Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Paraniod, or Super Malware???


  • This topic is locked This topic is locked
7 replies to this topic

#1 antrlee

antrlee

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 27 February 2016 - 08:05 AM

Hi There

 

Instead of writing a vast list of what I think is going wrong with my PC, I will just sum it all up by saying that I have over the past two years been unable to use a PC properly. From my research I can only conclude that the cause of numerous hidden files and services that relate to RAS, Virtualisation, Screen Grabs, Audio and Video recording, also ever present Trojans (Upatre, BHWE, FakeAV, MSWord.agent, ZBot), relates to a UEFI Rootkit that I must have on an infected USB stick and continuosly (re)infect myself. I do a HD format and reinstall Windows every week. It would be nice to work with functional technology again.

 

Any help would be greatly appreciated.

 

A

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
Ran by A (administrator) on DESKTOP-TE3136L (27-02-2016 21:41:14)
Running from C:\Users\A\Desktop
Loaded Profiles: A (Available Profiles: A)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Visagesoft) C:\Users\A\Desktop\New folder\PDFEditor.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Users\A\Desktop\New folder\vspdfprsrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2016-02-09] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [vspdfprsrv.exe] => C:\Users\A\Desktop\New folder\vspdfprsrv.exe [7215616 2014-01-07] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e05ceb53-f4f6-41aa-9f86-83b6ac8138f9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\kls2x01w.default
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-26] (Microsoft Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2016-02-26] (Tempo Semiconductor Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2016-02-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-02-27] (Advanced Micro Devices)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4703488 2016-02-27] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [50880 2016-02-09] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [51392 2016-02-09] (Synaptics Incorporated)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [561680 2016-02-26] (Tempo Semiconductor Inc.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45720 2016-02-09] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-27 21:41 - 2016-02-27 21:41 - 00006449 _____ C:\Users\A\Desktop\FRST.txt
2016-02-27 21:40 - 2016-02-27 21:41 - 02371072 _____ (Farbar) C:\Users\A\Desktop\FRST64.exe
2016-02-27 21:27 - 2016-02-27 21:27 - 00016148 _____ C:\Windows\system32\DESKTOP-TE3136L_A_HistoryPrediction.bin
2016-02-27 21:20 - 2016-02-27 21:26 - 00000000 ____D C:\AdwCleaner
2016-02-27 21:18 - 2016-02-27 21:29 - 00001635 _____ C:\Users\Public\Desktop\PDF Pro 10.lnk
2016-02-27 21:18 - 2016-02-27 21:29 - 00001635 _____ C:\ProgramData\Desktop\PDF Pro 10.lnk
2016-02-27 21:18 - 2016-02-27 21:18 - 00001642 _____ C:\Users\Public\Desktop\PDF Pro 10 Word converter.lnk
2016-02-27 21:18 - 2016-02-27 21:18 - 00001642 _____ C:\Users\Public\Desktop\PDF Pro 10 Creator.lnk
2016-02-27 21:18 - 2016-02-27 21:18 - 00001642 _____ C:\ProgramData\Desktop\PDF Pro 10 Word converter.lnk
2016-02-27 21:18 - 2016-02-27 21:18 - 00001642 _____ C:\ProgramData\Desktop\PDF Pro 10 Creator.lnk
2016-02-27 21:17 - 2016-02-27 21:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-27 21:17 - 2016-02-27 21:17 - 00000000 ____D C:\Users\A\AppData\Roaming\Expert PDF 9
2016-02-27 21:17 - 2016-02-27 21:17 - 00000000 ____D C:\ProgramData\Expert PDF Jobs
2016-02-27 21:17 - 2016-02-27 21:17 - 00000000 ____D C:\ProgramData\Expert PDF 9
2016-02-27 21:17 - 2016-02-27 21:17 - 00000000 ____D C:\ProgramData\Avanquest
2016-02-27 21:17 - 2015-06-19 11:36 - 00027080 _____ (Visagesoft) C:\Windows\system32\vsmon1.dll
2016-02-27 21:06 - 2016-02-27 21:06 - 00000117 _____ C:\Users\A\Desktop\r.txt
2016-02-27 20:46 - 2016-02-27 20:48 - 00000000 ____D C:\Users\A\AppData\Local\Comms
2016-02-27 19:29 - 2016-02-27 19:29 - 01148160 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2016-02-27 19:10 - 2016-02-27 21:41 - 00000000 ____D C:\FRST
2016-02-27 19:05 - 2016-02-27 19:05 - 00688992 _____ (Swearware) C:\Users\A\Desktop\dds.exe
2016-02-27 18:37 - 2016-02-27 20:53 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2016-02-27 15:47 - 2015-07-10 23:00 - 00395268 __RSH C:\bootmgr
2016-02-27 15:47 - 2015-07-10 23:00 - 00000001 ___SH C:\BOOTNXT
2016-02-27 15:38 - 2016-02-27 15:38 - 00000000 ____D C:\Users\A\Documents\Windows.old
2016-02-27 14:42 - 2016-02-27 14:42 - 00000000 ____D C:\Users\A\Desktop\Unknown folder
2016-02-27 14:40 - 2016-02-27 14:40 - 00004636 _____ C:\Users\A\Documents\[000005].wav
2016-02-27 14:38 - 2016-02-27 14:38 - 00015748 _____ C:\Users\A\Documents\[000004].wav
2016-02-27 14:29 - 2016-02-27 14:29 - 00023584 _____ C:\Users\A\Documents\[000002].wav
2016-02-27 14:21 - 2016-02-27 14:23 - 00000000 ____D C:\ab1a42e6b5932be79a9bdc8a
2016-02-27 14:21 - 2016-02-27 14:21 - 00000000 ____D C:\MSI79f16.tmp
2016-02-27 14:21 - 2016-02-27 14:21 - 00000000 ____D C:\MSI79f12.tmp
2016-02-27 14:21 - 2016-02-27 14:21 - 00000000 ____D C:\_595031_
2016-02-27 14:07 - 2016-02-27 14:07 - 01077248 _____ C:\Windows\system32\AmRdrIco.icl
2016-02-27 14:07 - 2016-02-27 14:07 - 00084480 _____ (Alcor Micro, Corp.) C:\Windows\system32\Drivers\AmUStor.sys
2016-02-27 14:07 - 2016-02-27 14:07 - 00019399 _____ C:\Windows\system32\AmUStor.ini
2016-02-27 14:07 - 2016-02-27 14:07 - 00012800 _____ (Alcor Micro, Corp.) C:\Windows\system32\AmUStor2.dll
2016-02-27 14:07 - 2016-02-27 14:07 - 00000640 _____ C:\Windows\system32\VendorCmd6435.bin
2016-02-27 14:07 - 2016-02-27 14:07 - 00000032 _____ C:\Windows\system32\VendorCmd6485.bin
2016-02-27 14:07 - 2016-02-27 14:07 - 00000032 _____ C:\Windows\system32\VendorCmd6465.bin
2016-02-27 14:07 - 2016-02-27 14:07 - 00000008 _____ C:\Windows\system32\CardDetect6485.bin
2016-02-27 14:07 - 2016-02-27 14:07 - 00000008 _____ C:\Windows\system32\CardDetect.bin
2016-02-27 14:06 - 2016-02-27 14:06 - 00113400 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-02-27 14:04 - 2016-02-27 14:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-27 13:58 - 2016-02-27 13:58 - 01854096 _____ (Logitech, Inc.) C:\Windows\system32\LkmdfCoInst.dll
2016-02-27 13:58 - 2016-02-27 13:58 - 00087696 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LEqdUsb.sys
2016-02-27 13:40 - 2016-02-27 13:46 - 02088382 _____ C:\TDSSKiller.3.1.0.9_27.02.2016_13.40.17_log.txt
2016-02-27 13:37 - 2016-02-27 13:37 - 00004304 _____ C:\TDSSKiller.3.1.0.9_27.02.2016_13.37.08_log.txt
2016-02-27 13:32 - 2016-02-27 21:16 - 00003802 _____ C:\Users\A\Desktop\Rkill.txt
2016-02-27 13:30 - 2016-02-27 21:19 - 00000000 ____D C:\Users\A\Desktop\New folder
2016-02-27 13:28 - 2016-02-27 13:27 - 00000000 _____ C:\Users\A\Downloads\rkill.com.a9w619b (1).partial
2016-02-27 13:27 - 2016-02-27 13:27 - 00000000 _____ C:\Users\A\Downloads\rkill.com.a9w619b.partial
2016-02-27 13:27 - 2016-02-27 13:27 - 00000000 _____ C:\Users\A\Desktop\rkill.com.a9w619b.partial
2016-02-27 13:25 - 2016-02-27 13:25 - 00000000 _____ C:\Users\A\Desktop\rkill.com.pu254km.partial
2016-02-27 13:20 - 2016-02-27 13:20 - 00000000 _____ C:\Users\A\Desktop\(1)
2016-02-27 13:13 - 2016-02-27 12:59 - 01403904 _____ C:\Users\A\Documents\MSDownloadManager.msi
2016-02-27 12:59 - 2016-02-27 12:59 - 01403904 _____ C:\Users\A\Downloads\MSDownloadManager.msi
2016-02-27 06:08 - 2016-02-26 15:16 - 00000000 ____D C:\Windows.old
2016-02-27 06:07 - 2016-02-27 06:07 - 00008192 _____ C:\Windows\system32\config\userdiff
2016-02-27 06:07 - 2016-02-27 06:07 - 00000000 ____D C:\Windows\InfusedApps
2016-02-27 06:06 - 2016-02-27 06:06 - 00000000 ____D C:\Program Files\Synaptics
2016-02-27 06:05 - 2016-02-27 06:05 - 00000000 ____D C:\Windows\Setup
2016-02-27 06:03 - 2016-02-27 06:03 - 00000000 ____D C:\Windows\OCR
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\0409
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\winrm
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\WCN
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\slmgr
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\0409
2016-02-27 06:01 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\DigitalLocker
2016-02-27 05:57 - 2016-02-03 10:47 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-27 05:57 - 2016-02-03 10:47 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-27 05:55 - 2016-02-27 20:49 - 00000000 ____D C:\Windows\system32\setup
2016-02-27 05:55 - 2016-02-27 20:48 - 00000000 ____D C:\Windows\AppReadiness
2016-02-27 05:55 - 2016-02-27 20:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-27 05:55 - 2016-02-27 20:27 - 00000000 ____D C:\Windows\Registration
2016-02-27 05:55 - 2016-02-27 15:47 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-02-27 05:55 - 2016-02-27 14:32 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-27 05:55 - 2016-02-27 13:03 - 00000000 ____D C:\Windows\appcompat
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ___SD C:\Windows\system32\dsc
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\SysWOW64\Com
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\MUI
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\migwiz
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\system32\Com
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\IME
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\Help
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-27 05:55 - 2016-02-27 06:01 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 __RSD C:\Windows\Media
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___SD C:\Windows\SysWOW64\Nui
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___SD C:\Windows\SysWOW64\Configuration
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___SD C:\Windows\system32\Nui
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___SD C:\Windows\system32\Configuration
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___SD C:\Windows\Downloaded Program Files
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___RD C:\Windows\Offline Web Pages
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___RD C:\Windows\DesktopTileResources
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Web
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Vss
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\tracing
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\TAPI
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\WinMetadata
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\SMI
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\ras
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\NDF
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\MsDtc
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\Ipmi
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\InputMethod
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\IME
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\icsxml
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicyUsers
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\downlevel
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\Bthprops
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\AppLocker
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SystemResources
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SystemApps
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\WinMetadata
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\winevt
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\ras
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\ProximityToast
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\PointOfService
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\NDF
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\MsDtc
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\MailContactsCalendarSync
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\Macromed
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\Ipmi
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\InputMethod
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\inetsrv
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\IME
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\icsxml
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\ias
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\GroupPolicyUsers
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\downlevel
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\config\Journal
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\Bthprops
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\AppLocker
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\System
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SKB
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\ShellNew
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\security
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\schemas
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\SchCache
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Resources
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\PLA
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Performance
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\ModemLogs
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\LiveKernelReports
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\InputMethod
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Globalization
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Cursors
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\Branding
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\ProgramData\Comms
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files\Windows NT
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files\Common Files\Services
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-02-27 05:55 - 2016-02-27 05:55 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-02-27 05:55 - 2016-02-27 05:51 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2016-02-27 05:55 - 2016-02-27 05:51 - 00215943 _____ C:\Windows\SysWOW64\dssec.dat
2016-02-27 05:55 - 2016-02-27 05:51 - 00215943 _____ C:\Windows\system32\dssec.dat
2016-02-27 05:55 - 2016-02-27 05:51 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2016-02-27 05:55 - 2016-02-27 05:51 - 00017463 _____ C:\Windows\system32\Drivers\etc\services
2016-02-27 05:55 - 2016-02-27 05:51 - 00015462 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2016-02-27 05:55 - 2016-02-27 05:51 - 00008798 _____ C:\Windows\SysWOW64\icrav03.rat
2016-02-27 05:55 - 2016-02-27 05:51 - 00008798 _____ C:\Windows\system32\icrav03.rat
2016-02-27 05:55 - 2016-02-27 05:51 - 00003683 _____ C:\Windows\system32\Drivers\etc\lmhosts.sam
2016-02-27 05:55 - 2016-02-27 05:51 - 00001988 _____ C:\Windows\SysWOW64\ticrf.rat
2016-02-27 05:55 - 2016-02-27 05:51 - 00001988 _____ C:\Windows\system32\ticrf.rat
2016-02-27 05:55 - 2016-02-27 05:51 - 00001358 _____ C:\Windows\system32\Drivers\etc\protocol
2016-02-27 05:55 - 2016-02-27 05:51 - 00000858 _____ C:\Windows\system32\DefaultQuestions.json
2016-02-27 05:55 - 2016-02-27 05:51 - 00000824 _____ C:\Windows\system32\Drivers\etc\HOSTS.MVP
2016-02-27 05:55 - 2016-02-27 05:51 - 00000741 _____ C:\Windows\SysWOW64\NOISE.DAT
2016-02-27 05:55 - 2016-02-27 05:51 - 00000741 _____ C:\Windows\system32\NOISE.DAT
2016-02-27 05:55 - 2016-02-27 05:51 - 00000407 _____ C:\Windows\system32\Drivers\etc\networks
2016-02-27 05:55 - 2016-02-27 05:51 - 00000389 _____ C:\Windows\system32\AutoWorkplace.exe.config
2016-02-27 05:55 - 2016-02-27 05:51 - 00000219 _____ C:\Windows\system.ini
2016-02-27 05:55 - 2016-02-27 05:51 - 00000092 _____ C:\Windows\win.ini
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ___SD C:\Windows\SysWOW64\F12
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ___SD C:\Windows\system32\F12
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\system32\oobe
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\system32\Dism
2016-02-27 05:55 - 2016-02-26 16:04 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-27 05:55 - 2016-02-26 16:03 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-02-27 05:55 - 2016-02-26 16:03 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-02-27 05:55 - 2016-02-26 16:03 - 00000000 ___RD C:\Windows\DevicesFlow
2016-02-27 05:55 - 2016-02-26 16:03 - 00000000 ____D C:\Windows\Provisioning
2016-02-27 05:55 - 2016-02-26 16:03 - 00000000 ____D C:\Windows\L2Schemas
2016-02-27 05:55 - 2016-02-26 16:03 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-27 05:55 - 2016-02-26 11:29 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-27 05:55 - 2016-02-26 10:52 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-27 05:55 - 2016-02-26 10:36 - 00000000 ___RD C:\Windows\PrintDialog
2016-02-27 05:55 - 2016-02-26 10:36 - 00000000 ___RD C:\Windows\MiracastView
2016-02-27 05:55 - 2016-02-26 10:31 - 00000000 ____D C:\Windows\rescache
2016-02-27 05:55 - 2016-02-26 10:28 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-27 05:55 - 2016-02-26 10:27 - 00000000 ____D C:\Windows\system32\spool
2016-02-27 05:55 - 2016-02-26 10:26 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-27 05:55 - 2016-02-26 10:26 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-02-27 05:55 - 2016-02-26 10:20 - 00000000 ____D C:\Windows\system32\Sysprep
2016-02-27 05:53 - 2016-02-27 21:31 - 00000000 ____D C:\Windows\INF
2016-02-27 05:45 - 2016-02-27 21:07 - 00000000 ____D C:\Windows\CbsTemp
2016-02-27 05:36 - 2016-02-27 21:26 - 00131072 ___SH C:\Windows\system32\config\BBI
2016-02-27 05:36 - 2016-02-27 06:01 - 00000000 ____D C:\Windows\servicing
2016-02-27 05:36 - 2016-02-27 05:55 - 00000000 ____D C:\Windows\system32\SMI
2016-02-27 05:36 - 2016-02-26 10:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-02-27 05:36 - 2015-07-10 21:11 - 00000164 _____ C:\Windows\system32\config\FP
