Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Hijacker www-mysearch.com doesn't want to go away


  • This topic is locked This topic is locked
8 replies to this topic

#1 cartong

cartong

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 28 February 2016 - 12:48 PM

The homepage keeps going to www-mysearch.com. Its similar to Www-searching. I tried to remove the hijacker through Www-searching removal guide. I followed the guide but homepage still goes to www-mysearch.com. Both internet explorer and google chrome are affected. I attached screenshot of the homepage. Any help will be appreciated. Thanks so much!!!

 

Here is the FRST log: 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
Ran by LONEW (administrator) on 550-A114 (28-02-2016 10:33:02)
Running from C:\Users\LONEW\AppData\Local\Microsoft\Windows\INetCache\IE\4XR3KKCK
Loaded Profiles: LONEW (Available Profiles: LONEW)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc.) C:\windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
(CyberLink) C:\Program Files (x86)\Cyberlink\PowerDVD14\Kernel\DMS\CLMSMonitorServicePDVD14.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Broadcom Corporation.) C:\windows\System32\BtwRSupportService.exe
(McAfee, Inc.) C:\windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(AMD) C:\windows\System32\atieclxx.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(McAfee, Inc.) C:\windows\System32\mfevtps.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Spotify Ltd) C:\Users\LONEW\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\LiveBoost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Adobe Systems Incorporated) C:\windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-02-05] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4867784 2015-12-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2622432 2016-01-29] (Malwarebytes Corporation)
HKLM-x32\...\Run: [iolo Startup] => C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe [4537256 2015-12-09] (iolo technologies, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [286960 2016-02-12] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [712432 2016-02-03] ()
HKU\S-1-5-21-3021717852-3600035281-275452165-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-3021717852-3600035281-275452165-1001\...\Run: [Spotify Web Helper] => C:\Users\LONEW\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-02-19] (Spotify Ltd)
HKU\S-1-5-21-3021717852-3600035281-275452165-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-3021717852-3600035281-275452165-1001\...\Run: [Chromium] => "c:\users\lonew\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-02-12]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b0669201-17b3-41bc-b300-5fd1898c653d}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{d5c356a5-5da4-4545-bfd7-20b1ccd4bd5e}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3021717852-3600035281-275452165-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.twcc.com/
HKU\S-1-5-21-3021717852-3600035281-275452165-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-02-03] (RealDownloader)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealDownloader)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-01-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-01-08] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-01-08] ()
FF Plugin-x32: @real.com/nppl3260;version=18.1.3.100 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2016-02-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.3.100 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2016-02-12] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-10] [not signed]

Chrome:
=======
CHR Profile: C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-28]
CHR Extension: (Google Docs) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28]
CHR Extension: (Google Drive) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28]
CHR Extension: (YouTube) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28]
CHR Extension: (Google Search) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28]
CHR Extension: (Google Sheets) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-28]
CHR Extension: (Google Docs Offline) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-28]
CHR Extension: (Gmail) - C:\Users\LONEW\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28]
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286872 2016-02-26] (Broadcom Corporation.)
R2 CyberLink PowerDVD 14 Media Server Monitor Service; C:\Program Files (x86)\Cyberlink\PowerDVD14\Kernel\DMS\CLMSMonitorServicePDVD14.exe [77240 2015-06-21] (CyberLink)
R2 CyberLink PowerDVD 14 Media Server Service; C:\Program Files (x86)\Cyberlink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe [323000 2015-06-21] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-02-05] (Dropbox, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4681128 2015-12-09] (iolo technologies, LLC)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [740832 2016-01-29] (Malwarebytes Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-01-08] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.203.0\McCSPServiceHost.exe [1694152 2015-12-02] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-01-08] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-06] (Electronic Arts)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
S3 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [183112 2016-02-13] ()
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-02-03] ()
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1095440 2016-02-12] (RealNetworks, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-02-05] (Realtek Semiconductor)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60440 2015-08-29] (Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101112 2015-08-29] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-07-22] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-08-29] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-17] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208192 2016-02-26] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11774712 2016-02-26] (Broadcom Corp)
R3 BCMWL63A; C:\Windows\system32\DRIVERS\bcmwl63a.sys [11774712 2016-02-26] (Broadcom Corp)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
R1 ElRawDisk; C:\windows\system32\drivers\ElRawDsk.sys [30752 2013-09-15] (EldoS Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-01-29] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R1 RawDisk3; C:\windows\system32\drivers\rawdsk3.sys [32568 2015-07-24] (EldoS Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [888064 2016-02-06] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S2 SecDrv; C:\windows\SysWOW64\drivers\SECDRV.SYS [12400 2016-02-26] (Macrovision Europe Ltd) [File not signed]
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 10:32 - 2016-02-28 10:33 - 00000000 ___DC C:\FRST
2016-02-28 10:29 - 2016-02-28 10:29 - 00016148 _____ C:\windows\system32\550-A114_LONEW_HistoryPrediction.bin
2016-02-28 10:04 - 2016-02-28 10:08 - 00000000 ___DC C:\AdwCleaner
2016-02-28 09:19 - 2016-02-28 09:19 - 00000000 ____D C:\Users\LONEW\AppData\Local\CrashRpt
2016-02-28 09:15 - 2016-02-28 09:15 - 01609216 _____ (Malwarebytes) C:\Users\LONEW\Downloads\JRT.exe
2016-02-28 02:45 - 2016-02-28 02:45 - 00000000 ___DC C:\Program Files\AMD Quick Stream
2016-02-28 02:45 - 2016-02-28 02:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2016-02-28 00:35 - 2016-02-28 10:00 - 00004020 _____ C:\windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-02-27 08:33 - 2016-02-27 08:33 - 00000371 _____ C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\YouTube.website
2016-02-26 19:05 - 2016-02-26 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2016-02-26 18:22 - 2016-02-26 18:22 - 00003390 _____ C:\windows\System32\Tasks\{02C984DF-4155-4FE2-91F4-6E1F23C64422}
2016-02-26 15:02 - 2016-02-26 15:02 - 03787296 _____ (Broadcom Corporation) C:\windows\system32\bcmihvui64.dll
2016-02-26 14:42 - 2016-02-26 14:42 - 00224560 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\btwampfl.sys
2016-02-26 13:06 - 2016-02-26 13:06 - 00187904 _____ C:\windows\rsrcs.dll
2016-02-25 17:30 - 2016-02-25 18:33 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
2016-02-24 16:28 - 2016-02-24 16:28 - 00000000 ____D C:\Users\LONEW\Documents\Colossal Order
2016-02-24 16:28 - 2016-02-24 16:28 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Colossal Order
2016-02-24 16:22 - 2016-02-24 16:22 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\.mono
2016-02-24 16:22 - 2016-02-24 16:22 - 00000000 ____D C:\Users\LONEW\AppData\Local\Colossal Order
2016-02-24 16:22 - 2016-02-24 16:22 - 00000000 ____D C:\ProgramData\.mono
2016-02-24 16:21 - 2016-02-24 16:21 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Steam
2016-02-24 15:49 - 2016-02-24 15:49 - 00001966 _____ C:\Users\Public\Desktop\Cities Skylines.lnk
2016-02-24 15:49 - 2016-02-24 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities Skylines
2016-02-24 15:45 - 2016-02-26 21:27 - 00000000 ____D C:\Program Files (x86)\Cities Skylines
2016-02-24 15:40 - 2016-02-24 15:40 - 00000000 ____D C:\Users\LONEW\Downloads\_Oceanofgames.com_Cities_Skylines
2016-02-23 14:13 - 2016-02-23 14:13 - 00001069 _____ C:\Users\LONEW\Desktop\ZC DVD Copy.lnk
2016-02-23 14:13 - 2016-02-23 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZC DVD Copy
2016-02-23 14:13 - 2016-02-23 14:13 - 00000000 ____D C:\Program Files (x86)\ZC DVD Copy
2016-02-23 14:11 - 2016-02-23 14:12 - 02602020 _____ (ZC Software ) C:\Users\LONEW\Downloads\zcdvdcopy.exe
2016-02-21 15:35 - 2016-02-21 15:35 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_burger_king_2
2016-02-21 15:35 - 2016-02-21 15:35 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_badwater_basin_3
2016-02-21 15:34 - 2016-02-21 15:34 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_frank_west_1
2016-02-21 15:34 - 2016-02-21 15:34 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_deadpool_4.1
2016-02-21 15:33 - 2016-02-21 15:33 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_infected_replaced_with_xenomorphs__single-player_edition__1.1
2016-02-21 15:33 - 2016-02-21 15:33 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_ghost_town_1.0
2016-02-21 15:32 - 2016-02-21 15:32 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_mars_attacks__martians_2.001
2016-02-21 15:32 - 2016-02-21 15:32 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_l4d2_plants_vs_zombies_4.0
2016-02-21 15:31 - 2016-02-21 15:31 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_mc_donald_s_1.1
2016-02-21 15:30 - 2016-02-21 15:30 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_resident_evil_1_beta_6.0
2016-02-21 15:30 - 2016-02-21 15:30 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_morrigan-(-zoey-)_15711_v0_1
2016-02-21 15:29 - 2016-02-21 15:29 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_stormy_outlook_3.2
2016-02-21 15:28 - 2016-02-21 15:28 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_zooicidal_tendencies_1.1
2016-02-21 15:26 - 2016-02-21 15:27 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_back_to_school_1.06
2016-02-21 13:15 - 2016-02-21 13:16 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_zoey-with-her-hair-down_16184_v1_1
2016-02-20 17:56 - 2016-02-20 17:56 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_loony-park_15871_v1_01
2016-02-20 17:40 - 2016-02-20 17:40 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_night_terror_l4d2_edition_1.0 (1)
2016-02-20 17:36 - 2016-02-20 17:36 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_cs_go-lake-survival_16281_v1_2
2016-02-20 17:35 - 2016-02-20 17:35 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_raccoon-city-nemesis_16220_v4_1
2016-02-20 17:21 - 2016-02-20 17:21 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_freddy-fazbear_s-pizzeria_14164_v2_9
2016-02-20 17:20 - 2016-02-20 17:20 - 00000000 ____D C:\Users\LONEW\Downloads\l4d2_journey_to_splash_mountain_1.0
2016-02-20 05:37 - 2016-02-20 05:38 - 00000000 ____D C:\Users\LONEW\AppData\Local\9748812
2016-02-20 05:37 - 2016-02-20 05:37 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-02-20 05:02 - 2016-02-20 05:02 - 00000000 ____D C:\ProgramData\xml_param
2016-02-20 04:39 - 2016-02-20 04:39 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Aimersoft DVD Ripper
