05 11:27 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-05 11:27 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-05 11:27 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-05 11:27 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-05 11:27 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-05 11:27 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-05 11:27 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-05 11:27 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-05 11:27 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-05 11:27 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-05 11:27 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-05 11:27 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-05 11:27 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-05 11:27 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-05 11:27 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-05 11:27 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-05 11:27 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-05 11:27 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-05 11:27 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-05 11:27 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-05 11:27 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-05 11:27 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-05 11:27 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-05 11:27 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-05 11:27 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-05 11:27 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-05 11:27 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-05 11:27 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-05 11:27 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-05 11:27 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-05 11:27 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-05 11:27 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-05 11:26 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-05 11:26 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-05 11:26 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-05 11:26 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-05 11:26 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-05 11:26 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-05 11:26 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-05 11:26 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-05 11:26 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-05 11:26 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-05 11:26 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-05 11:26 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-05 11:26 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-05 11:26 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-05 11:26 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-05 11:26 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-05 11:26 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-05 11:26 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-05 11:26 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-05 11:26 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-05 11:26 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-05 11:26 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-05 11:26 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-05 11:26 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-05 11:26 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-05 11:26 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-05 11:26 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-05 11:26 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-05 11:26 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-05 11:26 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-05 11:26 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-05 11:26 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-05 11:26 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-05 11:26 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-05 11:26 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-05 11:26 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-05 11:26 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-05 11:26 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-05 11:26 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-05 11:26 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-05 11:26 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-05 11:26 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-05 11:26 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-05 11:26 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-05 11:26 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-05 11:26 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-05 11:26 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-05 11:26 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-05 11:23 - 2015-11-07 00:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-05 11:23 - 2015-11-07 00:26 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-11-05 11:23 - 2015-11-07 00:25 - 00000000 ____D C:\ProgramData\WildTangent
2015-11-05 11:21 - 2015-11-05 11:34 - 00000000 ____D C:\Program Files\CyberLink
2015-11-05 11:20 - 2015-11-07 00:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-11-05 11:20 - 2015-11-05 11:20 - 00003224 _____ C:\Windows\System32\Tasks\YCMServiceAgent
2015-11-05 11:20 - 2013-10-28 23:26 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd6.sys
2015-11-05 11:18 - 2015-11-07 19:43 - 00000420 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2015-11-05 11:18 - 2015-11-07 19:40 - 00000420 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2015-11-05 11:18 - 2015-11-05 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-05 11:18 - 2015-11-05 11:18 - 00003474 _____ C:\Windows\System32\Tasks\WpsUpdateTask_Administrator
2015-11-05 11:18 - 2015-11-05 11:18 - 00003474 _____ C:\Windows\System32\Tasks\WpsNotifyTask_Administrator
2015-11-05 11:18 - 2015-11-05 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2015-11-05 11:18 - 2015-11-05 11:18 - 00000000 ____D C:\ProgramData\Kingsoft