2016-02-27 05:34 - 2016-02-27 05:34 - 00000000 ___HD C:\$SysReset
2016-02-26 21:13 - 2016-02-26 21:43 - 06101832 _____ C:\Users\A\Desktop\Show-Hidden.txt
2016-02-26 20:48 - 2016-02-26 20:50 - 00000000 ____D C:\Users\A\Documents\Fax
2016-02-26 20:48 - 2016-02-26 20:48 - 00000000 ___RD C:\Users\A\Documents\Scanned Documents
2016-02-26 20:16 - 2016-02-26 20:16 - 00936063 _____ C:\Users\A\Documents\new 1.css
2016-02-26 19:11 - 2016-02-26 19:11 - 01228259 _____ C:\Users\A\Downloads\47_bank-garantee-credit-suisse.pdf
2016-02-26 16:46 - 2016-02-26 16:46 - 00000000 ____D C:\MSI4bc8d.tmp
2016-02-26 16:46 - 2016-02-26 16:46 - 00000000 ____D C:\MSI4bc7a.tmp
2016-02-26 16:38 - 2016-02-26 16:38 - 00000000 ____D C:\_934140_
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\_915234_
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\_891765_
2016-02-26 16:33 - 2016-02-26 16:40 - 03086960 _____ C:\Users\A\Downloads\Windows6.0-KB942288-v2-x64.msu
2016-02-26 16:33 - 2016-02-26 16:40 - 01768236 _____ C:\Users\A\Downloads\Windows6.0-KB942288-v2-x86 (1).msu
2016-02-26 16:33 - 2016-02-26 16:34 - 25824792 _____ C:\Users\A\Downloads\WindowsServer2003-KB942288-v4-ia64 (1).exe
2016-02-26 16:33 - 2016-02-26 16:33 - 04691480 _____ C:\Users\A\Downloads\WindowsServer2003-KB942288-v4-x64 (1).exe
2016-02-26 16:33 - 2016-02-26 16:33 - 03589956 _____ C:\Users\A\Downloads\Windows6.0-KB942288-v2-ia64.msu
2016-02-26 16:33 - 2016-02-26 16:33 - 03589956 _____ C:\Users\A\Downloads\Windows6.0-KB942288-v2-ia64 (1).msu
2016-02-26 16:33 - 2016-02-26 16:33 - 03327000 _____ C:\Users\A\Downloads\WindowsXP-KB942288-v3-x86.exe
2016-02-26 16:33 - 2016-02-26 16:33 - 03086960 _____ C:\Users\A\Downloads\Windows6.0-KB942288-v2-x64 (1).msu
2016-02-26 16:33 - 2016-02-26 16:33 - 03071512 _____ C:\Users\A\Downloads\WindowsServer2003-KB942288-v4-x86 (1).exe
2016-02-26 16:33 - 2016-02-26 16:33 - 00001790 _____ C:\Users\A\Downloads\redist (2).txt
2016-02-26 16:33 - 2016-02-26 16:33 - 00001790 _____ C:\Users\A\Downloads\redist (1).txt
2016-02-26 16:32 - 2016-02-26 16:40 - 25824792 _____ C:\Users\A\Downloads\WindowsServer2003-KB942288-v4-ia64.exe
2016-02-26 16:32 - 2016-02-26 16:40 - 04691480 _____ C:\Users\A\Downloads\WindowsServer2003-KB942288-v4-x64.exe
2016-02-26 16:32 - 2016-02-26 16:40 - 03071512 _____ C:\Users\A\Downloads\WindowsServer2003-KB942288-v4-x86.exe
2016-02-26 16:32 - 2016-02-26 16:33 - 01768236 _____ C:\Users\A\Downloads\Windows6.0-KB942288-v2-x86.msu
2016-02-26 16:22 - 2016-02-27 21:26 - 00000000 ____D C:\Windows\Panther
2016-02-26 16:20 - 2016-02-26 16:20 - 00042010 _____ C:\Users\A\Desktop\PAUL REPLY.pdf
2016-02-26 15:30 - 2016-02-26 15:30 - 00290029 _____ C:\Users\A\Desktop\053898706-001291.PDF
2016-02-26 15:26 - 2016-02-26 15:26 - 00004643 _____ C:\Users\A\Desktop\20130906-100835.HTM
2016-02-26 15:12 - 2016-02-26 15:12 - 00000000 ____D C:\Users\A\AppData\Local\NetworkTiles
2016-02-26 15:00 - 2016-02-26 15:00 - 00000000 ____D C:\_398031_
2016-02-26 14:58 - 2016-02-26 14:58 - 00001302 _____ C:\Users\A\Downloads\Redist.txt
2016-02-26 14:58 - 2016-02-26 14:58 - 00000000 ____D C:\_273140_
2016-02-26 14:54 - 2016-02-26 14:54 - 00000000 ____D C:\Users\A\AppData\Local\ElevatedDiagnostics
2016-02-26 14:47 - 2016-02-26 14:56 - 01239752 _____ (Microsoft Corporation) C:\Users\A\Downloads\wlsetup-web.exe
2016-02-26 14:29 - 2015-12-09 15:39 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-02-26 14:26 - 2016-02-26 14:29 - 00000000 ____D C:\Windows\system32\MRT
2016-02-26 14:26 - 2016-02-26 14:26 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-26 14:05 - 2016-02-26 14:13 - 00667310 _____ C:\Users\A\Downloads\Antony Lee Introduction.pdf
2016-02-26 14:03 - 2016-02-26 14:03 - 00000000 ____D C:\Users\A\AppData\Roaming\Mozilla
2016-02-26 14:03 - 2016-02-26 14:03 - 00000000 ____D C:\Users\A\AppData\Local\Mozilla
2016-02-26 13:27 - 2016-02-14 13:18 - 00048128 _____ C:\Users\A\Desktop\the email to paul (17.8 KB).msg
2016-02-26 12:34 - 2016-02-26 12:34 - 00000000 ____D C:\Users\A\Documents\PDF Files
2016-02-26 12:27 - 2016-02-26 12:27 - 00024392 _____ C:\Users\A\Documents\Copy of Divorce Calculations 241014.xls
2016-02-26 12:16 - 2016-02-27 15:59 - 00000000 ____D C:\Users\A\Documents\Outlook Files
2016-02-26 12:11 - 2016-02-26 12:11 - 00000000 ____D C:\Users\A\Downloads\PDF Files
2016-02-26 12:06 - 2016-02-26 12:06 - 00000000 ____D C:\ProgramData\BoYans
2016-02-26 11:58 - 2016-02-26 12:11 - 00000000 ____D C:\Users\A\AppData\Roaming\PDF Pro 10 9
2016-02-26 11:58 - 2016-02-26 11:58 - 00000000 ____D C:\ProgramData\Avanquest Software
2016-02-26 11:53 - 2016-02-26 11:53 - 00000000 ____D C:\Users\A\AppData\Roaming\Macromedia
2016-02-26 11:10 - 2016-02-26 11:10 - 00002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-02-26 11:10 - 2016-02-26 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-02-26 11:09 - 2016-02-26 11:09 - 06217784 _____ (Tempo Semiconductor Inc.) C:\Windows\system32\stlang64.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 02242328 _____ (Tempo Semiconductor Inc.) C:\Windows\system32\stapo64.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 01907216 _____ (Tempo Semiconductor Inc.) C:\Windows\system32\IDTNC64.cpl
2016-02-26 11:09 - 2016-02-26 11:09 - 00888472 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 00852840 _____ (TOSHIBA Corporation) C:\Windows\system32\TADEFxApo264.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 00713960 _____ (Tempo Semiconductor Inc.) C:\Windows\system32\stapi64.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 00561680 _____ (Tempo Semiconductor Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2016-02-26 11:09 - 2016-02-26 11:09 - 00265744 _____ (Tempo Semiconductor Inc.) C:\Windows\system32\st646504.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-02-26 11:09 - 2016-02-26 11:09 - 00000000 ____D C:\Program Files\IDT
2016-02-26 10:53 - 2016-02-26 14:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-26 10:52 - 2016-02-26 10:52 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-02-26 10:49 - 2016-02-26 10:49 - 00001047 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2016-02-26 10:40 - 2016-02-27 19:00 - 00004158 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3C2ABCDC-BF47-4B82-9A12-346440B6ABEC}
2016-02-26 10:39 - 2016-02-26 10:40 - 00002351 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-26 10:39 - 2016-02-26 10:40 - 00000000 ___RD C:\Users\A\OneDrive
2016-02-26 10:39 - 2016-02-26 10:39 - 00000000 ____D C:\Users\A\AppData\Local\MicrosoftEdge
2016-02-26 10:38 - 2016-02-26 10:38 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-02-26 10:36 - 2016-02-26 16:40 - 00000000 ____D C:\Users\A\AppData\Local\VirtualStore
2016-02-26 10:36 - 2016-02-26 10:36 - 00000000 ____D C:\Users\A\Downloads\Bitdefender Safepay
2016-02-26 10:36 - 2016-02-26 10:36 - 00000000 ____D C:\Users\A\AppData\Local\Publishers
2016-02-26 10:35 - 2016-02-27 20:47 - 00000000 ____D C:\Users\A\AppData\Local\Packages
2016-02-26 10:35 - 2016-02-26 10:35 - 00000020 ___SH C:\Users\A\ntuser.ini
2016-02-26 10:35 - 2016-02-26 10:35 - 00000000 ____D C:\Users\A\AppData\Roaming\Adobe
2016-02-26 10:35 - 2016-02-26 10:35 - 00000000 ____D C:\Users\A\AppData\Local\TileDataLayer
2016-02-26 10:32 - 2016-02-27 21:31 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default\My Documents
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default User\My Documents
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\Default User
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Users\All Users
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 _SHDL C:\Documents and Settings
2016-02-26 10:28 - 2016-02-26 10:28 - 00000000 ____D C:\ProgramData\USOShared
2016-02-26 10:27 - 2016-02-27 21:27 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-26 10:26 - 2016-02-26 14:59 - 00000000 ____D C:\Users\A\AppData\Temp
2016-02-26 10:26 - 2016-02-26 10:26 - 00000000 _SHDL C:\Users\A\My Documents
2016-02-26 10:26 - 2016-02-26 10:26 - 00000000 _SHDL C:\Users\A\Documents\My Videos
2016-02-26 10:26 - 2016-02-26 10:26 - 00000000 _SHDL C:\Users\A\Documents\My Pictures
2016-02-26 10:26 - 2016-02-26 10:26 - 00000000 _SHDL C:\Users\A\Documents\My Music
2016-02-26 10:25 - 2016-02-27 15:38 - 00000000 ____D C:\Users\A
2016-02-26 10:23 - 2016-02-26 10:23 - 00000385 _____ C:\Users\A\AppData\Roaminguser_gensett.xml
2016-02-26 10:23 - 2016-02-26 07:49 - 00003922 _____ C:\bdlog.txt
2016-02-26 10:22 - 2016-02-27 21:26 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-02-26 10:21 - 2016-02-26 10:38 - 00000682 ____H C:\bdr-cf01
2016-02-26 10:18 - 2016-02-26 10:18 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-02-26 10:18 - 2016-02-26 10:18 - 00000000 _____ C:\Windows\ativpsrm.bin
2016-02-26 10:17 - 2016-02-26 10:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-02-26 10:17 - 2016-02-26 10:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2016-02-26 10:17 - 2016-02-26 10:17 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-02-26 10:17 - 2016-02-26 10:17 - 00000000 ____D C:\Program Files\AMD
2016-02-26 10:15 - 2015-07-10 22:59 - 02718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2016-02-26 10:12 - 2016-02-26 16:06 - 00323592 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-26 10:12 - 2016-02-26 10:12 - 00000000 ____D C:\Windows\ServiceProfiles
2016-02-26 10:06 - 2016-02-26 10:06 - 00000000 _____ C:\Users\A\Desktop\FreeRemovalTool.zvruvfn.partial
2016-02-26 10:05 - 2016-02-26 10:05 - 00000000 _____ C:\Users\A\Desktop\FreeRemovalTool.6ltnd9t.partial
2016-02-26 07:40 - 2016-02-26 07:40 - 00468581 _____ C:\Users\A\Documents\MASTERCARD ANZ.pdf
2016-02-26 07:37 - 2016-02-26 07:37 - 00000168 _____ C:\Users\A\AppData\LocalLow\wbk920D.tmp
2016-02-26 07:23 - 2016-02-26 07:23 - 00035910 _____ C:\Users\A\Documents\IMG_20131017_0001.pdf
2016-02-26 07:23 - 2016-02-26 07:23 - 00008315 _____ C:\Users\A\Documents\img-X13140050-0001.tif
2016-02-26 07:20 - 2016-02-26 07:20 - 00365620 _____ C:\Users\A\Documents\Moving out letter.pdf
2016-02-26 07:19 - 2016-02-26 07:19 - 00000168 _____ C:\Users\A\Documents\Untitled attachment 09121.htm
2016-02-26 07:18 - 2016-02-26 07:18 - 00000216 _____ C:\Users\A\Documents\Untitled attachment 09282.htm
2016-02-26 07:18 - 2016-02-26 07:18 - 00000168 _____ C:\Users\A\Documents\Untitled attachment 09285.htm
2016-02-26 07:07 - 2016-02-26 20:02 - 00000000 ____D C:\Users\A\Downloads\npp.6.9.bin
2016-02-26 07:06 - 2016-02-26 07:06 - 02935235 _____ C:\Users\A\Downloads\npp.6.9.bin.zip
2016-02-26 06:54 - 2016-02-26 06:54 - 00026108 _____ C:\Users\A\Documents\Churton v1.xlsx
2016-02-26 06:54 - 2016-02-26 06:54 - 00000000 ____D C:\Users\A\AppData\LocalLow\Temp
2016-02-26 06:51 - 2016-02-26 06:51 - 00000168 _____ C:\Users\A\Documents\ATT00001.htm
2016-02-26 05:47 - 2016-02-26 05:47 - 00000000 ____D C:\Users\A\AppData\LocalLow\Sun
2016-02-26 05:47 - 2016-02-26 05:47 - 00000000 ____D C:\Users\A\.oracle_jre_usage
2016-02-26 05:44 - 2016-02-26 05:44 - 00000000 ____D C:\Users\A\AppData\LocalLow\Oracle
2016-02-26 05:43 - 2016-02-26 05:44 - 00735328 _____ (Oracle Corporation) C:\Users\A\Downloads\JavaSetup8u73.exe
2016-02-26 05:33 - 2016-02-26 05:33 - 00000025 _____ C:\Users\A\Desktop\Untitled attachment 11347.txt
2016-02-26 05:32 - 2016-02-26 05:32 - 02662568 _____ C:\Users\A\Desktop\Memo.m4a
2016-02-26 05:29 - 2016-02-26 05:29 - 02702336 _____ C:\Users\A\Desktop\huf.MSG
2016-02-26 05:20 - 2016-02-26 05:20 - 00484402 _____ C:\Users\A\Desktop\V080008_A01_I.pdf
2016-02-26 05:10 - 2016-02-26 05:10 - 04245504 _____ C:\Users\A\Desktop\.MSkjkj.msG
2016-02-26 04:51 - 2016-02-26 04:51 - 00030384 _____ C:\Users\A\Desktop\Receipt8785217.pdf
2016-02-26 01:26 - 2016-02-27 15:47 - 00000000 ____D C:\BCD_Backup
2016-02-26 01:24 - 2016-02-26 12:14 - 00000000 ____D C:\Users\A\Documents\dbr-1.3.0.0
2016-02-14 19:42 - 2016-02-14 19:42 - 00386464 _____ (Bleeping Computer, LLC) C:\Users\A\Downloads\show-hidden.exe
2016-02-14 17:03 - 2016-02-14 17:04 - 00000000 ____D C:\Windows.old(1)
2016-02-14 15:45 - 2016-02-14 15:57 - 04433200 _____ C:\Users\A\Downloads\advisorinstaller.exe
2016-02-14 15:44 - 2016-02-27 19:29 - 04703488 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2016-02-14 15:41 - 2016-02-14 15:41 - 03771784 _____ (Easeware ) C:\Users\A\Downloads\DriverEasy_Setup.exe
2016-02-14 15:22 - 2016-02-14 15:22 - 00242080 _____ C:\Users\A\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-14 15:03 - 2016-02-14 15:03 - 03933496 _____ (Logitech, Inc.) C:\Windows\system32\LogiLDA.DLL
2016-02-14 15:03 - 2016-02-14 15:03 - 02458936 _____ (Logitech, Inc.) C:\Windows\system32\LdaCx2.dll
2016-02-14 14:22 - 2016-02-14 14:22 - 00000000 ____D C:\Users\Public\Documents\Avanquest Software
2016-02-14 14:22 - 2016-02-14 14:22 - 00000000 ____D C:\ProgramData\Documents\Avanquest Software
2016-02-14 14:20 - 2016-02-14 14:20 - 00000000 ____D C:\_192281_
2016-02-14 14:10 - 2016-02-14 14:10 - 00050688 _____ C:\Users\A\Desktop\Your Apple ID was used to sign in to iCloud via a .MSG
2016-02-14 14:07 - 2016-02-14 14:07 - 00057856 _____ C:\Users\A\Desktop\Caltex Statement for 0272131903 on 071012.MSG
2016-02-14 14:07 - 2016-02-14 14:07 - 00054272 _____ C:\Users\A\Desktop\Caltex Invoice Detail for 0272131903 on 071012.MSG
2016-02-14 13:59 - 2016-02-14 13:59 - 00141312 _____ C:\Users\A\Desktop\Police Complaint Acknowledgement Form (File Ref_ 1.MSG
2016-02-14 13:57 - 2016-02-14 13:57 - 00741376 _____ C:\Users\A\Desktop\juyr.MSG
2016-02-14 13:52 - 2016-02-14 13:52 - 00057856 _____ C:\Users\A\Desktop\Toll Notice Payment Purchase Receipt.MSG
2016-02-14 13:49 - 2016-02-14 13:49 - 00387072 _____ C:\Users\A\Desktop\hf.MSG
2016-02-14 13:48 - 2016-02-14 13:48 - 01081856 _____ C:\Users\A\Desktop\World Vision Sponsorship.MSG
2016-02-14 13:48 - 2016-02-14 13:48 - 00897024 _____ C:\Users\A\Desktop\.MSG
2016-02-14 13:46 - 2016-02-14 13:46 - 02189824 _____ C:\Users\A\Desktop\Hi Antony, here's the latest ASB InBusiness..MSG
2016-02-14 13:44 - 2016-02-14 13:44 - 00020480 _____ C:\Users\A\Desktop\[virus Win32_TrojanDownloader.Waski.F trojan] Docu.MSG
2016-02-14 13:43 - 2016-02-14 13:43 - 00435200 _____ C:\Users\A\Desktop\SCyAN.MSG
2016-02-14 13:43 - 2016-02-14 13:43 - 00067584 _____ C:\Users\A\Desktop\SCAiN.MSG
2016-02-14 13:42 - 2016-02-14 13:42 - 00079872 _____ C:\Users\A\Desktop\SCAN.MSG
2016-02-14 13:39 - 2016-02-14 13:39 - 00028160 _____ C:\Users\A\Desktop\REMINDER_One quick survey. Five Prezzy cards up fo.MSG
2016-02-14 13:39 - 2016-02-14 13:39 - 00024064 _____ C:\Users\A\Desktop\Full pack of 11 media tools (video, audio & graphi.MSG
2016-02-14 13:38 - 2016-02-14 13:38 - 00070144 _____ C:\Users\A\Desktop\New Blog at Quitting Crystal Meth.MSG
2016-02-14 13:38 - 2016-02-14 13:38 - 00056320 _____ C:\Users\A\Desktop\Cyber Monday Sale_ Keep Calm and Get 75% Off UGG B.MSG
2016-02-14 13:37 - 2016-02-14 13:37 - 00141824 _____ C:\Users\A\Desktop\FW_ Diana Litton - Snippets Issue 9.MSG
2016-02-14 13:36 - 2016-02-14 13:37 - 00087552 _____ C:\Users\A\Desktop\Join the Challenge.MSG
2016-02-14 13:36 - 2016-02-14 13:36 - 00080384 _____ C:\Users\A\Desktop\Data Loss on iPhone will now be history, Version 2.MSG
2016-02-14 13:36 - 2016-02-14 13:36 - 00060416 _____ C:\Users\A\Desktop\Antony, me,Antony (3).MSG
2016-02-14 13:36 - 2016-02-14 13:36 - 00058880 _____ C:\Users\A\Desktop\Antony - Please Save This Email.MSG
2016-02-14 13:35 - 2016-02-14 13:35 - 00091648 _____ C:\Users\A\Desktop\You’ve reserved Windows 10 – what’s next_.MSG
2016-02-14 13:34 - 2016-02-14 13:34 - 00019456 _____ C:\Users\A\Desktop\Message from NZDating.MSG
2016-02-14 13:32 - 2016-02-14 13:32 - 00021504 _____ C:\Users\A\Desktop\FW_ Framed items outstanding.MSG
2016-02-14 13:31 - 2016-02-14 13:31 - 00027136 _____ C:\Users\A\Desktop\[29D-1DC45F47-7CE8] Log In Details.MSG
2016-02-14 13:29 - 2016-02-14 13:29 - 00050176 _____ C:\Users\A\Desktop\Quote for E & C Hay 28295-03 CRM00705429.MSG
2016-02-14 13:27 - 2016-02-14 13:28 - 00041984 _____ C:\Users\A\Desktop\M & S New White Paper.MSG
2016-02-14 13:21 - 2016-02-14 13:21 - 06376592 _____ C:\Users\A\Desktop\SKMBT_C45113090612240.pdf
2016-02-14 13:20 - 2016-02-14 13:20 - 00176023 _____ C:\Users\A\Desktop\stdd.pdf
2016-02-14 13:18 - 2016-02-14 13:18 - 00048128 _____ C:\Users\A\Desktop\FW Matrimonial Property and Other Matters (17.8 KB).msg
2016-02-14 13:17 - 2016-02-14 13:17 - 00478311 _____ C:\Users\A\Desktop\Documentr.pdf
2016-02-14 13:14 - 2016-02-14 13:14 - 00052882 _____ C:\Users\A\Desktop\SINS386773.pdf
2016-02-14 13:12 - 2016-02-14 13:12 - 00025600 _____ C:\Users\A\Desktop\[virus a variant of Win32_Kryptik.DYBV trojan] Wat.MSG
2016-02-14 03:12 - 2016-02-14 03:12 - 00448512 _____ (OldTimer Tools) C:\Users\A\Downloads\TFC.exe
2016-02-14 03:10 - 2016-02-14 03:12 - 57092912 _____ (Encryptomatic, LLC) C:\Users\A\Downloads\PSTViewer.Setup.exe