2016-02-20 04:39 - 2016-02-20 04:39 - 00000000 ____D C:\Users\LONEW\AppData\Local\Aimersoft
2016-02-20 04:39 - 2016-02-20 04:39 - 00000000 ____D C:\ProgramData\Aimersoft DVD Ripper
2016-02-20 04:39 - 2013-05-07 09:08 - 00892928 _____ (Free Software Foundation) C:\windows\SysWOW64\iconv.dll
2016-02-20 04:39 - 2013-05-07 09:08 - 00675840 _____ () C:\windows\SysWOW64\ac3filter.ax
2016-02-20 04:39 - 2013-05-07 09:08 - 00496640 _____ C:\windows\SysWOW64\xvid.ax
2016-02-19 18:29 - 2016-02-19 18:55 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft
2016-02-17 17:23 - 2016-02-27 17:48 - 00000000 ____D C:\windows\Minidump
2016-02-17 12:56 - 2016-02-17 12:56 - 00000000 ____D C:\Users\LONEW\AppData\Local\Blizzard Entertainment
2016-02-17 12:53 - 2016-02-17 13:55 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-17 12:30 - 2016-02-17 12:56 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-02-17 06:27 - 2016-02-17 06:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-15 03:22 - 2016-02-15 03:22 - 00003400 _____ C:\windows\System32\Tasks\{69A67D0B-85F7-4174-9758-BDE60453B23C}
2016-02-15 03:21 - 2016-02-15 03:21 - 00000000 __SHD C:\windows\ftpcache
2016-02-13 17:56 - 2016-02-13 17:56 - 00000000 ____D C:\Users\LONEW\.cache
2016-02-13 14:21 - 2016-02-13 14:22 - 00000000 ____D C:\Users\LONEW\Documents\NFS Undercover
2016-02-13 14:19 - 2016-02-13 14:19 - 00183112 _____ C:\windows\SysWOW64\PnkBstrB.exe
2016-02-13 14:19 - 2016-02-13 14:19 - 00066872 _____ C:\windows\SysWOW64\PnkBstrA.exe
2016-02-13 14:19 - 2016-02-13 14:19 - 00000000 ____D C:\Users\LONEW\AppData\Local\PunkBuster
2016-02-13 12:56 - 2016-02-26 14:42 - 00000000 ____D C:\windows\LastGood
2016-02-13 11:27 - 2016-02-13 12:45 - 00000000 ____D C:\windows\LastGood.Tmp
2016-02-13 09:07 - 2016-02-13 09:07 - 00002440 _____ C:\Users\Public\Desktop\The Sims™ 2 Mansion and Garden Stuff.lnk
2016-02-13 09:03 - 2016-02-13 09:07 - 00001168 _____ C:\Users\Public\Desktop\www.thesims3.com.lnk
2016-02-13 09:03 - 2016-02-13 09:03 - 00002350 _____ C:\Users\Public\Desktop\The Sims™ 2 Apartment Life.lnk
2016-02-13 08:56 - 2016-02-13 08:56 - 00002343 _____ C:\Users\Public\Desktop\The Sims 2 Family Fun Stuff.lnk
2016-02-13 08:47 - 2016-02-13 08:47 - 00002361 _____ C:\Users\Public\Desktop\The Sims 2 Glamour Life Stuff.lnk
2016-02-13 08:41 - 2016-02-13 08:41 - 00002361 _____ C:\Users\Public\Desktop\The Sims™ 2 Celebration! Stuff.lnk
2016-02-13 08:34 - 2016-02-13 08:34 - 00002368 _____ C:\Users\Public\Desktop\The Sims™ 2 Teen Style Stuff.lnk
2016-02-13 08:26 - 2016-02-13 08:26 - 00002361 _____ C:\Users\Public\Desktop\The Sims™ 2 H&M® Fashion Stuff.lnk
2016-02-13 08:20 - 2016-02-13 08:20 - 00002368 _____ C:\Users\Public\Desktop\The Sims™ 2 IKEA® Home Stuff.lnk
2016-02-13 08:13 - 2016-02-13 08:13 - 00002548 _____ C:\Users\Public\Desktop\The Sims™ 2 Kitchen & Bath Interior Design Stuff.lnk
2016-02-13 08:05 - 2016-02-13 08:05 - 00002296 _____ C:\Users\Public\Desktop\The Sims™ 2 FreeTime.lnk
2016-02-13 07:51 - 2016-02-13 07:51 - 00002352 _____ C:\Users\Public\Desktop\The Sims 2 Open For Business.lnk
2016-02-13 07:37 - 2016-02-13 07:37 - 00002289 _____ C:\Users\Public\Desktop\The Sims 2 University.lnk
2016-02-13 07:23 - 2016-02-13 07:23 - 00002262 _____ C:\Users\Public\Desktop\The Sims™ 2 Seasons.lnk
2016-02-13 07:03 - 2016-02-13 07:03 - 00002235 _____ C:\Users\Public\Desktop\The Sims 2 Pets.lnk
2016-02-13 06:48 - 2016-02-13 06:48 - 00002280 _____ C:\Users\Public\Desktop\The Sims 2 Nightlife.lnk
2016-02-13 06:25 - 2016-02-13 06:25 - 00002314 _____ C:\Users\Public\Desktop\The Sims™ 2 Bon Voyage.lnk
2016-02-13 05:56 - 2016-02-13 05:56 - 00000000 ____D C:\Users\Public\Documents\EA Games
2016-02-13 05:54 - 2016-02-13 09:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2016-02-13 05:54 - 2016-02-13 05:54 - 00002165 _____ C:\Users\Public\Desktop\The Sims 2.lnk
2016-02-13 05:54 - 2016-02-13 05:54 - 00000000 ____D C:\Users\LONEW\Documents\EA Games
2016-02-13 05:30 - 2016-02-13 14:43 - 00000000 ____D C:\Program Files (x86)\EA GAMES
2016-02-12 19:39 - 2016-02-12 19:39 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\LONEW\Downloads\autodetectutility.exe
2016-02-12 16:49 - 2016-02-12 16:49 - 00003624 _____ C:\windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3021717852-3600035281-275452165-1001
2016-02-12 15:49 - 2016-02-12 15:49 - 00003556 _____ C:\windows\System32\Tasks\RealDownloader Update Check
2016-02-12 15:48 - 2016-02-12 15:48 - 00003606 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3021717852-3600035281-275452165-1001
2016-02-12 15:48 - 2016-02-12 15:48 - 00003544 _____ C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3021717852-3600035281-275452165-1001
2016-02-12 15:48 - 2016-02-12 15:48 - 00000998 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
2016-02-12 15:48 - 2016-02-12 15:48 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\RealNetworks
2016-02-12 15:48 - 2016-02-12 15:48 - 00000000 ____D C:\ProgramData\RealNetworks
2016-02-12 15:48 - 2016-02-12 15:48 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2016-02-12 15:46 - 2016-02-12 15:46 - 00505584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp71.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 00354032 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 00278768 _____ (Progressive Networks) C:\windows\SysWOW64\pncrt.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 00200944 _____ (RealNetworks, Inc.) C:\windows\SysWOW64\rmoc3260.dll
2016-02-11 14:01 - 2016-02-26 18:28 - 00012400 _____ (Macrovision Europe Ltd) C:\windows\SysWOW64\Drivers\SECDRV.SYS
2016-02-11 14:01 - 2016-02-26 18:05 - 00002157 _____ C:\windows\eReg.dat
2016-02-11 05:04 - 2016-02-11 05:04 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2016-02-11 04:41 - 2016-02-11 04:41 - 00001852 _____ C:\Users\LONEW\Desktop\SporeApp - Shortcut.lnk
2016-02-11 03:27 - 2016-02-11 03:32 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\SPORE
2016-02-11 03:27 - 2016-02-11 03:27 - 00000000 ____D C:\Users\LONEW\Documents\My Spore Creations
2016-02-11 01:04 - 2016-02-11 01:04 - 00178800 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt_x64.dll
2016-02-11 01:03 - 2016-02-11 01:03 - 00001216 _____ C:\Users\Public\Desktop\City Life 2008.lnk
2016-02-11 01:03 - 2016-02-11 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Life 2008
2016-02-11 00:47 - 2016-02-11 01:03 - 00000000 ____D C:\Program Files (x86)\City Life 2008
2016-02-11 00:17 - 2016-02-11 00:17 - 00262144 _____ (Creative Labs) C:\windows\SysWOW64\wrap_oal.dll
2016-02-11 00:17 - 2016-02-11 00:17 - 00086016 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\windows\SysWOW64\OpenAL32.dll
2016-02-10 22:29 - 2016-02-10 22:29 - 00000000 ____D C:\Users\LONEW\Documents\Atari
2016-02-10 22:27 - 2016-02-10 22:27 - 00002183 _____ C:\Users\Public\Desktop\Tycoon City - New York.lnk
2016-02-10 19:18 - 2016-02-10 19:18 - 00026880 _____ (Western Digital Technologies, Inc.) C:\windows\system32\Drivers\wdcsam64.sys
2016-02-10 17:03 - 2016-02-10 17:18 - 00000000 ____D C:\Users\LONEW\AppData\Local\Deployment
2016-02-10 17:03 - 2016-02-10 17:03 - 00000000 ____D C:\Users\LONEW\AppData\Local\Apps\2.0
2016-02-10 11:32 - 2016-02-10 11:32 - 00000000 ____D C:\ProgramData\Intel Security
2016-02-10 11:31 - 2016-02-10 11:31 - 00000000 ___DC C:\Program Files\Common Files\Intel Security
2016-02-09 17:47 - 2016-02-09 17:47 - 00000000 ____D C:\ProgramData\SimCity Societies
2016-02-09 13:36 - 2016-01-30 23:25 - 01951872 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-02-09 13:36 - 2016-01-30 23:23 - 02601160 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2016-02-09 13:36 - 2016-01-30 23:04 - 01811360 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2016-02-09 13:36 - 2016-01-30 22:38 - 21873152 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2016-02-09 13:36 - 2016-01-30 22:33 - 24593920 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-02-09 13:36 - 2016-01-30 22:29 - 11557888 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2016-02-09 13:36 - 2016-01-30 22:26 - 06787072 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2016-02-09 13:36 - 2016-01-30 22:26 - 03793408 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-02-09 13:36 - 2016-01-30 22:25 - 12504576 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-02-09 13:36 - 2016-01-30 22:17 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\hlink.dll
2016-02-09 13:36 - 2016-01-30 22:16 - 09889280 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2016-02-09 13:36 - 2016-01-30 22:11 - 05156352 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-09 13:35 - 2016-01-30 23:25 - 01248896 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2016-02-09 13:35 - 2016-01-30 23:24 - 01824880 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-02-09 13:35 - 2016-01-30 23:23 - 01420392 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-02-09 13:35 - 2016-01-30 23:06 - 01535032 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-02-09 13:35 - 2016-01-30 23:06 - 01531368 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-02-09 13:35 - 2016-01-30 23:06 - 00809336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2016-02-09 13:35 - 2016-01-30 23:04 - 01180696 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-02-09 13:35 - 2016-01-30 22:34 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\ngckeyenum.dll
2016-02-09 13:35 - 2016-01-30 22:33 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\IoTAssignedAccessLockFramework.dll
2016-02-09 13:35 - 2016-01-30 22:29 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\rasman.dll
2016-02-09 13:35 - 2016-01-30 22:25 - 02237952 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-02-09 13:35 - 2016-01-30 22:25 - 00366592 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2016-02-09 13:35 - 2016-01-30 22:25 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-02-09 13:35 - 2016-01-30 22:24 - 00784384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-02-09 13:35 - 2016-01-30 22:24 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-02-09 13:35 - 2016-01-30 22:24 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-02-09 13:35 - 2016-01-30 22:23 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-02-09 13:35 - 2016-01-30 22:22 - 00680448 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2016-02-09 13:35 - 2016-01-30 22:20 - 02849792 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-02-09 13:35 - 2016-01-30 22:19 - 01602560 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-02-09 13:35 - 2016-01-30 22:19 - 00237056 _____ (Microsoft Corporation) C:\windows\system32\NetworkDesktopSettings.dll
2016-02-09 13:35 - 2016-01-30 22:19 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\IoTAssignedAccessLockFramework.dll
2016-02-09 13:35 - 2016-01-30 22:18 - 00771072 _____ (Microsoft Corporation) C:\windows\system32\Chakradiag.dll
2016-02-09 13:35 - 2016-01-30 22:18 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-02-09 13:35 - 2016-01-30 22:17 - 19324928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-02-09 13:35 - 2016-01-30 22:16 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-02-09 13:35 - 2016-01-30 22:14 - 07525376 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2016-02-09 13:35 - 2016-01-30 22:14 - 03588096 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2016-02-09 13:35 - 2016-01-30 22:13 - 04791808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-02-09 13:35 - 2016-01-30 22:13 - 00123392 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasman.dll
2016-02-09 13:35 - 2016-01-30 22:13 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\ztrace_maps.dll
2016-02-09 13:35 - 2016-01-30 22:11 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-02-09 13:35 - 2016-01-30 22:11 - 00291840 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-02-09 13:35 - 2016-01-30 22:11 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-02-09 13:35 - 2016-01-30 22:07 - 18802176 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2016-02-09 13:35 - 2016-01-30 22:06 - 02316800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-02-09 13:35 - 2016-01-30 22:05 - 01380864 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-02-09 13:35 - 2016-01-30 22:05 - 00574464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2016-02-09 13:35 - 2016-01-30 22:05 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-02-09 13:35 - 2016-01-30 22:04 - 00100352 _____ (Microsoft Corporation) C:\windows\SysWOW64\hlink.dll