2015-11-05 11:17 - 2015-11-05 11:17 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 04760576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 04611584 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 04350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 02112512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01591856 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01365072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 01135312 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 01043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00750592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00695136 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00584544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00521568 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00505344 _____ C:\Windows\system32\EditionUpgradeManagerObj.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00425824 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00325984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00290312 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\OmaDmAgent.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00082616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\unenrollhook.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00061280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.PAL.Desktop.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\omadmprc.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2015-11-05 11:17 - 2015-11-05 11:17 - 00032768 _____ C:\Windows\system32\LicenseManagerApi.dll
2015-11-05 11:17 - 2015-11-05 11:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-11-05 11:17 - 2015-11-05 11:17 - 00000000 ____D C:\Program Files (x86)\Kingsoft
2015-11-05 11:16 - 2015-11-05 11:51 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-05 11:15 - 2015-11-05 11:20 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-11-05 11:14 - 2015-11-05 11:31 - 00000000 ____D C:\ProgramData\Temp
2015-11-05 11:14 - 2015-11-05 11:31 - 00000000 ____D C:\ProgramData\install_clap
2015-11-05 11:14 - 2015-11-05 11:20 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-11-05 11:14 - 2015-11-05 11:14 - 00003978 _____ C:\Windows\System32\Tasks\avast! SL Update
2015-11-05 11:14 - 2015-11-05 11:14 - 00002128 _____ C:\Windows\System32\Tasks\Avast SecureLine
2015-11-05 11:14 - 2015-11-05 11:14 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-05 11:14 - 2015-11-05 11:14 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-05 11:13 - 2015-11-05 11:13 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk
2015-11-05 11:12 - 2015-07-10 03:01 - 00031816 _____ C:\Windows\Core.xml
2015-11-05 11:10 - 2015-11-06 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-11-05 11:07 - 2015-11-06 23:25 - 00000000 ____D C:\ProgramData\mcafee
2015-11-05 11:06 - 2015-11-05 11:06 - 00000000 ____D C:\Program Files (x86)\HP
2015-11-05 11:05 - 2015-11-05 11:44 - 00000000 ___RD C:\Program Files\Online Services
2015-11-05 11:05 - 2015-11-05 11:05 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_cNB_15 Notebook PC_Y5335KV_0U_Q5CD5300NL6_E15WW3TDT601_4A_I2330_SHP_V99.24_BF.31_T150714_W1101-0_L409_M3555_J500_7AMD_8F01_92.00_#151105_N10EC8179;10EC8136_(N5Y24UA#ABA)_XMOBILE_CN10_Z.MRK
2015-11-05 11:05 - 2015-11-05 11:05 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_cNB_15 Notebook PC_Y5335KV_0U_Q5CD5300NL6_E15WW3TDT601_4A_I2330_SHP_V99.24_BF.31_T150714_W1101-0_L409_M3555_J500_7AMD_8F01_92.00_#151105_N10EC8179;10EC8136_(N5Y24UA#ABA)_XMOBILE_CN10_Z.MRK
2015-11-05 11:03 - 2015-11-05 11:03 - 00000000 ____D C:\ProgramData\Apple
2015-11-05 11:03 - 2015-07-10 17:05 - 00432648 _____ (HP) C:\Windows\system32\hpbprtmon.dll
2015-11-05 11:03 - 2015-07-10 17:05 - 00420872 _____ (HP) C:\Windows\system32\hpbrprtmon.dll
2015-11-05 11:03 - 2015-07-10 17:05 - 00239624 _____ (HP) C:\Windows\system32\hpbprtmonui.dll
2015-11-05 11:02 - 2015-11-05 11:02 - 00000000 ____D C:\Program Files\HP
2015-11-05 10:59 - 2015-11-05 10:59 - 00000000 ____D C:\ProgramData\Synaptics
2015-11-05 10:52 - 2015-11-05 11:55 - 00000000 ____D C:\Windows\SysWOW64\sda
2015-11-05 10:52 - 2015-07-09 01:08 - 09890008 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2015-11-05 10:52 - 2015-07-09 01:08 - 00752856 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsPer.sys
2015-11-05 10:52 - 2015-07-09 01:08 - 00402136 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2015-11-05 10:52 - 2015-07-09 01:08 - 00365272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2015-11-05 10:52 - 2015-07-09 01:08 - 00313048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsBaStor.sys
2015-11-05 10:52 - 2015-07-09 01:08 - 00301784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys
2015-11-05 10:52 - 2015-07-09 01:08 - 00083160 _____ (Realtek Semiconductor.) C:\Windows\system32\RtCRX64.dll
2015-11-05 10:51 - 2015-11-05 10:51 - 00004170 _____ C:\Windows\SysWOW64\RealtekWLAN.log
2015-11-05 10:51 - 2015-11-05 10:51 - 00000000 ____D C:\Program Files (x86)\Cisco
2015-11-05 10:51 - 2015-07-13 01:24 - 00886528 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2015-11-05 10:51 - 2015-07-13 01:24 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-11-05 10:51 - 2013-04-01 23:19 - 00574464 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2015-11-05 10:51 - 2010-12-01 09:31 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2015-11-05 10:50 - 2015-11-05 10:50 - 00067777 _____ C:\Windows\SysWOW64\CCCInstall_201511051050096509.log
2015-11-05 10:50 - 2015-11-05 10:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-11-05 10:50 - 2015-11-05 10:50 - 00000000 ____D C:\Program Files\Synaptics
2015-11-05 10:49 - 2015-11-07 19:30 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-05 10:49 - 2015-11-05 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-11-05 10:49 - 2015-11-05 10:49 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-11-05 10:49 - 2015-11-05 10:49 - 00000000 _____ C:\Windows\ativpsrm.bin
2015-11-05 10:48 - 2015-11-07 00:07 - 47804432 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 27553312 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 21653520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-11-05 10:48 - 2015-11-07 00:07 - 12175392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 09069104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 01494528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 01265184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 00884752 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 00692256 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-11-05 10:48 - 2015-11-07 00:07 - 00683032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-11-05 10:48 - 2015-11-07 00:07 - 00264224 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-11-05 10:48 - 2015-11-07 00:07 - 00175632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-11-05 10:48 - 2015-11-07 00:07 - 00172432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-11-05 10:48 - 2015-11-05 11:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-05 10:48 - 2015-11-05 10:50 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-11-05 10:48 - 2015-11-05 10:49 - 00000000 ____D C:\Program Files\AMD