2016-02-14 01:49 - 2016-01-31 17:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-02-14 01:49 - 2016-01-31 17:11 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-14 01:48 - 2016-01-31 18:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-02-14 01:48 - 2016-01-31 18:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-02-14 01:48 - 2016-01-31 17:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-14 01:48 - 2016-01-31 17:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-14 01:48 - 2016-01-31 17:18 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-14 01:48 - 2016-01-31 17:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-14 01:48 - 2016-01-31 17:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-14 01:48 - 2016-01-31 17:05 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-14 01:48 - 2016-01-31 17:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-14 01:47 - 2016-01-31 18:25 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-14 01:47 - 2016-01-31 18:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-14 01:47 - 2016-01-31 18:06 - 01531368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-14 01:47 - 2016-01-31 18:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-14 01:47 - 2016-01-31 18:04 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-14 01:47 - 2016-01-31 17:25 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-14 01:47 - 2016-01-31 17:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-02-14 01:47 - 2016-01-31 17:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-14 01:47 - 2016-01-31 17:19 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-14 01:47 - 2016-01-31 17:16 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-14 01:47 - 2016-01-31 17:05 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-14 01:47 - 2016-01-31 17:02 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-14 01:46 - 2016-01-31 17:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-02-14 01:46 - 2016-01-31 17:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2016-02-14 01:46 - 2016-01-31 17:26 - 06787072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-14 01:46 - 2016-01-31 17:14 - 07525376 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-02-14 01:46 - 2016-01-31 17:14 - 03588096 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-02-14 01:46 - 2016-01-31 17:13 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-14 01:45 - 2016-01-31 17:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-02-14 01:45 - 2016-01-31 17:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-14 01:45 - 2016-01-31 17:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-02-14 01:45 - 2016-01-31 17:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-02-14 01:45 - 2016-01-31 17:18 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-02-14 01:45 - 2016-01-31 17:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-02-14 01:45 - 2016-01-31 17:11 - 05156352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-14 01:45 - 2016-01-31 17:02 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-14 01:45 - 2016-01-31 16:59 - 05457408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-02-14 01:44 - 2016-01-31 18:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-14 01:44 - 2016-01-31 17:38 - 21873152 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-02-14 01:44 - 2016-01-31 17:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-14 01:44 - 2016-01-31 17:05 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-02-14 01:43 - 2016-01-31 17:33 - 24593920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-14 01:43 - 2016-01-31 17:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-14 01:43 - 2016-01-31 17:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-02-14 01:43 - 2016-01-31 17:17 - 19324928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-14 01:43 - 2016-01-31 17:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-14 01:43 - 2016-01-31 17:07 - 18802176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-02-14 01:42 - 2016-01-31 18:24 - 01824880 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-14 01:42 - 2016-01-31 18:06 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-14 01:42 - 2016-01-31 17:29 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-14 01:42 - 2016-01-31 17:25 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-14 01:42 - 2016-01-31 17:20 - 02849792 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-14 01:42 - 2016-01-31 17:16 - 09889280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-14 01:42 - 2016-01-31 17:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll
2016-02-14 01:42 - 2016-01-31 17:06 - 02316800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-14 01:42 - 2016-01-31 17:00 - 11263488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-14 01:42 - 2016-01-31 16:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll
2016-02-13 20:17 - 2016-02-26 16:13 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-13 20:10 - 2016-02-13 20:10 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-02-13 20:10 - 2016-02-13 20:10 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-02-13 20:10 - 2016-02-13 20:10 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-02-13 20:10 - 2016-02-13 20:10 - 00000000 _SHDL C:\ProgramData\Documents\My Videos
2016-02-13 20:10 - 2016-02-13 20:10 - 00000000 _SHDL C:\ProgramData\Documents\My Pictures
2016-02-13 20:10 - 2016-02-13 20:10 - 00000000 _SHDL C:\ProgramData\Documents\My Music
2016-02-09 19:06 - 2016-01-05 15:07 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-02-09 19:06 - 2016-01-05 15:06 - 08022368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 19:06 - 2016-01-05 15:06 - 01063504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-09 19:06 - 2016-01-05 15:06 - 00119800 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-09 19:06 - 2016-01-05 15:04 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-09 19:06 - 2016-01-05 15:04 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 19:06 - 2016-01-05 15:04 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-02-09 19:06 - 2016-01-05 15:04 - 00779928 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-09 19:06 - 2016-01-05 15:04 - 00233992 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2016-02-09 19:06 - 2016-01-05 15:04 - 00090912 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-09 19:06 - 2016-01-05 14:59 - 00781976 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-02-09 19:06 - 2016-01-05 14:30 - 02152744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-02-09 19:06 - 2016-01-05 14:30 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-09 19:06 - 2016-01-05 14:30 - 00100712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-09 19:06 - 2016-01-05 14:29 - 00208688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2016-02-09 19:06 - 2016-01-05 14:28 - 02445128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-09 19:06 - 2016-01-05 14:28 - 00645144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-02-09 19:06 - 2016-01-05 14:28 - 00635312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-09 19:06 - 2016-01-05 14:28 - 00082096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-09 19:06 - 2016-01-05 14:21 - 00658528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-02-09 19:06 - 2016-01-05 14:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2016-02-09 19:06 - 2016-01-05 14:15 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\usermgrcli.dll
2016-02-09 19:06 - 2016-01-05 14:09 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-02-09 19:06 - 2016-01-05 14:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-09 19:06 - 2016-01-05 14:02 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-09 19:06 - 2016-01-05 14:02 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-09 19:06 - 2016-01-05 14:02 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-09 19:06 - 2016-01-05 14:01 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-09 19:06 - 2016-01-05 13:57 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2016-02-09 19:06 - 2016-01-05 13:57 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-02-09 19:06 - 2016-01-05 13:57 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 19:06 - 2016-01-05 13:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2016-02-09 19:06 - 2016-01-05 13:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usermgrcli.dll
2016-02-09 19:06 - 2016-01-05 13:32 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-09 19:06 - 2016-01-05 13:32 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-09 19:06 - 2016-01-05 13:31 - 00563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-09 19:06 - 2016-01-05 13:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-09 19:06 - 2016-01-05 13:29 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 19:06 - 2016-01-05 13:29 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 19:06 - 2016-01-05 13:26 - 00373760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-09 19:06 - 2015-12-01 19:01 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-02-09 19:06 - 2015-12-01 18:03 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2016-02-09 19:06 - 2015-11-25 17:42 - 00168288 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-02-09 19:06 - 2015-11-25 17:40 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-02-09 19:06 - 2015-11-25 16:49 - 01569280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-02-09 19:06 - 2015-11-25 16:49 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-02-09 19:06 - 2015-11-25 16:49 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-02-09 19:06 - 2015-11-25 16:49 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2016-02-09 19:06 - 2015-11-25 16:48 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\EthernetMediaManager.dll
2016-02-09 19:06 - 2015-11-25 16:48 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\DAMediaManager.dll
2016-02-09 19:06 - 2015-11-25 16:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-02-09 19:06 - 2015-11-25 16:30 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-02-09 19:06 - 2015-11-25 16:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-02-09 19:06 - 2015-11-25 16:25 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-02-09 19:06 - 2015-11-25 16:22 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-02-09 19:06 - 2015-11-25 16:19 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-02-09 19:06 - 2015-11-25 16:18 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-02-09 19:06 - 2015-11-25 16:10 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-02-09 19:06 - 2015-11-05 17:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-02-09 19:06 - 2015-11-05 17:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-02-09 19:06 - 2015-11-05 17:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-02-09 19:06 - 2015-11-05 17:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-02-09 19:06 - 2015-11-05 16:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-02-09 19:06 - 2015-11-05 16:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-02-09 19:06 - 2015-11-05 16:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-02-09 19:06 - 2015-11-05 16:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-02-09 19:06 - 2015-11-05 16:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-02-09 19:06 - 2015-11-05 16:17 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-02-09 19:06 - 2015-11-05 16:11 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-02-09 19:06 - 2015-11-05 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-02-09 19:06 - 2015-11-05 15:58 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-02-09 19:06 - 2015-11-05 15:55 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-02-09 19:06 - 2015-11-05 15:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-02-09 19:06 - 2015-11-05 15:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-02-09 19:06 - 2015-11-05 15:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2016-02-09 19:06 - 2015-11-05 15:27 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-02-09 19:06 - 2015-10-06 15:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-02-09 19:06 - 2015-10-06 14:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-02-09 19:06 - 2015-10-01 15:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-02-09 19:06 - 2015-09-25 16:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-02-09 19:06 - 2015-09-25 15:56 - 22322624 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 19:06 - 2015-09-25 15:26 - 20858360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 19:06 - 2015-09-25 15:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-02-09 19:06 - 2015-09-25 15:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-02-09 19:06 - 2015-09-25 15:00 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-02-09 19:06 - 2015-09-25 14:59 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-02-09 19:06 - 2015-09-25 14:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-02-09 19:06 - 2015-09-25 14:59 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-02-09 19:06 - 2015-09-25 14:59 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-02-09 19:06 - 2015-09-25 14:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-02-09 19:06 - 2015-09-25 14:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-02-09 19:06 - 2015-09-25 14:34 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-02-09 19:06 - 2015-09-25 14:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-02-09 19:06 - 2015-09-25 14:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-02-09 19:06 - 2015-09-17 18:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-02-09 19:06 - 2015-09-17 18:49 - 06487248 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-02-09 19:06 - 2015-09-17 18:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-02-09 19:06 - 2015-09-17 18:48 - 02432336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-02-09 19:06 - 2015-09-17 18:48 - 01983824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-02-09 19:06 - 2015-09-17 18:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-09 19:06 - 2015-09-17 18:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-02-09 19:06 - 2015-09-17 18:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-02-09 19:06 - 2015-09-17 18:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-02-09 19:06 - 2015-09-17 18:48 - 00332624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-02-09 19:06 - 2015-09-17 18:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-02-09 19:06 - 2015-09-17 18:28 - 05120056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-02-09 19:06 - 2015-09-17 18:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-02-09 19:06 - 2015-09-17 18:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-02-09 19:06 - 2015-09-17 18:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2016-02-09 19:06 - 2015-09-17 18:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2016-02-09 19:06 - 2015-09-17 18:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-02-09 19:06 - 2015-09-17 18:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll
2016-02-09 19:06 - 2015-09-17 18:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-02-09 19:06 - 2015-09-17 18:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll
2016-02-09 19:06 - 2015-09-17 18:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-02-09 19:06 - 2015-09-17 18:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-02-09 19:06 - 2015-09-17 18:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-02-09 19:06 - 2015-09-17 18:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-02-09 19:06 - 2015-09-17 18:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-02-09 19:06 - 2015-09-17 18:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-02-09 19:06 - 2015-09-17 18:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-02-09 19:06 - 2015-09-17 17:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-02-09 19:06 - 2015-09-17 17:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-02-09 19:06 - 2015-09-17 17:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-02-09 19:06 - 2015-09-17 17:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-02-09 19:06 - 2015-09-17 17:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-02-09 19:06 - 2015-09-17 17:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2016-02-09 19:06 - 2015-09-17 17:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-02-09 19:06 - 2015-09-17 17:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2016-02-09 19:06 - 2015-09-17 17:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-02-09 19:06 - 2015-09-17 17:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-02-09 19:06 - 2015-09-17 17:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-02-09 19:06 - 2015-09-17 17:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-02-09 19:06 - 2015-09-17 17:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-02-09 19:06 - 2015-09-17 17:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-02-09 19:06 - 2015-09-17 17:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-02-09 19:06 - 2015-09-17 17:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-02-09 19:06 - 2015-09-17 17:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-02-09 19:06 - 2015-09-17 17:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2016-02-09 19:06 - 2015-09-17 17:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-02-09 19:06 - 2015-09-17 17:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-02-09 19:06 - 2015-09-17 17:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-02-09 19:06 - 2015-09-17 17:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-02-09 19:06 - 2015-09-17 17:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-09 19:06 - 2015-09-17 17:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-02-09 19:06 - 2015-09-17 17:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2016-02-09 19:06 - 2015-09-17 17:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll
2016-02-09 19:06 - 2015-09-17 17:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-02-09 19:06 - 2015-09-17 17:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll
2016-02-09 19:06 - 2015-09-17 17:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-02-09 19:06 - 2015-09-17 17:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-02-09 19:06 - 2015-09-17 17:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-02-09 19:06 - 2015-09-17 17:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-02-09 19:06 - 2015-09-17 17:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2016-02-09 19:06 - 2015-09-17 17:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-02-09 19:06 - 2015-09-17 17:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-02-09 19:06 - 2015-09-17 17:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-02-09 19:06 - 2015-09-17 17:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2016-02-09 19:06 - 2015-09-17 17:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-02-09 19:06 - 2015-09-17 17:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-02-09 19:06 - 2015-09-17 17:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-02-09 19:06 - 2015-09-17 17:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll
2016-02-09 19:06 - 2015-09-17 17:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-02-09 19:06 - 2015-09-17 17:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-02-09 19:06 - 2015-09-17 17:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll
2016-02-09 19:06 - 2015-09-17 17:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-02-09 19:06 - 2015-09-17 17:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-02-09 19:06 - 2015-09-17 17:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2016-02-09 19:06 - 2015-09-17 17:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-02-09 19:06 - 2015-09-17 17:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-02-09 19:06 - 2015-09-17 17:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-02-09 19:06 - 2015-09-17 17:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-02-09 19:06 - 2015-09-17 17:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2016-02-09 19:06 - 2015-09-17 17:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-02-09 19:06 - 2015-08-27 17:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-02-09 19:06 - 2015-08-27 17:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-02-09 19:06 - 2015-08-27 17:39 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-02-09 19:06 - 2015-08-27 17:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-02-09 19:06 - 2015-08-27 17:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-02-09 19:06 - 2015-08-27 17:08 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-02-09 19:06 - 2015-08-18 19:55 - 00373072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-02-09 19:06 - 2015-08-18 18:57 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-02-09 19:06 - 2015-08-18 18:54 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-02-09 19:06 - 2015-08-18 18:26 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-02-09 19:06 - 2015-08-11 22:04 - 01087296 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-09 19:06 - 2015-08-11 22:03 - 00442208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-02-09 19:06 - 2015-08-11 22:02 - 00292856 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-02-09 19:06 - 2015-08-11 22:02 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-02-09 19:06 - 2015-08-11 21:40 - 00918320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-09 19:06 - 2015-08-11 21:37 - 00243800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-02-09 19:06 - 2015-08-11 21:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2016-02-09 19:06 - 2015-08-11 21:19 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2016-02-09 19:06 - 2015-08-11 21:11 - 02446336 _____ C:\Windows\system32\InputService.dll
2016-02-09 19:06 - 2015-08-11 21:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2016-02-09 19:06 - 2015-08-11 21:08 - 00893440 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-02-09 19:06 - 2015-08-11 21:07 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2016-02-09 19:06 - 2015-08-11 21:05 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\LocationPermissions.dll
2016-02-09 19:06 - 2015-08-11 20:59 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-02-09 19:06 - 2015-08-11 20:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2016-02-09 19:06 - 2015-08-11 20:51 - 01823232 _____ C:\Windows\SysWOW64\InputService.dll
2016-02-09 19:06 - 2015-08-11 20:48 - 00671232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-02-09 19:06 - 2015-08-06 15:17 - 00237392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2016-02-09 19:06 - 2015-08-06 14:22 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-02-09 19:06 - 2015-08-04 16:07 - 00102752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-02-09 19:06 - 2015-08-04 15:23 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2016-02-09 19:06 - 2015-08-03 14:18 - 08613200 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-02-09 19:06 - 2015-08-03 14:18 - 00594472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-02-09 19:06 - 2015-08-03 13:56 - 06878256 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-02-09 19:06 - 2015-08-03 13:24 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll
2016-02-09 19:06 - 2015-08-03 13:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2016-02-09 19:06 - 2015-08-03 13:15 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-02-09 19:06 - 2015-08-03 13:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-02-09 19:06 - 2015-08-03 13:03 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-02-09 19:06 - 2015-07-30 18:17 - 01200400 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 19:06 - 2015-07-30 18:14 - 00333168 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-02-09 19:06 - 2015-07-30 17:24 - 00252768 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2016-02-09 19:06 - 2015-07-30 16:29 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-09 19:06 - 2015-07-30 16:24 - 00285632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-02-09 19:06 - 2015-07-30 16:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2016-02-09 19:06 - 2015-07-30 15:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-02-09 19:06 - 2015-07-30 15:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-02-09 19:06 - 2015-07-30 15:44 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-02-09 19:06 - 2015-07-30 15:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2016-02-09 19:06 - 2015-07-30 15:29 - 00654848 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-02-09 19:06 - 2015-07-30 15:07 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-02-09 19:06 - 2015-07-30 14:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-02-09 19:06 - 2015-07-26 15:40 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-02-09 19:06 - 2015-07-26 15:30 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-02-09 19:06 - 2015-07-24 14:55 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-02-09 19:06 - 2015-07-24 14:52 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-02-09 19:06 - 2015-07-24 14:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-02-09 19:06 - 2015-07-24 14:34 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-02-09 19:06 - 2015-07-24 14:30 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-02-09 19:06 - 2015-07-22 17:15 - 00565088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-02-09 19:06 - 2015-07-22 16:02 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2016-02-09 19:06 - 2015-07-22 16:00 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-02-09 19:06 - 2015-07-22 15:54 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-02-09 19:06 - 2015-07-22 15:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-02-09 19:06 - 2015-07-22 15:09 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-02-09 19:06 - 2015-07-22 15:07 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2016-02-09 19:06 - 2015-07-18 19:43 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Import.dll
2016-02-09 19:06 - 2015-07-18 16:06 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Import.dll
2016-02-09 19:06 - 2015-07-17 16:23 - 00934752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2016-02-09 19:06 - 2015-07-17 16:12 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-02-09 19:06 - 2015-07-17 16:07 - 00425824 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-02-09 19:06 - 2015-07-17 14:31 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 19:06 - 2015-07-17 14:26 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-02-09 19:06 - 2015-07-17 14:24 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2016-02-09 19:06 - 2015-07-17 13:53 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-02-09 19:06 - 2015-07-17 13:50 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2016-02-09 19:06 - 2015-07-16 17:39 - 00061280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-02-09 19:06 - 2015-07-16 16:09 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-02-09 19:06 - 2015-07-16 15:36 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
2016-02-09 19:06 - 2015-07-16 15:35 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-02-09 19:06 - 2015-07-15 14:49 - 00325984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-02-09 19:06 - 2015-07-15 14:04 - 00032768 _____ C:\Windows\system32\LicenseManagerApi.dll
2016-02-09 19:06 - 2015-07-15 13:27 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.PAL.Desktop.dll
2016-02-09 19:06 - 2015-07-14 14:04 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2016-02-09 19:06 - 2015-07-13 12:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-02-09 19:06 - 2015-07-13 11:30 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-02-09 19:06 - 2015-07-12 12:38 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2016-02-09 19:06 - 2015-07-12 11:46 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-02-09 19:06 - 2015-07-11 13:05 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-02-09 19:06 - 2015-07-11 13:03 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-02-09 19:06 - 2015-07-11 12:57 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-02-09 19:06 - 2015-07-11 12:42 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-02-09 19:06 - 2015-07-11 12:40 - 02606080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-02-09 19:06 - 2015-07-11 03:51 - 00823336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-02-09 19:06 - 2015-07-11 03:00 - 01101792 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-02-09 19:06 - 2015-07-10 22:10 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2016-02-09 19:05 - 2016-01-05 15:07 - 00377592 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-09 19:05 - 2016-01-05 15:06 - 01991120 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-09 19:05 - 2016-01-05 15:06 - 01270104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-02-09 19:05 - 2016-01-05 15:04 - 02641928 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-09 19:05 - 2016-01-05 15:04 - 01591848 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-02-09 19:05 - 2016-01-05 15:04 - 00862056 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-02-09 19:05 - 2016-01-05 15:04 - 00787720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-09 19:05 - 2016-01-05 15:04 - 00772448 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 19:05 - 2016-01-05 15:04 - 00751992 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-09 19:05 - 2016-01-05 15:04 - 00667856 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 19:05 - 2016-01-05 15:04 - 00249464 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-09 19:05 - 2016-01-05 15:04 - 00115704 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-09 19:05 - 2016-01-05 15:04 - 00083704 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-09 19:05 - 2016-01-05 14:52 - 00441696 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 19:05 - 2016-01-05 14:50 - 01083072 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 19:05 - 2016-01-05 14:50 - 00723648 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 19:05 - 2016-01-05 14:50 - 00345080 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-09 19:05 - 2016-01-05 14:50 - 00205072 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-09 19:05 - 2016-01-05 14:31 - 01365576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-02-09 19:05 - 2016-01-05 14:30 - 02459096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-09 19:05 - 2016-01-05 14:30 - 02162064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-09 19:05 - 2016-01-05 14:30 - 01106872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-02-09 19:05 - 2016-01-05 14:30 - 00368776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-09 19:05 - 2016-01-05 14:30 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-09 19:05 - 2016-01-05 14:28 - 00714808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-02-09 19:05 - 2016-01-05 14:28 - 00696192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-09 19:05 - 2016-01-05 14:28 - 00695752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-09 19:05 - 2016-01-05 14:28 - 00497896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-09 19:05 - 2016-01-05 14:28 - 00107952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-09 19:05 - 2016-01-05 14:28 - 00072808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-09 19:05 - 2016-01-05 14:15 - 00931328 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-09 19:05 - 2016-01-05 14:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2016-02-09 19:05 - 2016-01-05 14:10 - 00305776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-09 19:05 - 2016-01-05 14:10 - 00188032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-09 19:05 - 2016-01-05 14:00 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 19:05 - 2016-01-05 13:59 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 19:05 - 2016-01-05 13:51 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-09 19:05 - 2016-01-05 13:51 - 01009664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-09 19:05 - 2016-01-05 13:51 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-09 19:05 - 2016-01-05 13:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-09 19:05 - 2016-01-05 13:51 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-09 19:05 - 2016-01-05 13:42 - 00871936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-09 19:05 - 2016-01-05 13:38 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2016-02-09 19:05 - 2016-01-05 13:20 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-09 19:05 - 2016-01-05 13:19 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-09 19:05 - 2016-01-05 13:19 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-09 19:05 - 2016-01-05 13:19 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-09 19:05 - 2016-01-05 13:19 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-09 19:05 - 2015-11-25 17:42 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-09 19:05 - 2015-11-25 17:33 - 03622272 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 19:05 - 2015-11-25 17:27 - 01366680 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-02-09 19:05 - 2015-11-25 17:12 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-02-09 19:05 - 2015-11-25 17:09 - 01310880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-02-09 19:05 - 2015-11-25 17:01 - 02879024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-09 19:05 - 2015-11-25 16:37 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 19:05 - 2015-11-25 16:36 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-02-09 19:05 - 2015-11-25 16:35 - 00929792 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-02-09 19:05 - 2015-11-25 16:35 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2016-02-09 19:05 - 2015-11-25 16:31 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2016-02-09 19:05 - 2015-11-25 16:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2016-02-09 19:05 - 2015-11-25 16:29 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-02-09 19:05 - 2015-11-25 16:29 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2016-02-09 19:05 - 2015-11-25 16:27 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-02-09 19:05 - 2015-11-25 16:26 - 00849408 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-02-09 19:05 - 2015-11-25 16:26 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2016-02-09 19:05 - 2015-11-25 16:23 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 19:05 - 2015-11-25 16:22 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-02-09 19:05 - 2015-11-25 16:22 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2016-02-09 19:05 - 2015-11-25 16:19 - 01795584 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-02-09 19:05 - 2015-11-25 16:17 - 00774656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-02-09 19:05 - 2015-11-25 16:16 - 01442816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-02-09 19:05 - 2015-11-25 16:16 - 00786432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2016-02-09 19:05 - 2015-11-25 16:13 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-09 19:05 - 2015-11-25 16:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2016-02-09 19:05 - 2015-11-25 16:10 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-02-09 19:05 - 2015-11-25 16:08 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-02-09 19:05 - 2015-11-25 16:04 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-02-09 19:05 - 2015-11-25 16:04 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2016-02-09 19:05 - 2015-11-25 16:04 - 00474624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-09 19:05 - 2015-11-05 17:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-02-09 19:05 - 2015-11-05 17:01 - 00607408 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-02-09 19:05 - 2015-11-05 16:18 - 00539728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-02-09 19:05 - 2015-11-05 16:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-02-09 19:05 - 2015-11-05 16:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-02-09 19:05 - 2015-11-05 16:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2016-02-09 19:05 - 2015-11-05 16:03 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-02-09 19:05 - 2015-11-05 15:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-02-09 19:05 - 2015-11-05 15:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2016-02-09 19:05 - 2015-11-05 15:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-02-09 19:05 - 2015-11-05 15:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-02-09 19:05 - 2015-11-05 15:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll
2016-02-09 19:05 - 2015-10-01 16:01 - 01294352 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-02-09 19:05 - 2015-10-01 16:01 - 01123400 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-02-09 19:05 - 2015-10-01 16:01 - 01018568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-02-09 19:05 - 2015-10-01 16:01 - 00858408 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-02-09 19:05 - 2015-09-25 16:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-02-09 19:05 - 2015-09-25 15:52 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-02-09 19:05 - 2015-09-25 15:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-02-09 19:05 - 2015-09-25 15:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-02-09 19:05 - 2015-09-25 15:00 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-02-09 19:05 - 2015-09-25 14:58 - 01871360 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-02-09 19:05 - 2015-09-25 14:32 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-02-09 19:05 - 2015-09-17 18:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-02-09 19:05 - 2015-09-17 18:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2016-02-09 19:05 - 2015-09-17 18:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-09 19:05 - 2015-09-17 18:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-02-09 19:05 - 2015-09-17 18:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 02494712 _____ C:\Windows\system32\CoreUIComponents.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-02-09 19:05 - 2015-09-17 18:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-02-09 19:05 - 2015-09-17 18:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2016-02-09 19:05 - 2015-09-17 18:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-02-09 19:05 - 2015-09-17 18:27 - 01766952 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-02-09 19:05 - 2015-09-17 18:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-02-09 19:05 - 2015-09-17 18:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2016-02-09 19:05 - 2015-09-17 18:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-02-09 19:05 - 2015-09-17 18:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-02-09 19:05 - 2015-09-17 18:04 - 00910848 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-02-09 19:05 - 2015-09-17 18:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-02-09 19:05 - 2015-09-17 18:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-02-09 19:05 - 2015-09-17 18:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-02-09 19:05 - 2015-09-17 17:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-02-09 19:05 - 2015-09-17 17:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll
2016-02-09 19:05 - 2015-09-17 17:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-02-09 19:05 - 2015-09-17 17:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-09 19:05 - 2015-09-17 17:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-02-09 19:05 - 2015-09-17 17:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-02-09 19:05 - 2015-09-17 17:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll
2016-02-09 19:05 - 2015-09-17 17:51 - 02660864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-02-09 19:05 - 2015-09-17 17:49 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-02-09 19:05 - 2015-09-17 17:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2016-02-09 19:05 - 2015-09-17 17:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-02-09 19:05 - 2015-09-17 17:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-02-09 19:05 - 2015-09-17 17:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-02-09 19:05 - 2015-09-17 17:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-02-09 19:05 - 2015-09-17 17:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2016-02-09 19:05 - 2015-09-17 17:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-02-09 19:05 - 2015-09-17 17:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-02-09 19:05 - 2015-09-17 17:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-02-09 19:05 - 2015-09-17 17:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-02-09 19:05 - 2015-09-17 17:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-02-09 19:05 - 2015-09-17 17:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-09 19:05 - 2015-09-17 17:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll
2016-02-09 19:05 - 2015-09-17 17:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-02-09 19:05 - 2015-09-17 17:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-02-09 19:05 - 2015-09-17 17:35 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-02-09 19:05 - 2015-09-17 17:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-02-09 19:05 - 2015-09-17 17:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-02-09 19:05 - 2015-09-17 17:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-02-09 19:05 - 2015-09-17 17:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-02-09 19:05 - 2015-08-27 17:54 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-02-09 19:05 - 2015-08-27 17:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-02-09 19:05 - 2015-08-27 17:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-02-09 19:05 - 2015-08-27 17:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll
2016-02-09 19:05 - 2015-08-27 17:23 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-02-09 19:05 - 2015-08-27 17:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-02-09 19:05 - 2015-08-20 18:06 - 00609592 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-02-09 19:05 - 2015-08-20 17:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-02-09 19:05 - 2015-08-20 17:21 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-02-09 19:05 - 2015-08-18 19:13 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-02-09 19:05 - 2015-08-18 18:59 - 01294336 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2016-02-09 19:05 - 2015-08-18 18:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2016-02-09 19:05 - 2015-08-18 18:56 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2016-02-09 19:05 - 2015-08-18 18:52 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-02-09 19:05 - 2015-08-18 18:49 - 01061888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-02-09 19:05 - 2015-08-18 18:49 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-02-09 19:05 - 2015-08-18 18:36 - 01226752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcnwiz.dll
2016-02-09 19:05 - 2015-08-18 18:35 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2016-02-09 19:05 - 2015-08-18 18:35 - 00095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2016-02-09 19:05 - 2015-08-18 18:34 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-02-09 19:05 - 2015-08-18 18:29 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-02-09 19:05 - 2015-08-11 21:52 - 00993104 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-02-09 19:05 - 2015-08-11 21:50 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-02-09 19:05 - 2015-08-11 21:26 - 00845664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-02-09 19:05 - 2015-08-11 21:13 - 00413184 _____ C:\Windows\system32\diagtrack_win.dll
2016-02-09 19:05 - 2015-08-11 21:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-02-09 19:05 - 2015-08-11 21:05 - 03527168 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-02-09 19:05 - 2015-08-11 21:05 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
2016-02-09 19:05 - 2015-08-11 21:03 - 02558976 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-02-09 19:05 - 2015-08-11 20:59 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-02-09 19:05 - 2015-08-11 20:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2016-02-09 19:05 - 2015-08-11 20:50 - 00420352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2016-02-09 19:05 - 2015-08-11 20:43 - 02748416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-02-09 19:05 - 2015-08-11 20:40 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-02-09 19:05 - 2015-08-08 18:24 - 02415104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-02-09 19:05 - 2015-08-08 18:24 - 01679360 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-02-09 19:05 - 2015-08-08 18:00 - 01985024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-02-09 19:05 - 2015-08-06 15:17 - 00200528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2016-02-09 19:05 - 2015-08-03 14:18 - 00046432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2016-02-09 19:05 - 2015-08-03 14:12 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-02-09 19:05 - 2015-08-03 13:49 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-02-09 19:05 - 2015-08-03 13:30 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_UserAccount.dll
2016-02-09 19:05 - 2015-08-03 13:23 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-02-09 19:05 - 2015-08-03 13:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-02-09 19:05 - 2015-08-03 13:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-02-09 19:05 - 2015-08-03 13:18 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\NetworkStatus.dll
2016-02-09 19:05 - 2015-08-03 13:15 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll
2016-02-09 19:05 - 2015-08-03 13:15 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2016-02-09 19:05 - 2015-08-03 13:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2016-02-09 19:05 - 2015-08-03 13:06 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-02-09 19:05 - 2015-08-03 12:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2016-02-09 19:05 - 2015-07-30 18:23 - 00527952 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-02-09 19:05 - 2015-07-30 18:21 - 00816576 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-02-09 19:05 - 2015-07-30 18:17 - 01025840 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-02-09 19:05 - 2015-07-30 18:16 - 02147080 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-02-09 19:05 - 2015-07-30 18:15 - 00632168 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-02-09 19:05 - 2015-07-30 18:06 - 01043872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-02-09 19:05 - 2015-07-30 16:26 - 01867160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-02-09 19:05 - 2015-07-30 16:26 - 00877016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-02-09 19:05 - 2015-07-30 16:25 - 00713312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-02-09 19:05 - 2015-07-30 16:24 - 00445240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-02-09 19:05 - 2015-07-30 16:22 - 00896144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-02-09 19:05 - 2015-07-30 16:22 - 00507696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-02-09 19:05 - 2015-07-30 16:12 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-02-09 19:05 - 2015-07-30 15:52 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-02-09 19:05 - 2015-07-30 15:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-02-09 19:05 - 2015-07-30 15:46 - 00487424 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-02-09 19:05 - 2015-07-30 15:44 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-02-09 19:05 - 2015-07-30 15:41 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2016-02-09 19:05 - 2015-07-30 15:40 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-02-09 19:05 - 2015-07-30 15:38 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-02-09 19:05 - 2015-07-30 15:06 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-02-09 19:05 - 2015-07-30 15:04 - 01714176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-02-09 19:05 - 2015-07-26 15:49 - 04760576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-09 19:05 - 2015-07-26 15:49 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-02-09 19:05 - 2015-07-26 15:47 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-02-09 19:05 - 2015-07-26 15:38 - 04350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-09 19:05 - 2015-07-26 15:35 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-02-09 19:05 - 2015-07-26 15:34 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-02-09 19:05 - 2015-07-24 15:17 - 00695136 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2016-02-09 19:05 - 2015-07-24 15:17 - 00521568 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2016-02-09 19:05 - 2015-07-24 14:24 - 01418240 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-02-09 19:05 - 2015-07-19 16:04 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-02-09 19:05 - 2015-07-19 15:23 - 00505344 _____ C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-02-09 19:05 - 2015-07-19 15:18 - 00430592 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-02-09 19:05 - 2015-07-18 20:47 - 00082616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2016-02-09 19:05 - 2015-07-18 19:37 - 01043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Editing.dll
2016-02-09 19:05 - 2015-07-18 19:29 - 03443200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-02-09 19:05 - 2015-07-18 19:28 - 00584704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-02-09 19:05 - 2015-07-18 19:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2016-02-09 19:05 - 2015-07-18 17:17 - 00097128 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2016-02-09 19:05 - 2015-07-18 17:02 - 00290312 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-02-09 19:05 - 2015-07-18 15:59 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Editing.dll
2016-02-09 19:05 - 2015-07-18 15:59 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2016-02-09 19:05 - 2015-07-18 15:52 - 04169728 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-02-09 19:05 - 2015-07-18 15:50 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-02-09 19:05 - 2015-07-18 15:48 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2016-02-09 19:05 - 2015-07-17 16:13 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-09 19:05 - 2015-07-17 14:33 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\omadmprc.exe
2016-02-09 19:05 - 2015-07-17 14:18 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-02-09 19:05 - 2015-07-17 13:44 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-02-09 19:05 - 2015-07-16 16:04 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-02-09 19:05 - 2015-07-16 16:03 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.OneCore.dll
2016-02-09 19:05 - 2015-07-16 15:47 - 00754688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-02-09 19:05 - 2015-07-16 15:45 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-02-09 19:05 - 2015-07-16 15:41 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2016-02-09 19:05 - 2015-07-16 15:32 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-02-09 19:05 - 2015-07-15 14:41 - 01135312 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-02-09 19:05 - 2015-07-15 14:22 - 02112512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-02-09 19:05 - 2015-07-15 13:57 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\OmaDmAgent.dll
2016-02-09 19:05 - 2015-07-15 13:47 - 04611584 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-09 19:05 - 2015-07-15 13:37 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.ProxyStub.dll
2016-02-09 19:05 - 2015-07-15 13:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\unenrollhook.dll
2016-02-09 19:05 - 2015-07-14 13:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2016-02-09 19:05 - 2015-07-12 12:25 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\SensorDataService.exe
2016-02-09 19:05 - 2015-07-12 12:18 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-02-09 19:05 - 2015-07-11 13:28 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-02-09 19:05 - 2015-07-11 13:17 - 06305792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-02-09 19:05 - 2015-07-11 13:07 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-02-09 19:05 - 2015-07-11 13:04 - 03362816 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-02-09 19:05 - 2015-07-11 13:03 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-02-09 19:05 - 2015-07-11 13:02 - 00283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-02-09 19:05 - 2015-07-11 12:51 - 04398080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-02-09 19:05 - 2015-07-11 12:43 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-02-09 19:05 - 2015-07-11 12:41 - 03687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-02-09 19:05 - 2015-07-11 12:40 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-02-09 19:05 - 2015-07-11 12:34 - 00294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-02-09 19:05 - 2015-07-11 03:47 - 00265480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-02-09 19:05 - 2015-07-11 02:52 - 00335248 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-02-09 19:05 - 2015-07-10 22:59 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SignInOptions.dll
2016-02-09 19:05 - 2015-07-10 22:42 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2016-02-09 19:05 - 2015-07-10 22:05 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-02-09 19:05 - 2015-07-10 21:53 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-02-09 19:05 - 2015-07-10 21:29 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-02-09 19:04 - 2016-01-05 15:04 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-09 19:04 - 2016-01-05 15:04 - 00243248 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-09 19:04 - 2016-01-05 14:50 - 01817064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-09 19:04 - 2016-01-05 14:50 - 00251544 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-09 19:04 - 2016-01-05 14:28 - 00277400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-09 19:04 - 2016-01-05 14:28 - 00116728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-09 19:04 - 2016-01-05 14:10 - 00278424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-09 19:04 - 2015-11-25 17:32 - 00113184 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-02-09 19:04 - 2015-11-25 16:59 - 00092992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-02-09 19:04 - 2015-11-25 16:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-02-09 19:04 - 2015-11-25 16:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-02-09 19:04 - 2015-11-25 16:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-02-09 19:04 - 2015-11-25 16:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL
2016-02-09 19:04 - 2015-11-25 16:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-02-09 19:04 - 2015-11-25 16:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-02-09 19:04 - 2015-11-25 16:07 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-02-09 19:04 - 2015-11-25 16:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-02-09 19:04 - 2015-11-25 16:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL
2016-02-09 19:04 - 2015-11-25 16:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-02-09 19:04 - 2015-11-25 16:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-02-09 19:04 - 2015-11-25 14:52 - 00775312 _____ C:\Windows\SysWOW64\locale.nls
2016-02-09 19:04 - 2015-11-25 14:52 - 00775312 _____ C:\Windows\system32\locale.nls
2016-02-09 19:04 - 2015-11-05 16:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 19:04 - 2015-10-10 19:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 19:04 - 2015-09-25 15:11 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-02-09 19:04 - 2015-09-25 15:11 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-02-09 19:04 - 2015-09-25 15:00 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-02-09 19:04 - 2015-09-25 14:59 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-02-09 19:04 - 2015-09-25 14:59 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-02-09 19:04 - 2015-09-25 14:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-02-09 19:04 - 2015-09-25 14:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-02-09 19:04 - 2015-09-25 14:34 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-02-09 19:04 - 2015-09-25 14:34 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-02-09 19:04 - 2015-09-25 14:34 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-02-09 19:04 - 2015-09-25 14:34 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-02-09 19:04 - 2015-09-19 17:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-02-09 19:04 - 2015-09-17 18:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-02-09 19:04 - 2015-09-17 18:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-09 19:04 - 2015-09-17 18:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-02-09 19:04 - 2015-09-17 18:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-02-09 19:04 - 2015-09-17 18:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-02-09 19:04 - 2015-09-17 18:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2016-02-09 19:04 - 2015-09-17 18:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-02-09 19:04 - 2015-09-17 18:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-02-09 19:04 - 2015-09-17 17:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-02-09 19:04 - 2015-09-17 17:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-02-09 19:04 - 2015-09-17 17:52 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-02-09 19:04 - 2015-09-17 17:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-02-09 19:04 - 2015-09-17 17:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-02-09 19:04 - 2015-09-17 17:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll
2016-02-09 19:04 - 2015-09-17 17:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll
2016-02-09 19:04 - 2015-09-17 17:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll
2016-02-09 19:04 - 2015-09-17 17:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll
2016-02-09 19:04 - 2015-09-17 17:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll
2016-02-09 19:04 - 2015-09-17 17:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll
2016-02-09 19:04 - 2015-09-17 17:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-02-09 19:04 - 2015-09-17 17:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2016-02-09 19:04 - 2015-09-17 17:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-02-09 19:04 - 2015-09-17 17:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-02-09 19:04 - 2015-09-17 17:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2016-02-09 19:04 - 2015-08-18 18:59 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2016-02-09 19:04 - 2015-08-18 18:58 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-02-09 19:04 - 2015-08-18 18:58 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\dafWCN.dll
2016-02-09 19:04 - 2015-08-18 18:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2016-02-09 19:04 - 2015-08-18 18:54 - 00247296 _____ C:\Windows\system32\facecredentialprovider.dll
2016-02-09 19:04 - 2015-08-18 18:49 - 00274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-02-09 19:04 - 2015-08-18 16:44 - 00008847 _____ C:\Windows\system32\ResPriHMImageList
2016-02-09 19:04 - 2015-08-11 21:10 - 00293376 _____ C:\Windows\system32\TextInputFramework.dll
2016-02-09 19:04 - 2015-08-11 21:00 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-02-09 19:04 - 2015-08-11 20:50 - 00200704 _____ C:\Windows\SysWOW64\TextInputFramework.dll
2016-02-09 19:04 - 2015-08-11 20:50 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-02-09 19:04 - 2015-08-11 20:39 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-02-09 19:04 - 2015-08-11 20:38 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2016-02-09 19:04 - 2015-08-05 16:00 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-02-09 19:04 - 2015-08-05 15:39 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2016-02-09 19:04 - 2015-08-03 14:32 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2016-02-09 19:04 - 2015-08-03 14:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2016-02-09 19:04 - 2015-08-03 14:17 - 00052264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2016-02-09 19:04 - 2015-07-30 15:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2016-02-09 19:04 - 2015-07-30 15:44 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\VoiceActivationManager.dll
2016-02-09 19:04 - 2015-07-30 15:06 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2016-02-09 19:04 - 2015-07-30 15:06 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VoiceActivationManager.dll
2016-02-09 19:04 - 2015-07-26 15:39 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2016-02-09 19:04 - 2015-07-26 15:29 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sendmail.dll
2016-02-09 19:04 - 2015-07-24 15:12 - 00584544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2016-02-09 19:04 - 2015-07-24 14:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2016-02-09 19:04 - 2015-07-22 16:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2016-02-09 19:04 - 2015-07-22 15:21 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-02-09 19:04 - 2015-07-18 15:49 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-02-09 19:04 - 2015-07-18 15:49 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2016-02-09 19:04 - 2015-07-18 15:49 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2016-02-09 19:04 - 2015-07-18 15:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-02-09 19:04 - 2015-07-17 14:39 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-02-09 19:04 - 2015-07-17 14:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-02-09 19:04 - 2015-07-16 15:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2016-02-09 19:04 - 2015-07-16 15:19 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2016-02-09 19:04 - 2015-07-14 15:00 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-02-09 19:04 - 2015-07-14 14:37 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-02-09 19:04 - 2015-07-14 13:38 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-02-09 19:04 - 2015-07-14 13:20 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-02-09 19:00 - 2016-02-09 19:00 - 00045720 _____ (Toshiba Corporation) C:\Windows\system32\Drivers\Thotkey.sys
2016-02-09 18:56 - 2016-02-09 18:56 - 47804432 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 39731728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 30785040 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 27554832 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 25329680 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 22337552 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 21653520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-02-09 18:56 - 2016-02-09 18:56 - 15735824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 14321168 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 12175392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 10289896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 09429376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 09069112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 08952040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 08090616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 07745928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 07558720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 06496272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 05087248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-02-09 18:56 - 2016-02-09 18:56 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-02-09 18:56 - 2016-02-09 18:56 - 01493008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 01268224 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 01238224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 01206304 _____ C:\Windows\system32\amdocl_as64.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 01080864 _____ C:\Windows\system32\amdocl_ld64.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 01014304 _____ C:\Windows\SysWOW64\amdocl_as32.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00947200 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00947200 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00884752 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00833800 _____ C:\Windows\system32\amdicdxx.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00817696 _____ C:\Windows\SysWOW64\amdocl_ld32.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00737410 _____ C:\Windows\system32\atiicdxx.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00693776 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00686080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-02-09 18:56 - 2016-02-09 18:56 - 00662032 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-02-09 18:56 - 2016-02-09 18:56 - 00662032 _____ C:\Windows\system32\atiapfxx.blb
2016-02-09 18:56 - 2016-02-09 18:56 - 00485696 _____ C:\Windows\system32\amdmiracast.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00461328 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00386064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00351760 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00322868 _____ C:\Windows\system32\ativvaxy_vi.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00321200 _____ C:\Windows\system32\ativvaxy_vi_nd.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00316640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-02-09 18:56 - 2016-02-09 18:56 - 00264224 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00255808 _____ C:\Windows\system32\ativvaxy_cz_nd.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00253968 _____ C:\Windows\system32\clinfo.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00250884 _____ C:\Windows\system32\ativvaxy_FJ.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00249088 _____ C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00234420 _____ C:\Windows\system32\ativvaxy_cik.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00232752 _____ C:\Windows\system32\ativvaxy_cik_nd.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00223760 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00208416 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00207392 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00204952 _____ C:\Windows\SysWOW64\ativvsvl.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00204952 _____ C:\Windows\system32\ativvsvl.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00180744 _____ C:\Windows\system32\atieah64.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00177344 _____ C:\Windows\system32\ativce03.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00175648 _____ C:\Windows\system32\amde31a.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00175632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00173952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00164360 _____ C:\Windows\SysWOW64\atieah32.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00163608 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00159264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00157144 _____ C:\Windows\SysWOW64\ativvsva.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00157144 _____ C:\Windows\system32\ativvsva.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00154624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00153616 _____ C:\Windows\system32\amdhdl64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00151440 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00146448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00142352 _____ C:\Windows\SysWOW64\amdhdl32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00141544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00140240 _____ C:\Windows\system32\samu_krnl_ci.sbin
2016-02-09 18:56 - 2016-02-09 18:56 - 00138832 _____ C:\Windows\system32\samu_krnl_isv_ci.sbin
2016-02-09 18:56 - 2016-02-09 18:56 - 00132624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00127440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00123392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00122128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00121600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00121360 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00112144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00106528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00105488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00100816 _____ C:\Windows\system32\ativce02.dat
2016-02-09 18:56 - 2016-02-09 18:56 - 00097584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00097584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00094224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00090640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00083984 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00081424 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00078352 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00076288 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00072704 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00070160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-02-09 18:56 - 2016-02-09 18:56 - 00069648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00068112 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00064000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00056864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00048656 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00047664 _____ C:\Windows\system32\kapp_ci.sbin
2016-02-09 18:56 - 2016-02-09 18:56 - 00043536 _____ C:\Windows\system32\kapp_si.sbin
2016-02-09 18:56 - 2016-02-09 18:56 - 00023056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-02-09 18:56 - 2016-02-09 18:56 - 00023056 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-02-09 18:46 - 2016-02-09 18:46 - 00045184 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\TVALZ_O.SYS
2016-02-09 18:46 - 2016-02-09 18:45 - 00051392 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-02-09 18:46 - 2016-02-09 18:45 - 00050880 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF.sys
2016-02-09 18:45 - 2016-02-09 18:45 - 01813392 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-02-09 18:45 - 2016-02-09 18:45 - 00773312 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2016-02-09 18:45 - 2016-02-09 18:45 - 00627392 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2016-02-09 18:45 - 2016-02-09 18:45 - 00428736 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2016-02-09 18:45 - 2016-02-09 18:45 - 00277696 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2016-02-09 18:45 - 2016-02-09 18:45 - 00262848 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo33.dll
2016-02-09 18:45 - 2016-02-09 18:45 - 00051392 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel_Aux.sys
2016-02-09 18:45 - 2016-02-09 18:45 - 00050880 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2016-02-09 18:28 - 2016-02-27 14:06 - 00111120 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2016-02-04 09:12 - 2016-02-04 09:12 - 00635120 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-02-04 09:12 - 2016-02-04 09:12 - 00390400 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-02-04 09:12 - 2016-02-04 09:12 - 00333080 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-02-04 09:12 - 2016-02-04 09:12 - 00088816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-02-04 07:21 - 2016-02-04 07:21 - 00439536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-02-04 07:21 - 2016-02-04 07:21 - 00267016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-02-04 07:21 - 2016-02-04 07:21 - 00243480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-02-04 07:21 - 2016-02-04 07:21 - 00085232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-27 21:19 - 2015-10-30 21:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-27 13:36 - 2015-12-11 22:50 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\A\Desktop\TDSSKiller.exe
2016-02-14 15:03 - 2012-11-05 23:26 - 00828872 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll
2016-02-14 15:03 - 2012-11-05 23:26 - 00661448 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
2016-02-14 15:03 - 2012-11-05 23:26 - 00354264 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib110.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-26 10:10