2016-02-09 13:35 - 2016-01-30 22:02 - 03580416 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-02-09 13:35 - 2016-01-30 22:02 - 00768000 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-02-09 13:35 - 2016-01-30 22:00 - 11263488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-02-09 13:35 - 2016-01-30 21:59 - 05457408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2016-02-09 13:35 - 2016-01-30 21:58 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ztrace_maps.dll
2016-02-09 12:43 - 2016-02-09 12:43 - 00000000 ____D C:\Users\LONEW\AppData\LocalLow\Temp
2016-02-09 00:58 - 2016-02-09 00:58 - 00000000 ___RD C:\Users\LONEW\3D Objects
2016-02-09 00:54 - 2016-02-20 05:45 - 00007605 _____ C:\Users\LONEW\AppData\Local\resmon.resmoncfg
2016-02-09 00:15 - 2016-02-28 02:36 - 00004208 _____ C:\windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-02-08 17:04 - 2016-02-26 13:06 - 00002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-08 17:04 - 2016-02-26 13:06 - 00002407 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-08 17:00 - 2016-02-28 10:13 - 00000910 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-08 17:00 - 2016-02-28 10:05 - 00000914 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-08 17:00 - 2016-02-14 09:19 - 00000000 ____D C:\Users\LONEW\AppData\Local\Google
2016-02-08 17:00 - 2016-02-08 17:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-08 17:00 - 2016-02-08 17:00 - 00987728 _____ (Google Inc.) C:\Users\LONEW\Downloads\ChromeSetup.exe
2016-02-08 17:00 - 2016-02-08 17:00 - 00003972 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-08 17:00 - 2016-02-08 17:00 - 00003740 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-08 15:58 - 2016-02-08 16:52 - 00000000 ____D C:\ProgramData\Affinegy
2016-02-08 13:44 - 2016-02-08 13:44 - 00000000 ____D C:\Program Files (x86)\Creative
2016-02-08 13:44 - 2003-01-07 15:22 - 00139264 _____ (Creative Technology Ltd) C:\windows\SysWOW64\eax.dll
2016-02-08 13:44 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\windows\IsUninst.exe
2016-02-08 13:43 - 2016-02-08 13:43 - 00000000 ____D C:\Program Files (x86)\directx
2016-02-08 13:17 - 2016-02-08 13:17 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Atari
2016-02-08 12:24 - 2016-02-10 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-02-08 12:24 - 2016-02-08 13:17 - 00000000 ____D C:\Users\LONEW\Documents\RCT3
2016-02-08 12:24 - 2016-02-08 12:24 - 00002250 _____ C:\Users\Public\Desktop\RollerCoaster Tycoon 3 Platinum.lnk
2016-02-08 12:24 - 2016-02-08 12:24 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Leadertech
2016-02-08 12:17 - 2016-02-10 22:23 - 00000000 ____D C:\Program Files (x86)\Atari
2016-02-08 10:27 - 2016-02-08 10:27 - 00000000 ____D C:\Users\LONEW\Documents\DeadIsland
2016-02-08 08:29 - 2016-02-08 08:29 - 00000219 _____ C:\Users\LONEW\Desktop\Left 4 Dead 2.url
2016-02-08 02:36 - 2016-02-08 02:36 - 00000000 ____D C:\windows\system32\SleepStudy
2016-02-08 02:24 - 2016-02-08 08:29 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-08 02:24 - 2016-02-08 02:24 - 00000219 _____ C:\Users\LONEW\Desktop\Left 4 Dead.url
2016-02-08 02:03 - 2016-02-08 02:03 - 00000000 ____D C:\Users\LONEW\AppData\Local\Steam
2016-02-08 01:49 - 2016-02-28 10:13 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-08 01:49 - 2016-02-22 23:19 - 00000999 _____ C:\Users\Public\Desktop\Steam.lnk
2016-02-08 01:49 - 2016-02-08 01:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-02-08 01:39 - 2016-02-08 01:39 - 00016148 _____ C:\windows\system32\DESKTOP-OSBB742_LONEW_HistoryPrediction.bin
2016-02-08 01:04 - 2016-02-08 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2016-02-08 01:03 - 2016-02-08 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2016-02-08 00:36 - 2016-02-08 00:36 - 00002100 _____ C:\Users\LONEW\Desktop\BurnoutLauncher - Shortcut.lnk
2016-02-08 00:25 - 2016-02-08 00:25 - 00000000 __RHD C:\Users\LONEW\AppData\Roaming\SecuROM
2016-02-08 00:24 - 2016-02-08 00:25 - 00098247 _____ C:\windows\Burnout™ Paradise The Ultimate Box Patch Log.txt
2016-02-08 00:22 - 2016-02-08 00:22 - 00000000 ____D C:\ProgramData\EA Core
2016-02-08 00:14 - 2016-02-08 00:14 - 00000000 ____D C:\Users\LONEW\AppData\Local\Criterion Games
2016-02-07 23:35 - 2016-02-11 01:19 - 00000000 ____D C:\Users\LONEW\AppData\Local\Downloaded Installations
2016-02-07 23:35 - 2016-02-07 23:35 - 00003552 _____ C:\windows\SysWOW64\ealregsnapshot1.reg
2016-02-07 23:24 - 2016-02-26 20:06 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-02-07 22:48 - 2016-02-07 22:48 - 16566573 _____ (Axialis Software) C:\windows\SysWOW64\Main Street USA.scr
2016-02-07 22:48 - 2016-02-07 22:48 - 00000000 ____D C:\Program Files (x86)\Visions Fantastic
2016-02-07 22:46 - 2016-02-27 15:07 - 00000000 ____D C:\Users\LONEW\AppData\Local\Axialis
2016-02-07 18:40 - 2016-02-07 18:40 - 00000000 ____D C:\Users\LONEW\Downloads\zombie_caribbean_020610_5185-L4D2
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\sbtd_l4d2_281110_7380-L4D2
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\rotld_sbs_ls_180611_9018-L4D2
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\residentevil_rpd_250511_10530
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\resident_evil_one_beta_220410_3500
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\remodpack_230711_11551-L4D2
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\precinct84_020611_7359
2016-02-07 18:39 - 2016-02-07 18:39 - 00000000 ____D C:\Users\LONEW\Downloads\nightterror_161009_1693
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\nick_ozzy_240811_12374-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\motleycrue_zoey_060811_11341-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\l4dtheatre_041109_2609
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\l4d_sv_mg1_220811_5432
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\kiss_zoey_060811_11414-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\indiana_adventure_v3_161010_6178-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\g04_cinema_150711_3721-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\ellis_body_sf2_110811_12070-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\ellis_body_mk_110811_12075-L4D2
2016-02-07 18:38 - 2016-02-07 18:38 - 00000000 ____D C:\Users\LONEW\Downloads\deadbeforedawn2_dc_150211_7774-L4D2
2016-02-07 18:37 - 2016-02-07 18:37 - 00000000 ____D C:\Users\LONEW\Downloads\silenthill_040310_865
2016-02-07 18:37 - 2016-02-07 18:37 - 00000000 ____D C:\Users\LONEW\Downloads\deadbeforedawn2_261110_7221-L4D2
2016-02-07 18:37 - 2016-02-07 18:37 - 00000000 ____D C:\Users\LONEW\Downloads\coach_slash_240811_12375-L4D2
2016-02-07 18:32 - 2016-02-07 18:32 - 00000000 ____H C:\windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-02-07 17:00 - 2004-12-27 16:35 - 16819017 _____ (Axialis Software) C:\Users\LONEW\Downloads\Main Street USA Installer.exe
2016-02-07 11:20 - 2016-02-07 23:08 - 00001442 _____ C:\Users\Public\Desktop\The Sims 3.lnk
2016-02-07 11:20 - 2016-02-07 11:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3
2016-02-07 10:08 - 2016-02-07 10:08 - 00004296 _____ C:\windows\System32\Tasks\AMD Updater
2016-02-07 10:08 - 2016-02-07 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-02-07 10:07 - 2016-02-07 10:07 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\library_dir
2016-02-07 10:06 - 2016-02-28 08:39 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-02-07 10:06 - 2016-02-28 02:47 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Raptr
2016-02-07 10:03 - 2016-02-07 10:03 - 00000000 ____D C:\ProgramData\ATI
2016-02-07 10:01 - 2016-02-07 10:01 - 00001250 _____ C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2016-02-07 09:05 - 2016-02-07 09:05 - 00000000 ___DC C:\$SysReset
2016-02-07 01:19 - 2016-02-07 01:19 - 01380712 _____ C:\Users\LONEW\Downloads\SteamSetup.exe
2016-02-07 00:16 - 2016-02-25 17:12 - 00000000 ____D C:\Users\LONEW\Documents\Electronic Arts
2016-02-07 00:03 - 2016-02-07 10:24 - 00000000 ____D C:\Users\LONEW\Documents\Criterion Games
2016-02-06 23:10 - 2016-02-08 01:04 - 00001341 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2016-02-06 21:46 - 2016-02-08 01:03 - 00001316 _____ C:\Users\Public\Desktop\SimCity™.lnk
2016-02-06 18:38 - 2016-02-06 18:38 - 00008192 _____ C:\windows\system32\config\userdiff
2016-02-06 12:22 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2016-02-06 12:22 - 2016-02-06 12:39 - 00001386 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2016-02-06 12:22 - 2010-11-22 17:09 - 00447752 ____R (On2.com) C:\windows\SysWOW64\vp6vfw.dll
2016-02-06 11:21 - 2016-02-06 11:21 - 00000000 ____D C:\Users\LONEW\Documents\PVZ Garden Warfare
2016-02-06 11:13 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PVZ Garden Warfare
2016-02-06 11:13 - 2016-02-06 11:13 - 00001439 _____ C:\Users\Public\Desktop\PVZ Garden Warfare.lnk
2016-02-06 11:13 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2016-02-06 11:13 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2016-02-06 11:13 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2016-02-06 11:13 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2016-02-06 11:13 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2016-02-06 11:13 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2016-02-06 11:13 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2016-02-06 11:13 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2016-02-06 11:13 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2016-02-06 11:13 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2016-02-06 10:46 - 2016-02-06 23:55 - 00001674 _____ C:\Users\LONEW\Desktop\PowerDVD - Shortcut.lnk
2016-02-06 10:45 - 2016-02-06 10:45 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2016-02-06 09:24 - 2016-02-07 10:24 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-02-06 09:13 - 2016-02-07 00:03 - 00000000 ____D C:\Users\LONEW\AppData\Local\Origin
2016-02-06 09:13 - 2016-02-06 15:15 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Origin
2016-02-06 09:10 - 2016-02-26 05:35 - 00000000 ____D C:\ProgramData\Origin
2016-02-06 09:10 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-02-06 09:10 - 2016-02-06 11:21 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-02-06 09:10 - 2016-02-06 09:10 - 00001015 _____ C:\Users\Public\Desktop\Origin.lnk
2016-02-06 09:09 - 2016-02-06 09:12 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-06 09:08 - 2016-02-06 09:09 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\LONEW\Downloads\OriginThinSetup.exe
2016-02-06 08:59 - 2016-02-06 08:59 - 00000000 ____D C:\Users\LONEW\AppData\Local\Real
2016-02-06 08:58 - 2016-02-12 16:22 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Real
2016-02-06 08:58 - 2016-02-12 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-02-06 08:58 - 2016-02-12 15:48 - 00000000 ____D C:\Program Files (x86)\Real
2016-02-06 08:57 - 2016-02-12 15:48 - 00000000 ____D C:\ProgramData\Real
2016-02-06 08:56 - 2016-02-06 08:56 - 01308632 _____ (RealNetworks, Inc.) C:\Users\LONEW\Downloads\RealTimes-RealPlayer.exe
2016-02-06 08:55 - 2016-02-06 08:55 - 00001576 _____ C:\Users\LONEW\Desktop\wmplayer - Shortcut.lnk
2016-02-06 08:46 - 2016-02-06 10:36 - 00000000 ____D C:\Users\LONEW\Documents\CyberLink
2016-02-06 08:45 - 2016-02-13 15:50 - 00000000 ____D C:\Users\Public\CyberLink
2016-02-06 08:44 - 2016-02-06 10:36 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\CyberLink
2016-02-06 08:44 - 2016-02-06 08:44 - 00001672 _____ C:\Users\LONEW\Desktop\PDR12 - Shortcut.lnk
2016-02-06 07:15 - 2016-02-06 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-02-06 07:06 - 2016-02-10 11:32 - 00003122 _____ C:\windows\System32\Tasks\McAfeeLogon
2016-02-06 07:06 - 2016-02-10 11:32 - 00000000 ____D C:\windows\System32\Tasks\McAfee
2016-02-06 07:03 - 2016-02-06 07:03 - 00000000 ___DC C:\Program Files\Common Files\AV
2016-02-06 06:05 - 2016-02-06 06:05 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\WildTangent
2016-02-06 01:20 - 2016-02-06 01:20 - 00876040 _____ (AMD) C:\windows\system32\coinst_15.20.dll
2016-02-06 01:19 - 2016-02-06 01:19 - 01196072 _____ C:\windows\system32\amdocl_as64.exe
2016-02-06 01:19 - 2016-02-06 01:19 - 01070632 _____ C:\windows\system32\amdocl_ld64.exe