2015-11-05 10:48 - 2015-07-14 02:39 - 00737410 _____ C:\Windows\system32\atiicdxx.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00250884 _____ C:\Windows\system32\ativvaxy_FJ.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2015-11-05 10:48 - 2015-07-14 02:39 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2015-11-05 10:48 - 2015-07-14 02:39 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-11-05 10:48 - 2015-07-14 02:39 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-11-05 10:48 - 2015-07-14 02:39 - 00102912 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2015-11-05 10:48 - 2015-07-14 02:39 - 00018968 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\AmdAS4.sys
2015-11-05 10:47 - 2015-11-05 10:47 - 00011070 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2015-11-05 10:47 - 2015-11-05 10:47 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-11-05 10:47 - 2015-11-05 10:47 - 00000000 ____D C:\Windows\system32\SRSLabs
2015-11-05 10:47 - 2015-11-05 10:47 - 00000000 ____D C:\Program Files\Realtek
2015-11-05 10:47 - 2015-07-13 02:34 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-11-05 10:47 - 2015-07-13 02:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-11-05 10:47 - 2015-07-13 02:34 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-11-05 10:47 - 2015-07-13 02:34 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-11-05 10:47 - 2015-07-13 02:34 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-11-05 10:47 - 2015-07-13 02:34 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-11-05 10:47 - 2015-07-13 02:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-11-05 10:46 - 2015-11-05 10:52 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-11-05 10:46 - 2015-11-05 10:47 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-11-05 10:46 - 2015-07-13 02:34 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-11-05 10:46 - 2015-07-13 02:34 - 35222128 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-11-05 10:46 - 2015-07-13 02:34 - 04514008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-11-05 10:46 - 2015-07-13 02:34 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 02825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 02702552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-11-05 10:46 - 2015-07-13 02:34 - 01749208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 01310936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00184688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-11-05 10:46 - 2015-07-13 02:34 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-11-05 10:45 - 2015-11-06 23:32 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-11-05 10:45 - 2015-11-05 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-11-05 10:44 - 2015-11-05 11:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-05 10:41 - 2015-11-05 10:41 - 00000000 ____D C:\ProgramData\{C6FA530F-BB98-4D9F-BA00-45FD0698077C}
2015-11-05 10:38 - 2015-11-05 10:38 - 00016148 _____ C:\Windows\system32\WIN-P0QA8318ROG_Administrator_HistoryPrediction.bin
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-07 23:03 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\AppReadiness
2015-11-07 23:02 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\sru
2015-11-07 19:35 - 2015-07-15 22:09 - 00968010 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-07 19:30 - 2015-07-10 04:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-07 19:30 - 2015-07-10 01:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-07 13:48 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\appcompat
2015-11-07 01:50 - 2015-07-15 22:50 - 00000000 ____D C:\Windows\Panther
2015-11-07 01:39 - 2015-07-10 03:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-11-07 01:35 - 2015-07-10 03:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-07 00:55 - 2015-07-10 05:16 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ___SD C:\Windows\system32\F12
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ___RD C:\Windows\PurchaseDialog
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\oobe
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\Provisioning
2015-11-07 00:55 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\L2Schemas
2015-11-07 00:35 - 2015-07-10 02:55 - 00000000 ____D C:\Windows\CbsTemp
2015-11-07 00:34 - 2015-07-24 02:25 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-11-07 00:12 - 2015-07-10 02:59 - 04629744 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2015-11-07 00:10 - 2015-07-07 04:43 - 01804696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-11-07 00:10 - 2015-07-07 04:43 - 00764616 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2015-11-07 00:10 - 2015-07-07 04:43 - 00614088 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2015-11-07 00:10 - 2015-07-07 04:43 - 00269000 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2015-11-07 00:10 - 2015-07-07 04:43 - 00255688 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo31.dll
2015-11-06 23:22 - 2015-07-10 01:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2015-11-06 23:13 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\restore
2015-11-06 22:54 - 2015-07-24 02:35 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-11-06 22:50 - 2015-07-13 08:28 - 00000000 ___HD C:\SYSTEM.SAV
2015-11-05 13:17 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\rescache
2015-11-05 13:03 - 2015-07-10 01:05 - 00000000 ____D C:\Windows\system32\Sysprep
2015-11-05 12:13 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\Registration
2015-11-05 12:12 - 2015-07-15 22:01 - 00000000 __SHD C:\Recovery
2015-11-05 12:12 - 2015-07-13 08:28 - 00000000 ____D C:\SWSetup
2015-11-05 12:12 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\system32\Recovery
2015-11-05 11:44 - 2015-07-24 02:26 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-11-05 11:29 - 2015-07-24 02:25 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-11-05 11:20 - 2015-07-10 03:04 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-11-05 11:19 - 2015-07-10 03:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-11-05 11:19 - 2015-07-10 03:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-11-05 11:19 - 2015-07-10 01:05 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-11-05 11:19 - 2015-07-10 01:05 - 00000000 ____D C:\Windows\system32\Dism
2015-11-05 11:13 - 2015-07-24 03:10 - 00000012 _____ C:\Windows\CSUP.txt
2015-11-05 11:10 - 2015-07-10 03:04 - 00000124 _____ C:\Windows\win.ini
2015-11-05 11:06 - 2015-07-16 18:35 - 00000000 ___HD C:\hp
2015-10-15 19:10 - 2015-07-10 03:06 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-15 19:10 - 2015-07-10 03:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
Some files in TEMP:
====================
C:\Users\Marissa\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Marissa\AppData\Local\Temp\mccspuninstall.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-15 22:00
 