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-02-2016
Ran by A (2016-02-27 21:43:00)
Running from C:\Users\A\Desktop
Windows 10 Home (X64) (2016-02-25 22:29:06)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

A (S-1-5-21-2997362956-1101253904-808265527-1001 - Administrator - Enabled) => C:\Users\A
Administrator (S-1-5-21-2997362956-1101253904-808265527-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2997362956-1101253904-808265527-503 - Limited - Disabled)
Guest (S-1-5-21-2997362956-1101253904-808265527-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6568.2025 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
PDF Pro 10 (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 10.8.0000 - PDF Pro Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2997362956-1101253904-808265527-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\A\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {31EE3D27-99E2-461C-B953-9C7071B9B58C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-02-26] (Microsoft Corporation)
Task: {5469EEB3-8C11-418D-8506-5501A2C80D7B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-26] (Microsoft Corporation)
Task: {62AF7D63-4D12-4DAB-9CD0-73394081C76A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation)
Task: {7EF94927-BAF9-4C2B-95A7-B0C17CC986DC} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {AA4D6340-A105-47CE-BD90-A87812091880} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation)
Task: {B39CA9B7-9B9D-44D2-BF35-F038873D91DC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-02-26] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-09 19:06 - 2015-07-15 14:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-02-26 10:52 - 2016-02-04 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-02-09 19:05 - 2015-08-11 21:13 - 00413184 _____ () C:\Windows\System32\diagtrack_win.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 02494712 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-02-09 19:05 - 2015-09-17 18:48 - 02494712 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-26 11:11 - 2016-02-26 11:11 - 08914120 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-02-09 19:04 - 2015-09-17 17:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-09 19:05 - 2015-09-17 18:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-02-09 19:05 - 2015-11-25 16:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-09 19:06 - 2015-11-25 16:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-09 19:05 - 2015-11-25 16:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-09 19:05 - 2015-09-17 17:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 23:00 - 2015-07-11 01:14 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2016-02-27 21:17 - 2014-01-07 10:24 - 07215616 _____ () C:\Users\A\Desktop\New folder\vspdfprsrv.exe
2016-02-27 21:17 - 2015-06-19 11:36 - 01206216 _____ () C:\Users\A\Desktop\New folder\TMSlite170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 00096200 _____ () C:\Users\A\Desktop\New folder\vspropsaver170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 05170632 _____ () C:\Users\A\Desktop\New folder\vspdfcore170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 00084936 _____ () C:\Users\A\Desktop\New folder\expertpdfcore170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 02550728 _____ () C:\Users\A\Desktop\New folder\vsvector170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 02980808 _____ () C:\Users\A\Desktop\New folder\BBlite170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 00072648 _____ () C:\Users\A\Desktop\New folder\vsprinters170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 00070600 _____ () C:\Users\A\Desktop\New folder\vspdfprinter170.bpl
2016-02-27 21:17 - 2015-06-23 15:05 - 01954240 _____ () C:\Users\A\Desktop\New folder\js32.dll
2016-02-27 21:17 - 2015-06-19 11:36 - 00579016 _____ () C:\Users\A\Desktop\New folder\vspdfeditor170.bpl
2016-02-27 21:17 - 2015-06-19 11:36 - 00031688 _____ () C:\Users\A\Desktop\New folder\vstrees170.bpl