2016-02-06 01:19 - 2016-02-06 01:19 - 01005592 _____ C:\windows\SysWOW64\amdocl_as32.exe
2016-02-06 01:19 - 2016-02-06 01:19 - 00807464 _____ C:\windows\SysWOW64\amdocl_ld32.exe
2016-02-06 01:19 - 2016-02-06 01:19 - 00082544 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2016-02-06 01:19 - 2015-12-16 12:45 - 09105552 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2016-02-06 01:01 - 2016-02-26 03:49 - 00000386 _____ C:\windows\system32\ioloBootDefrag.cfg
2016-02-06 00:59 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2016-02-06 00:59 - 2016-02-06 18:10 - 00002476 _____ C:\windows\System32\Tasks\iolo Process Governor
2016-02-06 00:59 - 2016-02-06 01:27 - 00000000 ____D C:\ProgramData\ioloGovernor
2016-02-06 00:59 - 2016-02-06 00:59 - 00001509 _____ C:\Users\Public\Desktop\System Mechanic.lnk
2016-02-06 00:59 - 2016-02-06 00:59 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\ioloGovernor
2016-02-06 00:59 - 2016-02-06 00:59 - 00000000 ____D C:\Program Files (x86)\iolo
2016-02-06 00:59 - 2015-12-09 17:00 - 00056744 _____ (iolo technologies, LLC) C:\windows\system32\iolobtdfg.exe
2016-02-06 00:59 - 2015-12-09 17:00 - 00025512 _____ (iolo technologies, LLC) C:\windows\system32\smrgdf.exe
2016-02-06 00:59 - 2015-12-09 16:57 - 02142120 _____ (iolo technologies, LLC) C:\windows\system32\Incinerator64.dll
2016-02-06 00:59 - 2015-12-09 16:57 - 02084264 _____ (iolo technologies, LLC) C:\windows\SysWOW64\Incinerator32.dll
2016-02-06 00:59 - 2015-07-24 23:35 - 00083224 _____ (Raxco Software, Inc.) C:\windows\system32\Drivers\PDFsFilter.sys
2016-02-06 00:56 - 2015-07-24 23:38 - 00032568 _____ (EldoS Corporation) C:\windows\system32\Drivers\rawdsk3.sys
2016-02-06 00:55 - 2013-09-15 15:50 - 00030752 _____ (EldoS Corporation) C:\windows\system32\Drivers\ElRawDsk.sys
2016-02-06 00:54 - 2016-02-10 21:20 - 00000000 ____D C:\ProgramData\iolo
2016-02-06 00:54 - 2016-02-10 21:19 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\iolo
2016-02-06 00:54 - 2016-02-06 00:54 - 00074703 _____ C:\windows\SysWOW64\mfc45.dat
2016-02-06 00:52 - 2016-02-09 13:42 - 00000000 ____D C:\windows\system32\MRT
2016-02-06 00:52 - 2016-02-09 13:38 - 146614896 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-02-06 00:52 - 2016-01-04 18:26 - 00373760 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-02-06 00:52 - 2015-11-24 21:22 - 01383424 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2016-02-06 00:52 - 2015-11-04 20:40 - 01918976 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2016-02-06 00:52 - 2015-09-16 23:06 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\tetheringservice.dll
2016-02-06 00:52 - 2015-09-16 23:03 - 00154624 _____ (Microsoft Corporation) C:\windows\system32\dmcertinst.exe
2016-02-06 00:52 - 2015-09-16 23:02 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\mdmmigrator.dll
2016-02-06 00:52 - 2015-09-16 22:49 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2016-02-06 00:52 - 2015-09-16 22:46 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\HttpsDataSource.dll
2016-02-06 00:52 - 2015-08-18 00:55 - 00373072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2016-02-06 00:52 - 2015-08-11 02:21 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\tetheringclient.dll
2016-02-06 00:52 - 2015-08-11 02:07 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\MbaeParserTask.exe
2016-02-06 00:52 - 2015-08-11 02:05 - 00137216 _____ (Microsoft Corporation) C:\windows\system32\LocationPermissions.dll
2016-02-06 00:51 - 2016-01-04 20:07 - 02463704 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2016-02-06 00:51 - 2016-01-04 20:07 - 00377592 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-02-06 00:51 - 2016-01-04 20:06 - 08022368 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-02-06 00:51 - 2016-01-04 20:06 - 01063504 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-02-06 00:51 - 2016-01-04 20:06 - 00119800 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-02-06 00:51 - 2016-01-04 20:04 - 02824248 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-02-06 00:51 - 2016-01-04 20:04 - 02641928 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-02-06 00:51 - 2016-01-04 20:04 - 00787720 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-02-06 00:51 - 2016-01-04 20:04 - 00233992 _____ (Microsoft Corporation) C:\windows\system32\mftranscode.dll
2016-02-06 00:51 - 2016-01-04 20:04 - 00090912 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-02-06 00:51 - 2016-01-04 20:04 - 00083704 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-02-06 00:51 - 2016-01-04 19:50 - 00345080 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-02-06 00:51 - 2016-01-04 19:50 - 00205072 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-02-06 00:51 - 2016-01-04 19:30 - 02459096 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-02-06 00:51 - 2016-01-04 19:30 - 00882208 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-02-06 00:51 - 2016-01-04 19:30 - 00368776 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-02-06 00:51 - 2016-01-04 19:30 - 00100712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-02-06 00:51 - 2016-01-04 19:28 - 02445128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-02-06 00:51 - 2016-01-04 19:28 - 00695752 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-02-06 00:51 - 2016-01-04 19:28 - 00082096 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-02-06 00:51 - 2016-01-04 19:10 - 00305776 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-02-06 00:51 - 2016-01-04 19:10 - 00188032 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-02-06 00:51 - 2016-01-04 19:09 - 01234944 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2016-02-06 00:51 - 2016-01-04 18:57 - 00578560 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-02-06 00:51 - 2016-01-04 18:57 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-02-06 00:51 - 2016-01-04 18:29 - 00650240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-02-06 00:51 - 2016-01-04 18:29 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-02-06 00:51 - 2015-11-24 22:40 - 00516448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2016-02-06 00:51 - 2015-11-24 22:33 - 03622272 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-02-06 00:51 - 2015-11-24 22:01 - 02879024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-02-06 00:51 - 2015-11-24 21:49 - 01569280 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2016-02-06 00:51 - 2015-11-24 21:30 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2016-02-06 00:51 - 2015-11-24 21:30 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2016-02-06 00:51 - 2015-11-24 21:18 - 01233920 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2016-02-06 00:51 - 2015-11-04 22:15 - 00541024 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2016-02-06 00:51 - 2015-11-04 22:14 - 00459104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-02-06 00:51 - 2015-11-04 22:13 - 00577888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2016-02-06 00:51 - 2015-11-04 22:11 - 01392480 _____ (Microsoft Corporation) C:\windows\system32\LicenseManager.dll
2016-02-06 00:51 - 2015-11-04 21:56 - 00116064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2016-02-06 00:51 - 2015-11-04 21:30 - 00961376 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicenseManager.dll
2016-02-06 00:51 - 2015-11-04 21:23 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2016-02-06 00:51 - 2015-11-04 21:18 - 03248128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2016-02-06 00:51 - 2015-11-04 21:17 - 02418688 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2016-02-06 00:51 - 2015-11-04 21:10 - 02987520 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2016-02-06 00:51 - 2015-11-04 21:07 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-02-06 00:51 - 2015-11-04 20:58 - 00627712 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2016-02-06 00:51 - 2015-11-04 20:35 - 02639872 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2016-02-06 00:51 - 2015-10-05 20:03 - 16708608 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2016-02-06 00:51 - 2015-10-05 19:46 - 13027840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2016-02-06 00:51 - 2015-09-24 20:56 - 22322624 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-02-06 00:51 - 2015-09-24 20:33 - 01997336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-02-06 00:51 - 2015-09-24 20:26 - 20858360 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-02-06 00:51 - 2015-09-16 23:48 - 02432336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2016-02-06 00:51 - 2015-09-16 23:48 - 00476760 _____ (Microsoft Corporation) C:\windows\system32\MFCaptureEngine.dll
2016-02-06 00:51 - 2015-09-16 23:48 - 00406864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2016-02-06 00:51 - 2015-09-16 23:28 - 00074880 _____ (Microsoft Corporation) C:\windows\SysWOW64\remoteaudioendpoint.dll
2016-02-06 00:51 - 2015-09-16 23:26 - 00434376 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFCaptureEngine.dll
2016-02-06 00:51 - 2015-09-16 23:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\CellularAPI.dll
2016-02-06 00:51 - 2015-09-16 23:00 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\KeywordDetectorMsftSidAdapter.dll
2016-02-06 00:51 - 2015-09-16 22:55 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\dmcsps.dll
2016-02-06 00:51 - 2015-09-16 22:52 - 06572032 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2016-02-06 00:51 - 2015-09-16 22:52 - 01181696 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2016-02-06 00:51 - 2015-09-16 22:51 - 01812480 _____ (Microsoft Corporation) C:\windows\system32\pnidui.dll
2016-02-06 00:51 - 2015-09-16 22:50 - 00929280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2016-02-06 00:51 - 2015-09-16 22:50 - 00320000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-02-06 00:51 - 2015-09-16 22:50 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\buttonconverter.sys
2016-02-06 00:51 - 2015-09-16 22:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\LocationGeofences.dll
2016-02-06 00:51 - 2015-09-16 22:48 - 02093056 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2016-02-06 00:51 - 2015-09-16 22:47 - 00513536 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2016-02-06 00:51 - 2015-09-16 22:46 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2016-02-06 00:51 - 2015-09-16 22:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentClient.dll
2016-02-06 00:51 - 2015-09-16 22:44 - 01844736 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2016-02-06 00:51 - 2015-09-16 22:44 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2016-02-06 00:51 - 2015-09-16 22:30 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppXDeploymentClient.dll
2016-02-06 00:51 - 2015-08-26 22:42 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\shacct.dll
2016-02-06 00:51 - 2015-08-26 22:39 - 00045568 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-02-06 00:51 - 2015-08-26 22:11 - 00139776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shacct.dll
2016-02-06 00:51 - 2015-08-26 22:08 - 00037376 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-02-06 00:51 - 2015-08-11 03:03 - 00442208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-02-06 00:51 - 2015-08-11 03:02 - 00080720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2016-02-06 00:51 - 2015-08-11 02:09 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\wuautoappupdate.dll
2016-02-06 00:50 - 2016-01-04 20:06 - 01991120 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-02-06 00:50 - 2016-01-04 20:06 - 01270104 _____ (Microsoft Corporation) C:\windows\system32\mfnetsrc.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 01150816 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 00862056 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 00784136 _____ (Microsoft Corporation) C:\windows\system32\mfsvr.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 00779928 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 00772448 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 00751992 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-02-06 00:50 - 2016-01-04 20:04 - 00667856 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-02-06 00:50 - 2016-01-04 20:04 - 00115704 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-02-06 00:50 - 2016-01-04 19:59 - 00781976 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-02-06 00:50 - 2016-01-04 19:52 - 00441696 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-02-06 00:50 - 2016-01-04 19:50 - 01083072 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-02-06 00:50 - 2016-01-04 19:50 - 00723648 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-02-06 00:50 - 2016-01-04 19:30 - 02162064 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-02-06 00:50 - 2016-01-04 19:30 - 02152744 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2016-02-06 00:50 - 2016-01-04 19:30 - 01106872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2016-02-06 00:50 - 2016-01-04 19:30 - 00232896 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-06 00:50 - 2016-01-04 19:29 - 00208688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mftranscode.dll