==================== End of FRST.txt ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Marissa (2015-11-07 23:25:03)
Running from C:\Users\Marissa\Downloads
Windows 10 Home (X64) (2015-11-07 06:46:47)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1455178037-4009247092-2888788068-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1455178037-4009247092-2888788068-503 - Limited - Disabled)
Guest (S-1-5-21-1455178037-4009247092-2888788068-501 - Limited - Disabled)
Marissa (S-1-5-21-1455178037-4009247092-2888788068-1001 - Administrator - Enabled) => C:\Users\Marissa
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 9.0.318.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 9.0.318.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
AMD Catalyst Install Manager (HKLM\...\{E7659924-9EC9-B722-0136-A6D414E6E29E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.2 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6713 - CyberLink Corp.)
CyberLink PhotoDirector (Version: 5.0.5.6713 - CyberLink Corp.) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4301 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4.4301 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
ESET NOD32 Antivirus (HKLM\...\{60853F5E-E6F5-4A34-BBCD-C09D49BB5E64}) (Version: 9.0.318.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version:  - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.26.62 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.87 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.58 - REALTEK Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1455178037-4009247092-2888788068-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marissa\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
 
==================== Restore Points =========================
 
07-11-2015 02:21:35 11/7/2015
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 03:04 - 2015-07-10 03:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06629151-0C94-4A0E-81E1-906D958B34A0} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-06-30] (CyberLink Corp.)
Task: {0AAD3292-EE3A-4CDC-9B81-C4B1231E7EED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {0ED73FE3-129C-4AFC-BE7F-0A00B34F258F} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {16C45EE9-2A4F-412D-84D4-2BD9AB773DF6} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2015-07-02] ()
Task: {29EE10BC-00FF-4CF7-807A-BA0D22C75E09} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {32B7A5BA-6520-4A3B-8BF7-B36ECC477585} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {44743B36-BF2F-4E0C-9293-2E8F569C36DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {9AB18A80-AD87-4C19-990D-528B9EB8106B} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {9CCB2875-AF08-4013-97E6-0DC918F92CD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-07] (Google Inc.)
Task: {ABEA61E8-FDE9-4062-AE5E-54652DF47CE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company)
Task: {B041AC17-9C1A-4031-B508-A6A95105A98D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {C3755058-710C-4BC4-9C32-889E9C6A27CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {C55882EA-B534-418B-8297-26AA2EE0F112} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2015-04-29] (AVAST Software)
Task: {C91552E3-87E4-4D82-98D6-218AD33A82D3} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-04-29] (AVAST Software)
Task: {DACEC5D6-E720-4940-9A00-5E50AB7F5D9A} - System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-1455178037-4009247092-2888788068-1001 => C:\Program Files\Hewlett-Packard\HP Welcome\Garage.Container.exe [2015-07-13] (HP Inc)
Task: {E0A58585-F8FD-4ECF-A1B9-02CB97DCC824} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
Task: {EFED96FC-D852-4C87-9C0B-3F99C84A71BD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-02] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-11-05 11:17 - 2015-11-05 11:17 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-11-07 00:24 - 2015-08-11 01:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2015-11-05 11:14 - 2015-04-29 17:04 - 00445240 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-11-05 11:34 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-11-07 00:25 - 2015-09-16 22:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-11-07 00:25 - 2015-09-16 22:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-11-07 00:24 - 2015-09-16 21:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-11-07 00:24 - 2015-09-16 22:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-10 02:59 - 2015-07-10 02:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-11-07 00:25 - 2015-09-16 21:44 - 06569472 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-11-07 00:23 - 2015-09-16 21:42 - 00471040 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-11-07 00:25 - 2015-09-16 21:42 - 01808384 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-11-07 00:25 - 2015-09-16 21:43 - 02274816 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 03:00 - 2015-07-10 05:15 - 00210432 _____ () C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-11-05 11:40 - 2015-11-05 11:40 - 00007680 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.3.201.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
2015-11-05 11:40 - 2015-11-05 11:40 - 09538560 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.3.201.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2015-11-05 11:37 - 2015-11-05 11:37 - 06459392 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x86__8wekyb3d8bbwe\SharedLibrary.dll
2015-11-05 11:37 - 2015-11-05 11:37 - 00902656 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.3.201.0_x86__8wekyb3d8bbwe\SQLiteWrapper.dll
2015-11-05 11:37 - 2015-11-05 11:37 - 03514032 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.3.201.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll
2015-11-05 11:37 - 2015-11-05 11:37 - 00648192 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.3.201.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2015-11-07 00:30 - 2015-10-20 06:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-11-07 00:30 - 2015-10-20 06:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\06421078.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\06421078.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1455178037-4009247092-2888788068-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DBEC0A4C-A086-4E19-99EC-C539AF27AD4B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{B530B899-668C-4C88-AD92-4AE4E77F4517}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{F81B1658-5DC6-4706-8940-9E16737987F0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{B302C6DF-41F5-4D80-B772-C48B3B6BD547}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{6AFBE89F-081D-4483-83BC-67FAF52E6B24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{D55240BE-7879-427F-AE67-03F825A1B0CA}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{7430ABE7-2ADA-4046-AD68-338FFFF67401}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{012D2BA8-1565-4D97-B8B5-7202BE46A870}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E691C0EB-B318-4181-98A4-9D6A4FDCF5D9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{93A6DB94-0353-4E32-8367-47F3F86AB563}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4B48FA42-D0BB-4D32-AE9D-EF0301F4683A}] => (Allow) LPort=2869
FirewallRules: [{2F9A169C-5FD9-43B2-BA96-8A23DDC7DE8E}] => (Allow) LPort=1900
FirewallRules: [{B9EEA9AC-AB36-4FAE-AA22-71E8D424496E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe FE Family Controller #2
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: rt640x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/07/2015 07:32:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/07/2015 07:32:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/07/2015 07:30:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H2L8P6U)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/07/2015 07:18:20 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/07/2015 07:18:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/07/2015 07:12:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H2L8P6U)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/07/2015 06:54:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/07/2015 06:53:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/07/2015 06:51:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H2L8P6U)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/07/2015 06:41:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (11/07/2015 11:06:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 8 0x0 0x0
 