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\A\Downloads\JavaSetup8u73.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10121058.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10121058.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-02-27 05:55 - 2016-02-27 20:01 - 00508411 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu

There are 12091 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2997362956-1101253904-808265527-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{60110052-EF00-4B2D-8B86-916A23680C14}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{264D01C2-4B43-45A1-AA84-960F67D54E3A}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{E0CE06EA-83BC-4F2F-909B-CF991C32744A}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [{0836B7BF-8078-4B07-AEEC-13A1385E092E}] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{08814300-B451-4F19-9ABB-2499EAC55B00}] => (Block) C:\windows\system32\mmc.exe

==================== Restore Points =========================

27-02-2016 14:03:34 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

==================== Faulty Device Manager Devices =============

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Logitech Cordless Device
Description: Logitech Cordless Device
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/27/2016 09:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16683, time stamp: 0x56ad9bef
Faulting module name: eModel.dll, version: 11.0.10240.16683, time stamp: 0x56ad982b
Exception code: 0xc0000409
Fault offset: 0x0000000000112343
Faulting process id: 0x12a0
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (02/27/2016 08:57:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TE3136L)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/27/2016 08:57:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16683, time stamp: 0x56ad9bef
Faulting module name: eModel.dll, version: 11.0.10240.16683, time stamp: 0x56ad982b
Exception code: 0xc0000409
Fault offset: 0x0000000000112343
Faulting process id: 0xc2c
Faulting application start time: 0xMicrosoftEdge.exe0
Faulting application path: MicrosoftEdge.exe1
Faulting module path: MicrosoftEdge.exe2
Report Id: MicrosoftEdge.exe3
Faulting package full name: MicrosoftEdge.exe4
Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (02/27/2016 06:54:45 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (02/27/2016 06:38:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TE3136L)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/27/2016 03:37:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TE3136L)
Description: Activation of app Microsoft.ZuneMusic_8wekyb3d8bbwe!Microsoft.ZuneMusic failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/27/2016 03:26:40 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {E681C5ED-FD52-44D9-A424-6C9650C12D2E}

Error: (02/27/2016 03:26:40 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {E681C5ED-FD52-44D9-A424-6C9650C12D2E}

Error: (02/27/2016 03:24:38 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {72D1894E-D806-47F4-AB66-3E7640E84E97}

Error: (02/27/2016 03:24:38 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {72D1894E-D806-47F4-AB66-3E7640E84E97}

System errors:
=============
Error: (02/27/2016 09:26:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (02/27/2016 09:26:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Volume Shadow Copy service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/27/2016 09:26:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (02/27/2016 09:26:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706be: Upgrade to Windows 10 Home, version 1511, 10586.

Error: (02/27/2016 09:26:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (02/27/2016 09:26:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (02/27/2016 09:26:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SynTPEnh Caller Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/27/2016 09:26:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (02/27/2016 09:26:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Audio Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/27/2016 09:26:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD External Events Utility service terminated unexpectedly.  It has done this 1 time(s).

==================== Memory info ===========================

Processor: AMD A8-5545M APU with Radeon™ HD Graphics
Percentage of memory in use: 23%
Total physical RAM: 7374.36 MB
Available physical RAM: 5665.97 MB
Total Virtual: 9230.36 MB
Available Virtual: 7504.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.56 GB) (Free:123.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 23608422)
Partition 1: (Not Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=148.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:26 AM

Posted 27 February 2016 - 08:13 AM

Welcome to Bleeping Computer's Malware Removal Logs area. My name is Sintharius. I will assist you with your problem.

Please allow me some time to review your logs and I will be back with instructions.

#3 antrlee

antrlee
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 27 February 2016 - 08:18 AM

Hi

Thanks for the prompt reply, and your time. I look forward to your advice.

A

#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:26 AM

Posted 01 March 2016 - 03:22 AM

Hello antrlee,

May I ask why you think you are infected?

VirusTotal file analysis
  • Go to VirusTotal.
  • Click Choose File and navigate to the following file:
    C:\Users\A\Desktop\New folder\vspdfprsrv.exe
    
  • Press Scan it! and wait for VirusTotal to complete scanning.
  • When VirusTotal finished scanning, copy and paste the link to the result list into your next reply. You can see the image below as an example of what to copy.
    THmd0qR.png
If you recognize this file then please let me know what it is. 

Edited by Sintharius, 01 March 2016 - 03:22 AM.


#5 antrlee

antrlee
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 03 March 2016 - 04:58 AM

Hi there

Your question is valid, but it is a hard one to answer as I'm poor at being able to communicate and describe all of the issues I have with the eight laptops I've gone through in two years. If I was better able to explain myself I'm sure this all could have been fixed a long time ago.

My off the bat answer is "I think I'm infected, because my gut instinct tells me that I am. And throughout my life my instinct has been very accurate." I appreciate that you are probably rolling your eyes now and I know that facts and solid evidence are an absolute necessity. The good thing is that I have plenty of evidence. My only issue is I lack the IT knowledge to explain the evidence I have. That is of course except for the results which whatever AV I'm running at the time produce (I subscribe to the big 5, but of course never run more than one at a time together with MBAM).

After I format the HD and reinstall the OS the first thing I do is install one of the AV's (from an OEM disk), delete bloatware, turn on the wifi, check for windows and AV updates, download MBAM from this site using a Cmd line, and then run the tests. Constantly the results reveal malware (always Trojan.downloaders), unsigned Microsoft drivers (some dating back to 2006), an unknown or corrupt bootsec, and various other issues.

Occasionally I've run a packet sniffer to see what's coming and going in the background because task manager also shows several browser processes working even though I have never opened a browser. This has revealed that I'm receiving heaps of png's, certificates (from Microsoft and Google) and almost constantly cab files relating to a Microsoft VC Library.

It's all down hill from there. It seems that every site I visit is 'odd' and has had code injected into it. I try to use Firefox but it seems to turn itself into Chrome for some reason???? (I know that sounds messed up right), my temp folder starts to rapidly fill up with 100's of tmp and json files, personal files start to go missing or become encrypted or corrupt etc etc.

The weird thing is that my pst files get altered. Emails with attachments that were previously clean suddenly are converted to contain zip attachments with the sane name as the prior attachment but now it's a Trojan file. I have done a sandboxed exam of the files and they always contain a bunch of exe files and items written in Python. It seems that whatever is attacking my pc's relies on keeping a cache of weapons in my files which it can readily utilize as soon as it gets into the machine again.

My PC's always have a mysterious drive which is inaccessible. Most of the time this is labeled Z Drive.

I sent that file to virus total and it came back clean, but did say that it connects with a website that I also checked- and that came back with six suspicious hits.

#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:26 AM

Posted 06 March 2016 - 09:05 AM

Hello antrlee,

Can you post the results of the logs from tools that you have used?

#7 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:04:26 AM

Posted 09 March 2016 - 05:04 AM

Are you still with me? It has been three days since my last post.

#8 thcbytes

thcbytes

  • Malware Response Team
  • 14,790 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 13 March 2016 - 04:04 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud member - Unified Network of Instructors and Trained Eliminators
Posted Image

I do not accept personal donations for assistance provided. I would ask that you instead consider donating the greatest gift - Organ Donation. Your organs are of no use to you when your gone. You will save a life that would otherwise be lost!

http://donatelife.net/register-now/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users