2016-02-06 00:50 - 2016-01-04 19:28 - 00714808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2016-02-06 00:50 - 2016-01-04 19:28 - 00696192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-02-06 00:50 - 2016-01-04 19:28 - 00645144 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfsvr.dll
2016-02-06 00:50 - 2016-01-04 19:28 - 00635312 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-02-06 00:50 - 2016-01-04 19:28 - 00497896 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-02-06 00:50 - 2016-01-04 19:28 - 00107952 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-02-06 00:50 - 2016-01-04 19:28 - 00072808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-02-06 00:50 - 2016-01-04 19:21 - 00658528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-02-06 00:50 - 2016-01-04 19:15 - 00931328 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-02-06 00:50 - 2016-01-04 19:15 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\usermgrcli.dll
2016-02-06 00:50 - 2016-01-04 19:10 - 00539136 _____ (Microsoft Corporation) C:\windows\system32\mfh264enc.dll
2016-02-06 00:50 - 2016-01-04 19:09 - 00205312 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-02-06 00:50 - 2016-01-04 19:02 - 01672192 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-02-06 00:50 - 2016-01-04 19:02 - 00678912 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-02-06 00:50 - 2016-01-04 19:02 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-02-06 00:50 - 2016-01-04 19:01 - 00305664 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-02-06 00:50 - 2016-01-04 19:00 - 00826880 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-02-06 00:50 - 2016-01-04 18:59 - 00572928 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-02-06 00:50 - 2016-01-04 18:57 - 00712704 _____ (Microsoft Corporation) C:\windows\system32\usermgr.dll
2016-02-06 00:50 - 2016-01-04 18:51 - 01255936 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-02-06 00:50 - 2016-01-04 18:51 - 01009664 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-02-06 00:50 - 2016-01-04 18:51 - 00634368 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-02-06 00:50 - 2016-01-04 18:51 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-02-06 00:50 - 2016-01-04 18:51 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-02-06 00:50 - 2016-01-04 18:42 - 00871936 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-06 00:50 - 2016-01-04 18:38 - 00556032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfh264enc.dll
2016-02-06 00:50 - 2016-01-04 18:32 - 01541632 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-02-06 00:50 - 2016-01-04 18:32 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-02-06 00:50 - 2016-01-04 18:31 - 00563200 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-02-06 00:50 - 2016-01-04 18:20 - 00890880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-02-06 00:50 - 2016-01-04 18:19 - 01070080 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-02-06 00:50 - 2016-01-04 18:19 - 00747008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-02-06 00:50 - 2016-01-04 18:19 - 00409088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-02-06 00:50 - 2016-01-04 18:19 - 00404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-02-06 00:50 - 2015-11-30 23:03 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\gpuenergydrv.sys
2016-02-06 00:50 - 2015-11-24 22:42 - 00168288 _____ (Microsoft Corporation) C:\windows\system32\NetworkUXBroker.exe
2016-02-06 00:50 - 2015-11-24 22:27 - 01366680 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-02-06 00:50 - 2015-11-24 22:09 - 01310880 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-02-06 00:50 - 2015-11-24 21:49 - 00498688 _____ (Microsoft Corporation) C:\windows\system32\WlanMediaManager.dll
2016-02-06 00:50 - 2015-11-24 21:49 - 00467456 _____ (Microsoft Corporation) C:\windows\system32\MBMediaManager.dll
2016-02-06 00:50 - 2015-11-24 21:49 - 00270336 _____ (Microsoft Corporation) C:\windows\system32\RasMediaManager.dll
2016-02-06 00:50 - 2015-11-24 21:48 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\EthernetMediaManager.dll
2016-02-06 00:50 - 2015-11-24 21:48 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\DAMediaManager.dll
2016-02-06 00:50 - 2015-11-24 21:37 - 02350592 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-02-06 00:50 - 2015-11-24 21:36 - 01710592 _____ (Microsoft Corporation) C:\windows\system32\SRHInproc.dll
2016-02-06 00:50 - 2015-11-24 21:35 - 00929792 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2016-02-06 00:50 - 2015-11-24 21:35 - 00845824 _____ (Microsoft Corporation) C:\windows\system32\Magnify.exe
2016-02-06 00:50 - 2015-11-24 21:29 - 01649152 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-02-06 00:50 - 2015-11-24 21:29 - 00355328 _____ (Microsoft Corporation) C:\windows\system32\ninput.dll
2016-02-06 00:50 - 2015-11-24 21:28 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2016-02-06 00:50 - 2015-11-24 21:27 - 02180608 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2016-02-06 00:50 - 2015-11-24 21:23 - 00587776 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-02-06 00:50 - 2015-11-24 21:22 - 01717248 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2016-02-06 00:50 - 2015-11-24 21:22 - 00603648 _____ (Microsoft Corporation) C:\windows\system32\duser.dll
2016-02-06 00:50 - 2015-11-24 21:19 - 01795584 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2016-02-06 00:50 - 2015-11-24 21:19 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\psmsrv.dll
2016-02-06 00:50 - 2015-11-24 21:17 - 00774656 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll
2016-02-06 00:50 - 2015-11-24 21:16 - 01442816 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRHInproc.dll
2016-02-06 00:50 - 2015-11-24 21:16 - 00786432 _____ (Microsoft Corporation) C:\windows\SysWOW64\Magnify.exe
2016-02-06 00:50 - 2015-11-24 21:13 - 02153984 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-02-06 00:50 - 2015-11-24 21:11 - 00296960 _____ (Microsoft Corporation) C:\windows\SysWOW64\ninput.dll
2016-02-06 00:50 - 2015-11-24 21:10 - 01328128 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-02-06 00:50 - 2015-11-24 21:10 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2016-02-06 00:50 - 2015-11-24 21:04 - 01467392 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2016-02-06 00:50 - 2015-11-24 21:04 - 00480768 _____ (Microsoft Corporation) C:\windows\SysWOW64\duser.dll
2016-02-06 00:50 - 2015-11-24 21:04 - 00474624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-02-06 00:50 - 2015-11-04 22:06 - 00966416 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2016-02-06 00:50 - 2015-11-04 22:01 - 00607408 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2016-02-06 00:50 - 2015-11-04 21:23 - 00762888 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2016-02-06 00:50 - 2015-11-04 21:18 - 00539728 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2016-02-06 00:50 - 2015-11-04 21:12 - 00515072 _____ (Microsoft Corporation) C:\windows\system32\internetmail.dll
2016-02-06 00:50 - 2015-11-04 21:03 - 01015808 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2016-02-06 00:50 - 2015-11-04 20:59 - 02675200 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepository.dll
2016-02-06 00:50 - 2015-11-04 20:54 - 00502272 _____ (Microsoft Corporation) C:\windows\system32\dlnashext.dll
2016-02-06 00:50 - 2015-11-04 20:42 - 02647040 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2016-02-06 00:50 - 2015-11-04 20:27 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepository.dll
2016-02-06 00:50 - 2015-11-04 20:27 - 00464896 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2016-02-06 00:50 - 2015-11-04 20:23 - 00441344 _____ (Microsoft Corporation) C:\windows\SysWOW64\dlnashext.dll
2016-02-06 00:50 - 2015-09-30 20:03 - 00757760 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-02-06 00:50 - 2015-09-24 21:01 - 02573768 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-02-06 00:50 - 2015-09-24 20:07 - 01276416 _____ (Microsoft Corporation) C:\windows\system32\wifinetworkmanager.dll
2016-02-06 00:50 - 2015-09-24 20:03 - 00796160 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2016-02-06 00:50 - 2015-09-24 20:02 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-02-06 00:50 - 2015-09-24 20:00 - 01423872 _____ (Microsoft Corporation) C:\windows\system32\UserDataService.dll
2016-02-06 00:50 - 2015-09-24 19:59 - 01205248 _____ (Microsoft Corporation) C:\windows\system32\Unistore.dll
2016-02-06 00:50 - 2015-09-24 19:59 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\PimIndexMaintenance.dll
2016-02-06 00:50 - 2015-09-24 19:59 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\CallHistoryClient.dll
2016-02-06 00:50 - 2015-09-24 19:58 - 01871360 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-02-06 00:50 - 2015-09-24 19:37 - 00613376 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2016-02-06 00:50 - 2015-09-24 19:32 - 01594368 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-02-06 00:50 - 2015-09-16 23:50 - 01563392 _____ (Microsoft Corporation) C:\windows\system32\winmde.dll
2016-02-06 00:50 - 2015-09-16 23:50 - 00099664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2016-02-06 00:50 - 2015-09-16 23:49 - 06487248 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2016-02-06 00:50 - 2015-09-16 23:49 - 00894256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2016-02-06 00:50 - 2015-09-16 23:49 - 00553808 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2016-02-06 00:50 - 2015-09-16 23:48 - 02494712 _____ C:\windows\system32\CoreUIComponents.dll
2016-02-06 00:50 - 2015-09-16 23:48 - 02156400 _____ (Microsoft Corporation) C:\windows\system32\hevcdecoder.dll
2016-02-06 00:50 - 2015-09-16 23:48 - 01983824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-02-06 00:50 - 2015-09-16 23:48 - 00809352 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2016-02-06 00:50 - 2015-09-16 23:48 - 00555768 _____ (Microsoft Corporation) C:\windows\system32\directmanipulation.dll
2016-02-06 00:50 - 2015-09-16 23:48 - 00537080 _____ (Microsoft Corporation) C:\windows\system32\WWanAPI.dll
2016-02-06 00:50 - 2015-09-16 23:48 - 00332624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2016-02-06 00:50 - 2015-09-16 23:37 - 01295712 _____ (Microsoft Corporation) C:\windows\system32\wpx.dll
2016-02-06 00:50 - 2015-09-16 23:28 - 05120056 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2016-02-06 00:50 - 2015-09-16 23:28 - 00441168 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2016-02-06 00:50 - 2015-09-16 23:28 - 00407608 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-02-06 00:50 - 2015-09-16 23:27 - 01766952 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2016-02-06 00:50 - 2015-09-16 23:27 - 00454512 _____ (Microsoft Corporation) C:\windows\SysWOW64\directmanipulation.dll
2016-02-06 00:50 - 2015-09-16 23:26 - 01895568 _____ (Microsoft Corporation) C:\windows\SysWOW64\hevcdecoder.dll
2016-02-06 00:50 - 2015-09-16 23:26 - 00428128 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWanAPI.dll
2016-02-06 00:50 - 2015-09-16 23:05 - 02226688 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2016-02-06 00:50 - 2015-09-16 23:05 - 00483328 _____ (Microsoft Corporation) C:\windows\system32\OneDriveSettingSyncProvider.dll
2016-02-06 00:50 - 2015-09-16 23:04 - 07569408 _____ (Microsoft Corporation) C:\windows\system32\mos.dll
2016-02-06 00:50 - 2015-09-16 23:04 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\DataSenseHandlers.dll