Error: (11/07/2015 11:06:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 4 0x0 0x0
 
Error: (11/07/2015 11:06:23 PM) (Source: RTWlanE) (EventID: 5002) (User: )
Description: Realtek RTL8188EE 802.11 b/g/n Wi-Fi Adapter : Has determined that the network adapter is not functioning properly.
 
Error: (11/07/2015 11:06:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 1 0xc 0x4
 
Error: (11/07/2015 07:33:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AdaptiveSleepService service failed to start due to the following error: 
%%2
 
Error: (11/07/2015 07:30:35 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: The system watchdog timer was triggered.
 
Error: (11/07/2015 07:30:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H2L8P6U)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
 
Error: (11/07/2015 07:30:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/07/2015 07:12:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H2L8P6U)
Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider
 
Error: (11/07/2015 07:12:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
==================== Memory info =========================== 
 
Processor: AMD A6-5200 APU with Radeon™ HD Graphics 
Percentage of memory in use: 53%
Total physical RAM: 3554.01 MB
Available physical RAM: 1639.78 MB
Total Virtual: 4898.01 MB
Available Virtual: 2677.77 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:446.2 GB) (Free:407.14 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.46 GB) (Free:2.16 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 69865673)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,977 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:26 PM

Posted 08 November 2015 - 10:00 AM

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

S2 AdaptiveSleepService; "c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe" [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Users\Marissa\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Marissa\AppData\Local\Temp\mccspuninstall.exe

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Let check these processes/Apps.


Please run the Farbar Recovery Scan Tool. Enter Realtek HD Auido;Voice Recorder in the Search Box.
Click the Search Registry button, post the content of the Search.txt file in your next reply.

#5 Pen_Rich

Pen_Rich
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 08 November 2015 - 06:00 PM

I appreciate your help.  As for the programs Realtek HD Auido and Voice Recorder, I was able to successfully uninstall them using CCleaner and they have not reinstalled themselves since, so I assume I should skip your request to search for those programs?  Here is the Fixlog.txt log:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Marissa (2015-11-08 13:37:33) Run:1
Running from C:\Users\Marissa\Downloads
Loaded Profiles: Marissa &  (Available Profiles: Marissa & Administrator)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
S2 AdaptiveSleepService; "c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe" [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
C:\Users\Marissa\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Marissa\AppData\Local\Temp\mccspuninstall.exe
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
AdaptiveSleepService => service removed successfully
wfpcapture => service removed successfully
C:\Users\Marissa\AppData\Local\Temp\McCSPInstall.dll => moved successfully
C:\Users\Marissa\AppData\Local\Temp\mccspuninstall.exe => moved successfully
EmptyTemp: => 518.6 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 13:38:52 ====