2016-02-06 00:50 - 2015-09-16 22:57 - 02228736 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2016-02-06 00:50 - 2015-09-16 22:56 - 00859136 _____ (Microsoft Corporation) C:\windows\system32\modernexecserver.dll
2016-02-06 00:50 - 2015-09-16 22:55 - 00671232 _____ (Microsoft Corporation) C:\windows\system32\WUDFx02000.dll
2016-02-06 00:50 - 2015-09-16 22:55 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\wwancfg.dll
2016-02-06 00:50 - 2015-09-16 22:54 - 03781120 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2016-02-06 00:50 - 2015-09-16 22:54 - 00780288 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2016-02-06 00:50 - 2015-09-16 22:54 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-06 00:50 - 2015-09-16 22:53 - 07055872 _____ (Microsoft Corporation) C:\windows\system32\BingMaps.dll
2016-02-06 00:50 - 2015-09-16 22:52 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\netcenter.dll
2016-02-06 00:50 - 2015-09-16 22:52 - 00591360 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2016-02-06 00:50 - 2015-09-16 22:52 - 00570880 _____ (Microsoft Corporation) C:\windows\system32\MbaeApi.dll
2016-02-06 00:50 - 2015-09-16 22:52 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2016-02-06 00:50 - 2015-09-16 22:51 - 02660864 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2016-02-06 00:50 - 2015-09-16 22:49 - 01290240 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Shell.dll
2016-02-06 00:50 - 2015-09-16 22:48 - 00347136 _____ (Microsoft Corporation) C:\windows\system32\ncryptprov.dll
2016-02-06 00:50 - 2015-09-16 22:47 - 00371712 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-02-06 00:50 - 2015-09-16 22:46 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\KnobsCsp.dll
2016-02-06 00:50 - 2015-09-16 22:45 - 01331200 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2016-02-06 00:50 - 2015-09-16 22:43 - 01213440 _____ (Microsoft Corporation) C:\windows\system32\RemoteNaturalLanguage.dll
2016-02-06 00:50 - 2015-09-16 22:43 - 00378368 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll
2016-02-06 00:50 - 2015-09-16 22:40 - 06101504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mos.dll
2016-02-06 00:50 - 2015-09-16 22:39 - 00587264 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-02-06 00:50 - 2015-09-16 22:39 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-02-06 00:50 - 2015-09-16 22:37 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApi.dll
2016-02-06 00:50 - 2015-09-16 22:36 - 01171456 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcenter.dll
2016-02-06 00:50 - 2015-09-16 22:35 - 05079552 _____ (Microsoft Corporation) C:\windows\SysWOW64\BingMaps.dll
2016-02-06 00:50 - 2015-09-16 22:35 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2016-02-06 00:50 - 2015-09-16 22:31 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptprov.dll
2016-02-06 00:50 - 2015-09-16 22:29 - 01104384 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2016-02-06 00:50 - 2015-08-26 22:54 - 00365568 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-02-06 00:50 - 2015-08-26 22:42 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2016-02-06 00:50 - 2015-08-26 22:42 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.PicturePassword.dll
2016-02-06 00:50 - 2015-08-26 22:23 - 00303104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-02-06 00:50 - 2015-08-26 22:11 - 00484352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2016-02-06 00:50 - 2015-08-19 23:06 - 00609592 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2016-02-06 00:50 - 2015-08-18 00:13 - 00387584 _____ (Microsoft Corporation) C:\windows\system32\NetSetupShim.dll
2016-02-06 00:50 - 2015-08-17 23:59 - 01294336 _____ (Microsoft Corporation) C:\windows\system32\wcnwiz.dll
2016-02-06 00:50 - 2015-08-17 23:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\WcnNetsh.dll
2016-02-06 00:50 - 2015-08-17 23:57 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2016-02-06 00:50 - 2015-08-17 23:54 - 00322048 _____ (Microsoft Corporation) C:\windows\system32\vaultsvc.dll
2016-02-06 00:50 - 2015-08-17 23:52 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-02-06 00:50 - 2015-08-17 23:36 - 01226752 _____ (Microsoft Corporation) C:\windows\SysWOW64\wcnwiz.dll
2016-02-06 00:50 - 2015-08-17 23:35 - 00100352 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcnApi.dll
2016-02-06 00:50 - 2015-08-17 23:35 - 00095744 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdWCN.dll
2016-02-06 00:50 - 2015-08-17 23:34 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfdprov.dll
2016-02-06 00:50 - 2015-08-17 23:29 - 01593344 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2016-02-06 00:50 - 2015-08-11 02:50 - 01643872 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-02-06 00:50 - 2015-08-11 02:11 - 02446336 _____ C:\windows\system32\InputService.dll
2016-02-06 00:50 - 2015-08-11 02:08 - 00893440 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2016-02-06 00:50 - 2015-08-11 02:05 - 03527168 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2016-02-06 00:50 - 2015-08-11 02:03 - 02558976 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2016-02-06 00:50 - 2015-08-11 01:59 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\tetheringclient.dll
2016-02-06 00:50 - 2015-08-11 01:51 - 01823232 _____ C:\windows\SysWOW64\InputService.dll
2016-02-06 00:50 - 2015-08-11 01:48 - 00671232 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2016-02-06 00:50 - 2015-08-11 01:43 - 02748416 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2016-02-06 00:50 - 2015-08-11 01:40 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2016-02-06 00:49 - 2016-01-04 20:04 - 01591848 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-02-06 00:49 - 2016-01-04 20:04 - 00250520 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-02-06 00:49 - 2016-01-04 20:04 - 00249464 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-02-06 00:49 - 2016-01-04 20:04 - 00243248 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-02-06 00:49 - 2016-01-04 19:50 - 01817064 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-02-06 00:49 - 2016-01-04 19:50 - 00251544 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-02-06 00:49 - 2016-01-04 19:31 - 01365576 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-02-06 00:49 - 2016-01-04 19:28 - 00277400 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-02-06 00:49 - 2016-01-04 19:28 - 00116728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-02-06 00:49 - 2016-01-04 19:15 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\UserMgrProxy.dll
2016-02-06 00:49 - 2016-01-04 19:10 - 00278424 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-02-06 00:49 - 2016-01-04 18:44 - 00159744 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserMgrProxy.dll
2016-02-06 00:49 - 2016-01-04 18:44 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\usermgrcli.dll
2016-02-06 00:49 - 2016-01-04 18:31 - 00235008 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-02-06 00:49 - 2015-11-24 22:42 - 04532304 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-02-06 00:49 - 2015-11-24 22:32 - 00113184 _____ (Microsoft Corporation) C:\windows\system32\userenv.dll
2016-02-06 00:49 - 2015-11-24 22:12 - 04047288 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-02-06 00:49 - 2015-11-24 21:59 - 00092992 _____ (Microsoft Corporation) C:\windows\SysWOW64\userenv.dll
2016-02-06 00:49 - 2015-11-24 21:36 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2016-02-06 00:49 - 2015-11-24 21:31 - 00121344 _____ (Microsoft Corporation) C:\windows\system32\DAMM.dll
2016-02-06 00:49 - 2015-11-24 21:30 - 00171008 _____ (Microsoft Corporation) C:\windows\system32\dot3mm.dll
2016-02-06 00:49 - 2015-11-24 21:26 - 00849408 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
2016-02-06 00:49 - 2015-11-24 21:26 - 00181760 _____ (Microsoft Corporation) C:\windows\system32\shutdownux.dll
2016-02-06 00:49 - 2015-11-24 21:25 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2016-02-06 00:49 - 2015-11-24 21:25 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\profext.dll
2016-02-06 00:49 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2016-02-06 00:49 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZST.DLL
2016-02-06 00:49 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2016-02-06 00:49 - 2015-11-24 21:22 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2016-02-06 00:49 - 2015-11-24 21:08 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
2016-02-06 00:49 - 2015-11-24 21:07 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\profext.dll
2016-02-06 00:49 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2016-02-06 00:49 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZST.DLL
2016-02-06 00:49 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2016-02-06 00:49 - 2015-11-24 21:04 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2016-02-06 00:49 - 2015-11-24 19:52 - 00775312 _____ C:\windows\SysWOW64\locale.nls
2016-02-06 00:49 - 2015-11-24 19:52 - 00775312 _____ C:\windows\system32\locale.nls
2016-02-06 00:49 - 2015-11-04 21:56 - 00025280 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-02-06 00:49 - 2015-11-04 21:11 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\MusUpdateHandlers.dll
2016-02-06 00:49 - 2015-11-04 21:06 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Usb.dll
2016-02-06 00:49 - 2015-11-04 20:55 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\dssvc.dll
2016-02-06 00:49 - 2015-11-04 20:34 - 00311296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Usb.dll
2016-02-06 00:49 - 2015-10-10 00:12 - 00078528 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-02-06 00:49 - 2015-09-30 21:01 - 01294352 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-02-06 00:49 - 2015-09-30 21:01 - 01123400 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-02-06 00:49 - 2015-09-30 21:01 - 01018568 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-02-06 00:49 - 2015-09-30 21:01 - 00858408 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2016-02-06 00:49 - 2015-09-24 21:01 - 00498016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2016-02-06 00:49 - 2015-09-24 20:52 - 00980832 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2016-02-06 00:49 - 2015-09-24 20:11 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\UserDataAccountApis.dll
2016-02-06 00:49 - 2015-09-24 20:11 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\PhoneCallHistoryApis.dll
2016-02-06 00:49 - 2015-09-24 20:00 - 00856576 _____ (Microsoft Corporation) C:\windows\system32\ContactApis.dll
2016-02-06 00:49 - 2015-09-24 20:00 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\ChatApis.dll
2016-02-06 00:49 - 2015-09-24 19:59 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\EmailApis.dll
2016-02-06 00:49 - 2015-09-24 19:59 - 00685568 _____ (Microsoft Corporation) C:\windows\system32\AppointmentApis.dll
2016-02-06 00:49 - 2015-09-24 19:59 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\MessagingDataModel2.dll
2016-02-06 00:49 - 2015-09-24 19:47 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataAccountApis.dll
2016-02-06 00:49 - 2015-09-24 19:47 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhoneCallHistoryApis.dll
2016-02-06 00:49 - 2015-09-24 19:37 - 00480256 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-02-06 00:49 - 2015-09-24 19:34 - 00928256 _____ (Microsoft Corporation) C:\windows\SysWOW64\Unistore.dll
2016-02-06 00:49 - 2015-09-24 19:34 - 00625152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ContactApis.dll
2016-02-06 00:49 - 2015-09-24 19:34 - 00579584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentApis.dll
2016-02-06 00:49 - 2015-09-24 19:34 - 00557568 _____ (Microsoft Corporation) C:\windows\SysWOW64\ChatApis.dll
2016-02-06 00:49 - 2015-09-24 19:34 - 00525312 _____ (Microsoft Corporation) C:\windows\SysWOW64\EmailApis.dll
2016-02-06 00:49 - 2015-09-24 19:33 - 00131072 _____ (Microsoft Corporation) C:\windows\SysWOW64\CallHistoryClient.dll
2016-02-06 00:49 - 2015-09-24 19:32 - 00466432 _____ (Microsoft Corporation) C:\windows\SysWOW64\MessagingDataModel2.dll
2016-02-06 00:49 - 2015-09-18 22:14 - 00102304 _____ (Microsoft Corporation) C:\windows\system32\omadmapi.dll