#6 Pen_Rich

Pen_Rich
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 09 November 2015 - 03:31 AM

If I may please add to my previous post, I noticed an unusual file C:\b07de7f88c500ab4e3.  The file contains 2 Applications: "mrt" and "mrtstub".  As stated in my initial post, malwarebytes anti-rootkit previously quarantined something called "MRT".  I hope it might be helpful to provide a Search.txt file for these Apps:

 
Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by My-PC (2015-11-08 23:22:47)
Running from C:\Users\My-PC\Downloads
Boot Mode: Normal
 
================== Search Registry: "mrt;mrtstub" ===========
 
 
===================== Search result for "mrt" ==========
 
[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..-deployment_31bf3856ad364e35_10.0.10240.16384_bd58dc30deb2aa38]
"p!CBS_microsoft-windows-mrt10-wow64-package~31bf3856ad364e35~amd64_d385994f6342ed0f"="0x6F000000000000004D6963726F736F66742D57696E646F77732D4D525431302D574F5736342D5061636B6167657E333162663338353661643336346533357E616D6436347E7E31302E302E31303234302E31363338342E3532613366373563643234336632393432646564346435363730666337383938"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..-deployment_31bf3856ad364e35_10.0.10240.16384_bd58dc30deb2aa38]
"i!CBS_microsoft-windows-mrt10-wow64-package~31bf3856ad364e35~amd64_d385994f6342ed0f"="0x6F000000000000004D6963726F736F66742D57696E646F77732D4D525431302D574F5736342D5061636B6167657E333162663338353661643336346533357E616D6436347E7E31302E302E31303234302E31363338342E3532613366373563643234336632393432646564346435363730666337383938"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..-deployment_31bf3856ad364e35_10.0.10240.16384_fd4834fa4e5f9766]
"s!CBS_microsoft-windows-mrt10-package~31bf3856ad364e35~amd64~~10.0_5b6e154e8bac779c"="0x69000000000000004D6963726F736F66742D57696E646F77732D4D525431302D5061636B6167657E333162663338353661643336346533357E616D6436347E7E31302E302E31303234302E31363338342E6534343536633162633466633563663862666534643433373438306262626638"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..anguagepack_31bf3856ad364e35_10.0.10240.16384_c3c188ce5b2ae346]
"p!CBS_microsoft-windows-mrt10-wow64-package~31bf3856ad364e35~amd64_1454a418ec0ce130"="0x74000000000000004D6963726F736F66742D57696E646F77732D4D525431302D574F5736342D5061636B6167657E333162663338353661643336346533357E616D6436347E656E2D55537E31302E302E31303234302E31363338342E3962613264363662386434326266376535353433643961663930333234346135"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..anguagepack_31bf3856ad364e35_10.0.10240.16384_c3c188ce5b2ae346]
"i!CBS_microsoft-windows-mrt10-wow64-package~31bf3856ad364e35~amd64_1454a418ec0ce130"="0x74000000000000004D6963726F736F66742D57696E646F77732D4D525431302D574F5736342D5061636B6167657E333162663338353661643336346533357E616D6436347E656E2D55537E31302E302E31303234302E31363338342E3962613264363662386434326266376535353433643961663930333234346135"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\CanonicalData\Deployments\microsoft-w..anguagepack_31bf3856ad364e35_10.0.10240.16384_ce46bbc01bc39d9e]
"s!CBS_microsoft-windows-mrt10-package~31bf3856ad364e35~amd64~en-us_dfb0d895f4598475"="0x6E000000000000004D6963726F736F66742D57696E646F77732D4D525431302D5061636B6167657E333162663338353661643336346533357E616D6436347E656E2D55537E31302E302E31303234302E31363338342E3736363534633636373439643336356631623763363536393464316534616461"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-f..ruetype-myanmartext_31bf3856ad364e35_10.0.10240.16384_none_60e8b2fde603f6db]
"f!mmrtext.ttf"="1"
 
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-mrt-v1.0-map_31bf3856ad364e35_10.0.10240.16384_none_d59575876f4547ec]
 
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-mrt10-deployment_31bf3856ad364e35_10.0.10240.16384_none_fd4834fa4e5f9766]
 
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-mrt10_31bf3856ad364e35_10.0.10240.16384_none_69a8b83777846e90]
 
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\wow64_microsoft-windows-mrt-v1.0-map_31bf3856ad364e35_10.0.10240.16384_none_dfea1fd9a3a609e7]
 
[HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\wow64_microsoft-windows-mrt10_31bf3856ad364e35_10.0.10240.16384_none_73fd6289abe5308b]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADE27590-4C84-4ABB-AE56-8233CC73D80F}]
""="MrtStringResolver Class"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{00f2acd7-0cfc-404a-b7a4-5488dbc62b5f}]
""="__x_Windows_CInternal_CStateRepository_CIMrtDefaultTileStatics"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{11bcfe6e-7e02-4a89-8384-01bee5954b14}]
""="__x_Windows_CInternal_CStateRepository_CIMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{27f3aecf-a1ef-5130-ad72-1f121c1398bc}]
""="__FIIterable_1_Windows__CInternal__CStateRepository__CMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2e946340-53bf-54c2-8fa2-56ebd4439fbb}]
""="__FIVectorView_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4f855185-3506-56e4-87b4-78cfc2a9f8e0}]
""="__FIIterator_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7564292d-36b7-4556-bc8b-aa32dda49bc0}]
""="__x_Windows_CInternal_CStateRepository_CIMrtApplicationStatics"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8e0f95e9-6a20-4ac3-85d9-6765d7b711fa}]
""="__x_Windows_CInternal_CStateRepository_CIMrtPackageStatics"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{a3905282-f9fd-5e05-932c-1b632dea2a9d}]
""="__FIVector_1_Windows__CInternal__CStateRepository__CMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{bdef771e-f5ac-53b5-9c0a-0c753cba66db}]
""="__FIIterator_1_Windows__CInternal__CStateRepository__CMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{d57dcd42-4b5a-504b-ae07-8c1cb11bba4d}]
""="__FIIterator_1_Windows__CInternal__CStateRepository__CMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{f4a0e48a-6f06-55b7-8a2a-ee1f1d660cbd}]
""="__FIIterable_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DBCE7E40-7345-439D-B12C-114A11819A09}]
""="MrtResourceManager Class"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{056644f8-9fc1-59ce-b607-a9df16ce2e68}]
""="__FIVectorView_1_Windows__CInternal__CStateRepository__CMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{130A2F65-2BE7-4309-9A58-A9052FF2B61C}]
""="IMrtResourceManager"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2B9C347E-56FB-4947-AB47-6982BB2CF28D}]
""="IWebAccountProviderWithMrtResourceIcon"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3dc9a974-9fd2-5aa8-81a7-f854ef29302d}]
""="__FIVector_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5f799f53-b323-5e2e-ba52-e176d0ca4cda}]
""="__FIVectorView_1_Windows__CInternal__CStateRepository__CMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8afe010a-b611-484e-944d-5ea6e4a23569}]
""="__x_Windows_CInternal_CStateRepository_CIMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{939d0524-6f9f-5c7f-8d0d-4a1cc5014d68}]
""="__FIVector_1_Windows__CInternal__CStateRepository__CMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{a9bbad79-fc21-5a1f-81f8-401f6f624c59}]
""="__FIIterable_1_Windows__CInternal__CStateRepository__CMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{CFA81E06-A062-4E18-A62D-925397413383}]
""="IMrtStringResolver"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{e15958e5-d7fd-435b-a075-0b959b6788d5}]
""="__x_Windows_CInternal_CStateRepository_CIMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
"DllName"="Smrt-Shpr.dll"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MRT]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~~0.0.0.0]
"Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384"="2"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageDetect\Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~~0.0.0.0]
"Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384"="2"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~en-US~0.0.0.0]
"Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384"="0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~~0.0.0.0]
"Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~~10.0.10240.16384"="0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~en-US~0.0.0.0]
"Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384"="0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackageIndex\Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~~0.0.0.0]
"Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~~10.0.10240.16384"="0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384]
"InstallName"="Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384.mum"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~~10.0.10240.16384]
"InstallName"="Microsoft-Windows-MRT10-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.mum"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384]
"InstallName"="Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~en-US~10.0.10240.16384.mum"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~~10.0.10240.16384]
"InstallName"="Microsoft-Windows-MRT10-WOW64-Package~31bf3856ad364e35~amd64~~10.0.10240.16384.mum"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F08E79CFCCE0B06FFA87E8EF7A9C149C]
"E78EE4B804D619C45B8ED07CD74C211F"="c:\Program Files (x86)\HP\HP System Event\SmrtAdptr.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-mrt10-deployment_31bf3856ad364e35_none_72c4e343d7b13f2e]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_microsoft-windows-mrt10_31bf3856ad364e35_none_29a973b744e60ad4]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\wow64_microsoft-windows-mrt10_31bf3856ad364e35_none_33fe1e097946cccf]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts]
"Myanmar Text Bold (TrueType)"="mmrtextb.ttf"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\KnownManagedDebuggingDlls]
"C:\Windows\System32\mrt_map.dll"="0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliaryDlls]
"C:\Windows\system32\mrt100.dll"="C:\Windows\System32\mrt_map.dll"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C39A9897-341C-441A-84B2-2F043F84ABF7}]
"URI"="\Microsoft\Windows\RemovalTools\MRT_HB"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.MrtApplication]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.MrtPackage]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{0ec06a7c-1e30-313a-a1f8-29e53a1e1bea}]
"ActivatableClassId"="Windows.Internal.StateRepository.MrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Synaptics\SynTP\Defaults]
"PalmRTTap"="4"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}]
"DllName"="Smrt-Shpr.dll"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\KnownManagedDebuggingDlls]
"C:\Windows\SysWOW64\mrt_map.dll"="0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\MiniDumpAuxiliaryDlls]
"C:\Windows\system32\mrt100.dll"="C:\Windows\SysWOW64\mrt_map.dll"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Fonts]
"Myanmar Text Bold (TrueType)"="mmrtextb.ttf"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.MrtApplication]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.MrtPackage]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\WindowsRuntime\CLSID\{7b8a82eb-1303-3e01-985e-d45445070782}]
"ActivatableClassId"="Windows.Internal.StateRepository.MrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{ADE27590-4C84-4ABB-AE56-8233CC73D80F}]
""="MrtStringResolver Class"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{00f2acd7-0cfc-404a-b7a4-5488dbc62b5f}]
""="__x_Windows_CInternal_CStateRepository_CIMrtDefaultTileStatics"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{11bcfe6e-7e02-4a89-8384-01bee5954b14}]
""="__x_Windows_CInternal_CStateRepository_CIMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{27f3aecf-a1ef-5130-ad72-1f121c1398bc}]
""="__FIIterable_1_Windows__CInternal__CStateRepository__CMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{2e946340-53bf-54c2-8fa2-56ebd4439fbb}]
""="__FIVectorView_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{4f855185-3506-56e4-87b4-78cfc2a9f8e0}]
""="__FIIterator_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{7564292d-36b7-4556-bc8b-aa32dda49bc0}]
""="__x_Windows_CInternal_CStateRepository_CIMrtApplicationStatics"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{8e0f95e9-6a20-4ac3-85d9-6765d7b711fa}]
""="__x_Windows_CInternal_CStateRepository_CIMrtPackageStatics"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{a3905282-f9fd-5e05-932c-1b632dea2a9d}]
""="__FIVector_1_Windows__CInternal__CStateRepository__CMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{bdef771e-f5ac-53b5-9c0a-0c753cba66db}]
""="__FIIterator_1_Windows__CInternal__CStateRepository__CMrtApplication"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{d57dcd42-4b5a-504b-ae07-8c1cb11bba4d}]
""="__FIIterator_1_Windows__CInternal__CStateRepository__CMrtPackage"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{f4a0e48a-6f06-55b7-8a2a-ee1f1d660cbd}]
""="__FIIterable_1_Windows__CInternal__CStateRepository__CMrtDefaultTile"
 