2016-02-06 00:49 - 2015-09-16 23:50 - 00088384 _____ (Microsoft Corporation) C:\windows\system32\remoteaudioendpoint.dll
2016-02-06 00:49 - 2015-09-16 23:49 - 01563472 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-02-06 00:49 - 2015-09-16 23:49 - 00501008 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-02-06 00:49 - 2015-09-16 23:48 - 00584656 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-02-06 00:49 - 2015-09-16 23:48 - 00505696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms2.sys
2016-02-06 00:49 - 2015-09-16 23:48 - 00395088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-02-06 00:49 - 2015-09-16 23:48 - 00278352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2016-02-06 00:49 - 2015-09-16 23:37 - 01168736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-02-06 00:49 - 2015-09-16 23:28 - 01357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmde.dll
2016-02-06 00:49 - 2015-09-16 23:26 - 00508248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-02-06 00:49 - 2015-09-16 23:11 - 00160256 _____ (Microsoft Corporation) C:\windows\system32\enrollmentapi.dll
2016-02-06 00:49 - 2015-09-16 23:10 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\mdmregistration.dll
2016-02-06 00:49 - 2015-09-16 23:09 - 00269312 _____ (Microsoft Corporation) C:\windows\system32\provengine.dll
2016-02-06 00:49 - 2015-09-16 23:09 - 00143360 _____ (Microsoft Corporation) C:\windows\system32\provops.dll
2016-02-06 00:49 - 2015-09-16 23:08 - 00494592 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2016-02-06 00:49 - 2015-09-16 23:08 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\Windows.Speech.Pal.dll
2016-02-06 00:49 - 2015-09-16 23:08 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\LicenseManagerShellext.exe
2016-02-06 00:49 - 2015-09-16 23:04 - 00910848 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2016-02-06 00:49 - 2015-09-16 23:03 - 00267776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2016-02-06 00:49 - 2015-09-16 23:03 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\DeviceEnroller.exe
2016-02-06 00:49 - 2015-09-16 23:02 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-02-06 00:49 - 2015-09-16 23:00 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\MapConfiguration.dll
2016-02-06 00:49 - 2015-09-16 22:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\tileobjserver.dll
2016-02-06 00:49 - 2015-09-16 22:57 - 00403456 _____ (Microsoft Corporation) C:\windows\system32\dmenrollengine.dll
2016-02-06 00:49 - 2015-09-16 22:57 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\VEEventDispatcher.dll
2016-02-06 00:49 - 2015-09-16 22:57 - 00137728 _____ (Microsoft Corporation) C:\windows\system32\VEStoreEventHandlers.dll
2016-02-06 00:49 - 2015-09-16 22:56 - 00521728 _____ (Microsoft Corporation) C:\windows\system32\PsmServiceExtHost.dll
2016-02-06 00:49 - 2015-09-16 22:55 - 01601536 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.dll
2016-02-06 00:49 - 2015-09-16 22:55 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\ngccredprov.dll
2016-02-06 00:49 - 2015-09-16 22:55 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\accountaccessor.dll
2016-02-06 00:49 - 2015-09-16 22:55 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\omadmclient.exe
2016-02-06 00:49 - 2015-09-16 22:52 - 00856576 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2016-02-06 00:49 - 2015-09-16 22:52 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2016-02-06 00:49 - 2015-09-16 22:52 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2016-02-06 00:49 - 2015-09-16 22:52 - 00162304 _____ (Microsoft Corporation) C:\windows\system32\SubscriptionMgr.dll
2016-02-06 00:49 - 2015-09-16 22:51 - 01203712 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2016-02-06 00:49 - 2015-09-16 22:51 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2016-02-06 00:49 - 2015-09-16 22:51 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\mdmregistration.dll
2016-02-06 00:49 - 2015-09-16 22:50 - 00421888 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Bluetooth.dll
2016-02-06 00:49 - 2015-09-16 22:50 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll
2016-02-06 00:49 - 2015-09-16 22:49 - 00439296 _____ (Microsoft Corporation) C:\windows\system32\LocationWebproxy.dll
2016-02-06 00:49 - 2015-09-16 22:49 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\LocationCrowdsource.dll
2016-02-06 00:49 - 2015-09-16 22:49 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\LocationPeIP.dll
2016-02-06 00:49 - 2015-09-16 22:49 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\LocationWiFiAdapter.dll
2016-02-06 00:49 - 2015-09-16 22:49 - 00041472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Speech.Pal.dll
2016-02-06 00:49 - 2015-09-16 22:48 - 00517632 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2016-02-06 00:49 - 2015-09-16 22:48 - 00408064 _____ (Microsoft Corporation) C:\windows\system32\CredProvDataModel.dll
2016-02-06 00:49 - 2015-09-16 22:48 - 00387584 _____ (Microsoft Corporation) C:\windows\system32\LockAppBroker.dll
2016-02-06 00:49 - 2015-09-16 22:48 - 00273920 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-02-06 00:49 - 2015-09-16 22:47 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\cloudAP.dll
2016-02-06 00:49 - 2015-09-16 22:46 - 00928256 _____ (Microsoft Corporation) C:\windows\system32\JpMapControl.dll
2016-02-06 00:49 - 2015-09-16 22:46 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\KnobsCore.dll
2016-02-06 00:49 - 2015-09-16 22:46 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\MDMAppInstaller.exe
2016-02-06 00:49 - 2015-09-16 22:46 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\syncmlhook.dll
2016-02-06 00:49 - 2015-09-16 22:45 - 00869376 _____ (Microsoft Corporation) C:\windows\system32\MapControlCore.dll
2016-02-06 00:49 - 2015-09-16 22:45 - 00832512 _____ (Microsoft Corporation) C:\windows\system32\MapsStore.dll
2016-02-06 00:49 - 2015-09-16 22:45 - 00193024 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2016-02-06 00:49 - 2015-09-16 22:44 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2016-02-06 00:49 - 2015-09-16 22:44 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\syncutil.dll
2016-02-06 00:49 - 2015-09-16 22:43 - 00328704 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapConfiguration.dll
2016-02-06 00:49 - 2015-09-16 22:41 - 00217088 _____ (Microsoft Corporation) C:\windows\SysWOW64\VEEventDispatcher.dll
2016-02-06 00:49 - 2015-09-16 22:40 - 01162240 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.dll
2016-02-06 00:49 - 2015-09-16 22:38 - 00058368 _____ (Microsoft Corporation) C:\windows\SysWOW64\usoapi.dll
2016-02-06 00:49 - 2015-09-16 22:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-02-06 00:49 - 2015-09-16 22:34 - 00253440 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsApi.dll
2016-02-06 00:49 - 2015-09-16 22:32 - 00336384 _____ (Microsoft Corporation) C:\windows\SysWOW64\CredProvDataModel.dll
2016-02-06 00:49 - 2015-09-16 22:32 - 00313856 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppBroker.dll
2016-02-06 00:49 - 2015-09-16 22:32 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-02-06 00:49 - 2015-09-16 22:29 - 00701952 _____ (Microsoft Corporation) C:\windows\SysWOW64\JpMapControl.dll
2016-02-06 00:49 - 2015-09-16 22:29 - 00677888 _____ (Microsoft Corporation) C:\windows\SysWOW64\MapControlCore.dll
2016-02-06 00:49 - 2015-09-16 22:28 - 00473088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2016-02-06 00:49 - 2015-09-16 22:26 - 00899584 _____ (Microsoft Corporation) C:\windows\SysWOW64\RemoteNaturalLanguage.dll
2016-02-06 00:49 - 2015-09-16 22:16 - 00512000 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2016-02-06 00:49 - 2015-08-26 22:51 - 01774592 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2016-02-06 00:49 - 2015-08-26 22:49 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2016-02-06 00:49 - 2015-08-26 22:16 - 01612288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2016-02-06 00:49 - 2015-08-19 22:26 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2016-02-06 00:49 - 2015-08-19 22:21 - 00193024 _____ (Microsoft Corporation) C:\windows\system32\EnterpriseModernAppMgmtCSP.dll
2016-02-06 00:49 - 2015-08-17 23:59 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\WcnApi.dll
2016-02-06 00:49 - 2015-08-17 23:58 - 00187392 _____ (Microsoft Corporation) C:\windows\system32\NetSetupSvc.dll
2016-02-06 00:49 - 2015-08-17 23:58 - 00117760 _____ (Microsoft Corporation) C:\windows\system32\dafWCN.dll
2016-02-06 00:49 - 2015-08-17 23:58 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\fdWCN.dll
2016-02-06 00:49 - 2015-08-17 23:56 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\BthRadioMedia.dll
2016-02-06 00:49 - 2015-08-17 23:54 - 00247296 _____ C:\windows\system32\facecredentialprovider.dll
2016-02-06 00:49 - 2015-08-17 23:49 - 01061888 _____ (Microsoft Corporation) C:\windows\system32\reseteng.dll
2016-02-06 00:49 - 2015-08-17 23:49 - 00274432 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupShim.dll
2016-02-06 00:49 - 2015-08-17 23:49 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\PackageStateRoaming.dll
2016-02-06 00:49 - 2015-08-17 23:26 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\PackageStateRoaming.dll
2016-02-06 00:49 - 2015-08-17 21:44 - 00008847 _____ C:\windows\system32\ResPriHMImageList
2016-02-06 00:49 - 2015-08-11 03:04 - 01087296 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-02-06 00:49 - 2015-08-11 03:02 - 00292856 _____ (Microsoft Corporation) C:\windows\system32\LockAppHost.exe
2016-02-06 00:49 - 2015-08-11 02:52 - 00993104 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2016-02-06 00:49 - 2015-08-11 02:40 - 00918320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-02-06 00:49 - 2015-08-11 02:37 - 00243800 _____ (Microsoft Corporation) C:\windows\SysWOW64\LockAppHost.exe
2016-02-06 00:49 - 2015-08-11 02:26 - 00845664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2016-02-06 00:49 - 2015-08-11 02:19 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Notifications.dll
2016-02-06 00:49 - 2015-08-11 02:14 - 00404480 _____ C:\windows\system32\diagtrack_wininternal.dll
2016-02-06 00:49 - 2015-08-11 02:13 - 00413184 _____ C:\windows\system32\diagtrack_win.dll
2016-02-06 00:49 - 2015-08-11 02:10 - 00293376 _____ C:\windows\system32\TextInputFramework.dll
2016-02-06 00:49 - 2015-08-11 02:05 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkInternalPS.dll
2016-02-06 00:49 - 2015-08-11 02:00 - 00336384 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2016-02-06 00:49 - 2015-08-11 01:59 - 01106432 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-02-06 00:49 - 2015-08-11 01:59 - 00642560 _____ (Microsoft Corporation) C:\windows\system32\rdbui.dll
2016-02-06 00:49 - 2015-08-11 01:59 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2016-02-06 00:49 - 2015-08-11 01:50 - 00200704 _____ C:\windows\SysWOW64\TextInputFramework.dll
2016-02-06 00:49 - 2015-08-11 01:39 - 00280576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2016-02-06 00:48 - 2015-09-16 23:03 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\provisioningcsp.dll
2016-02-06 00:48 - 2015-09-16 22:56 - 00317440 _____ (Microsoft Corporation) C:\windows\system32\configmanager2.dll
2016-02-06 00:48 - 2015-09-16 22:50 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\LocationPeWiFi.dll
2016-02-06 00:48 - 2015-09-16 22:50 - 00204288 _____ (Microsoft Corporation) C:\windows\system32\LocationPeCell.dll
2016-02-06 00:48 - 2015-08-11 02:11 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\GamePanel.exe
2016-02-06 00:48 - 2015-08-11 01:50 - 00420352 _____ (Microsoft Corporation) C:\windows\SysWOW64\GamePanel.exe
2016-02-06 00:48 - 2015-08-11 01:50 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-02-06 00:48 - 2015-08-11 01:38 - 00162304 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReInfo.dll
2016-02-06 00:40 - 2016-02-27 17:20 - 00000000 ____D C:\Users\LONEW\AppData\Local\Spotify
2016-02-06 00:40 - 2016-02-06 00:40 - 00001857 _____ C:\Users\LONEW\Desktop\Spotify.lnk
2016-02-06 00:40 - 2016-02-06 00:40 - 00001843 _____ C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-02-06 00:40 - 2016-02-06 00:40 - 00000000 ____D C:\Users\LONEW\AppData\Local\CEF
2016-02-06 00:39 - 2016-02-27 17:19 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Spotify