[HKEY_USERS\S-1-5-21-3454558883-1924925101-920512365-1001\SOFTWARE\HP\HP System Event\SmartAdapter\0001]
"ApplicationPath"="%PROGRAMFILES%\HP\HP System Event\SmrtAdptr.exe"
 
[HKEY_USERS\S-1-5-21-3454558883-1924925101-920512365-1001\SOFTWARE\HP\HP System Event\SmartAdapter\0003]
"ApplicationPath"="%PROGRAMFILES%\HP\HP System Event\SmrtAdptr.exe"
 
[HKEY_USERS\S-1-5-21-3454558883-1924925101-920512365-1001_Classes\Local Settings\MrtCache]
====== End of Search ======


#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,977 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:26 PM

Posted 09 November 2015 - 10:01 AM


MRT stands for Microsoft Removal Tool The removal was not complete and there are some leftover that we need to clean.

Copy the text IN THE CODE BOX below to notepad. Save it as fixme.reg to your desktop.
Be sure the "Save as" type is set to "all files" Once you have saved Right click the .reg file and allow it to merge with the registry.

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MRT]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C39A9897-341C-441A-84B2-2F043F84ABF7}]
"URI"=-
Restart the when completed.

You can delete the fixme.reg file when done.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.


start

CloseProcesses:

Task: {EFED96FC-D852-4C87-9C0B-3F99C84A71BD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-02] (Microsoft Corporation)
C:\Windows\system32\MRT.exe

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,977 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:26 PM

Posted 15 November 2015 - 09:17 AM

Are you still with me?

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,977 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:26 PM

Posted 21 November 2015 - 10:04 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users