2016-02-06 00:29 - 2016-02-28 09:00 - 00000000 ____D C:\Users\LONEW\Desktop\mbar
2016-02-06 00:29 - 2016-02-28 09:00 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-06 00:25 - 2016-02-28 09:43 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-06 00:25 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-06 00:25 - 2016-02-06 00:25 - 00001178 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-06 00:24 - 2016-02-28 08:06 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-02-06 00:24 - 2016-02-06 00:25 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-06 00:24 - 2016-02-06 00:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-06 00:24 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-02-06 00:24 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-02-06 00:00 - 2016-02-28 08:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-02-06 00:00 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-02-06 00:00 - 2016-02-06 00:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-02-05 23:50 - 2016-02-15 03:28 - 00000000 ____D C:\Users\LONEW\AppData\Local\ElevatedDiagnostics
2016-02-05 23:20 - 2016-02-05 23:20 - 00000000 ____D C:\Users\LONEW\AppData\Local\AppEx Networks
2016-02-05 23:05 - 2016-02-07 18:03 - 00000000 ____D C:\Users\LONEW\AppData\Local\AMD
2016-02-05 23:05 - 2016-02-07 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-02-05 23:04 - 2016-02-11 01:19 - 00000000 ____D C:\Program Files (x86)\AMD
2016-02-05 22:53 - 2016-02-05 22:53 - 00000000 ____D C:\Users\LONEW\AppData\LocalLow\Evernote
2016-02-05 22:51 - 2016-02-28 08:00 - 00004166 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{0BE1A610-4DC8-476F-BC9A-CE6C75B87250}
2016-02-05 22:49 - 2015-04-03 01:14 - 00229056 ____N (AppEx Networks Corporation) C:\windows\system32\Drivers\appexDrv.sys
2016-02-05 22:37 - 2016-02-05 22:55 - 00000000 ___DC C:\AMD
2016-02-05 21:35 - 2016-02-28 10:14 - 00000000 ___RD C:\Users\LONEW\Dropbox
2016-02-05 21:35 - 2016-02-05 21:35 - 00001306 _____ C:\Users\LONEW\Desktop\Dropbox.lnk
2016-02-05 21:33 - 2016-02-28 10:13 - 00000934 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-02-05 21:33 - 2016-02-28 10:09 - 00000938 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-02-05 21:33 - 2016-02-06 18:10 - 00003452 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-02-05 21:33 - 2016-02-06 18:09 - 00003228 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-02-05 21:33 - 2016-02-05 21:33 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Dropbox
2016-02-05 21:32 - 2016-02-05 21:32 - 00000000 ____D C:\Users\LONEW\AppData\Local\NetworkTiles
2016-02-05 21:28 - 2016-02-28 10:14 - 00000000 ____D C:\Users\LONEW\AppData\Local\Dropbox
2016-02-05 21:28 - 2016-02-05 21:33 - 00000000 ____D C:\Users\LONEW\AppData\Local\MicrosoftEdge
2016-02-05 21:28 - 2016-02-05 21:28 - 00000000 ____D C:\ProgramData\Dropbox
2016-02-05 21:27 - 2016-02-05 21:34 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\DropboxOEM
2016-02-05 21:24 - 2016-02-28 09:08 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Macromedia
2016-02-05 21:24 - 2016-02-11 09:28 - 00002370 _____ C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 21:24 - 2016-02-11 09:28 - 00000000 ___RD C:\Users\LONEW\OneDrive
2016-02-05 21:24 - 2016-02-06 09:41 - 00000000 ____D C:\Users\LONEW\AppData\Local\Hewlett-Packard
2016-02-05 21:24 - 2016-02-05 21:25 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Hewlett-Packard
2016-02-05 21:24 - 2016-02-05 21:24 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\ATI
2016-02-05 21:24 - 2016-02-05 21:24 - 00000000 ____D C:\Users\LONEW\AppData\Local\HP_Inc
2016-02-05 21:24 - 2016-02-05 21:24 - 00000000 ____D C:\Users\LONEW\AppData\Local\CyberLink
2016-02-05 21:24 - 2016-02-05 21:24 - 00000000 ____D C:\Users\LONEW\AppData\Local\ATI
2016-02-05 21:23 - 2016-02-06 00:10 - 00000000 ____D C:\Users\LONEW\AppData\Local\Comms
2016-02-05 21:22 - 2016-02-05 21:22 - 00000000 ____D C:\Users\LONEW\AppData\Local\DropboxOEM
2016-02-05 21:21 - 2016-02-28 09:07 - 00000000 ____D C:\Users\LONEW\AppData\Roaming\Adobe
2016-02-05 21:21 - 2016-02-15 03:01 - 00000000 ____D C:\Users\LONEW\AppData\Local\VirtualStore
2016-02-05 21:21 - 2016-02-14 10:51 - 00000000 ____D C:\Users\LONEW\AppData\Local\Packages
2016-02-05 21:21 - 2016-02-07 10:17 - 00000000 ____D C:\Users\LONEW\AppData\Local\TileDataLayer
2016-02-05 21:21 - 2016-02-05 22:04 - 00000000 ____D C:\Users\LONEW\AppData\Local\Publishers
2016-02-05 21:21 - 2016-02-05 21:21 - 00000184 _____ C:\windows\insFileSpec
2016-02-05 21:20 - 2016-02-05 21:20 - 00016148 _____ C:\windows\system32\DESKTOP-OSBB742_defaultuser0_HistoryPrediction.bin
2016-02-05 21:18 - 2016-02-05 21:18 - 72212512 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2016-02-05 21:18 - 2016-02-05 21:18 - 04307112 _____ C:\windows\system32\Drivers\RTAIODAT.DAT
2016-02-05 21:18 - 2016-02-05 21:18 - 03319456 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 03204352 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 02902264 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2016-02-05 21:18 - 2016-02-05 21:18 - 02157920 _____ (DTS, Inc.) C:\windows\system32\sltech64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 02038904 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 01624744 _____ (Conexant Systems Inc.) C:\windows\system32\CX64APO.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 01456464 _____ (Synopsys, Inc.) C:\windows\system32\SRRPTR64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 01377072 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 01348880 _____ (DTS, Inc.) C:\windows\system32\slcnt64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 01037968 _____ (DTS, Inc.) C:\windows\system32\sl3apo64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00704696 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00588632 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00545816 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00479992 _____ (Synopsys, Inc.) C:\windows\system32\SRAPO64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00399464 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00393480 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00355496 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00352904 _____ (Synopsys, Inc.) C:\windows\SysWOW64\SRCOM.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00352904 _____ (Synopsys, Inc.) C:\windows\system32\SRCOM.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00333288 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00333288 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00267208 _____ (TODO: <Company name>) C:\windows\system32\slprp64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00232704 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00225504 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00220136 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00176480 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00131016 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00128512 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00120720 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00097976 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2016-02-05 21:18 - 2016-02-05 21:18 - 00093144 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2016-02-05 21:17 - 2016-02-28 09:05 - 00000000 ____D C:\Users\LONEW
2016-02-05 21:17 - 2016-02-05 21:17 - 00000020 ___SH C:\Users\LONEW\ntuser.ini
2016-02-05 21:17 - 2016-02-05 21:17 - 00000000 _SHDL C:\Users\LONEW\My Documents
2016-02-05 21:17 - 2016-02-05 21:17 - 00000000 _SHDL C:\Users\LONEW\Documents\My Videos
2016-02-05 21:17 - 2016-02-05 21:17 - 00000000 _SHDL C:\Users\LONEW\Documents\My Pictures
2016-02-05 21:17 - 2016-02-05 21:17 - 00000000 _SHDL C:\Users\LONEW\Documents\My Music
2016-02-05 21:17 - 2015-10-23 20:03 - 00000000 ___HD C:\Users\LONEW\Documents\hp.system.package.metadata
2016-02-05 21:17 - 2015-10-23 20:03 - 00000000 ___HD C:\Users\LONEW\Documents\hp.applications.package.appdata
2016-02-05 21:09 - 2015-12-01 00:01 - 02115936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-28 10:16 - 2015-07-10 04:04 - 00000000 ____D C:\windows\AppReadiness
2016-02-28 10:10 - 2015-10-23 20:34 - 05990123 _____ C:\windows\SysWOW64\rootpa.e2e
2016-02-28 10:09 - 2015-10-23 19:49 - 00065536 _____ C:\windows\system32\spu_storage.bin
2016-02-28 10:09 - 2015-07-10 05:21 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-02-28 10:09 - 2015-07-10 02:05 - 00524288 ___SH C:\windows\system32\config\BBI
2016-02-28 09:19 - 2015-07-10 04:02 - 00000000 ____D C:\windows\INF
2016-02-28 09:03 - 2015-07-10 04:04 - 00000000 ____D C:\windows\IME
2016-02-28 08:02 - 2015-07-10 04:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-28 02:41 - 2015-10-23 19:49 - 00000000 ___DC C:\Program Files\AMD
2016-02-27 21:56 - 2015-07-10 04:04 - 00000000 ____D C:\windows\Resources
2016-02-27 19:44 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\NDF
2016-02-27 10:52 - 2015-07-10 02:05 - 00032768 ___SH C:\windows\system32\config\ELAM
2016-02-26 15:02 - 2015-07-08 11:22 - 11774712 _____ (Broadcom Corp) C:\windows\system32\Drivers\bcmwl63a.sys
2016-02-26 15:02 - 2015-07-08 11:22 - 04132384 _____ (Broadcom Corporation) C:\windows\system32\bcmihvsrv64.dll
2016-02-26 14:42 - 2015-07-10 13:44 - 02286872 _____ (Broadcom Corporation.) C:\windows\system32\BtwRSupportService.exe
2016-02-26 14:42 - 2015-07-10 13:44 - 00208192 _____ (Broadcom Corporation.) C:\windows\system32\Drivers\bcbtums.sys
2016-02-26 14:42 - 2015-07-10 13:44 - 00102664 _____ (Broadcom Corporation.) C:\windows\system32\btwdi.dll
2016-02-26 13:08 - 2015-07-16 07:00 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-25 19:15 - 2015-10-23 20:02 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-23 00:59 - 2015-07-10 04:04 - 00000000 ____D C:\windows\Branding
2016-02-20 05:37 - 2015-07-10 04:04 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-02-20 05:37 - 2015-07-10 04:04 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2016-02-19 12:13 - 2015-10-23 20:20 - 00000000 ____D C:\ProgramData\CyberLink
2016-02-17 06:27 - 2015-10-23 20:30 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-13 05:04 - 2015-07-10 03:55 - 00000000 ____D C:\windows\CbsTemp
2016-02-12 15:48 - 2015-07-16 07:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-12 09:41 - 2015-07-10 04:04 - 00000000 ____D C:\windows\rescache
2016-02-10 20:37 - 2015-07-16 07:58 - 00000000 ____D C:\windows\Panther
2016-02-10 19:21 - 2015-07-16 07:01 - 00903454 _____ C:\windows\system32\PerfStringBackup.INI
2016-02-10 11:41 - 2015-10-23 20:11 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-02-10 11:34 - 2015-10-23 20:11 - 00000000 ___DC C:\Program Files\Common Files\McAfee
2016-02-10 11:33 - 2015-07-10 04:04 - 00000000 ___HD C:\windows\ELAMBKUP
2016-02-10 11:30 - 2015-10-23 20:11 - 00000000 ____D C:\ProgramData\mcafee
2016-02-09 13:46 - 2015-07-10 06:16 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 00:53 - 2015-07-10 04:04 - 00000000 ____D C:\windows\Registration
2016-02-08 13:52 - 2015-07-10 04:04 - 00000000 ____D C:\windows\LiveKernelReports
2016-02-08 13:39 - 2015-07-10 04:04 - 00000000 ___SD C:\windows\Downloaded Program Files
2016-02-07 10:18 - 2015-07-10 04:04 - 00000000 __RSD C:\windows\Media
2016-02-07 10:18 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\WinBioDatabase
2016-02-07 10:17 - 2015-10-23 20:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-07 10:17 - 2015-10-23 20:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2016-02-07 10:17 - 2015-10-23 20:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2016-02-07 10:17 - 2015-10-23 20:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-02-07 10:17 - 2015-10-23 19:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2016-02-07 10:17 - 2015-07-10 04:04 - 00000000 ___RD C:\windows\PurchaseDialog
2016-02-07 10:17 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\spool
2016-02-07 10:17 - 2015-07-10 04:04 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-07 10:17 - 2015-07-10 04:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-07 10:17 - 2015-07-10 04:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-07 09:42 - 2015-07-10 04:04 - 00000000 ____D C:\windows\appcompat
2016-02-07 09:25 - 2015-07-10 05:20 - 00206536 _____ C:\windows\system32\FNTCACHE.DAT
2016-02-06 18:14 - 2015-10-23 20:39 - 00040008 _____ C:\windows\diagwrn.xml
2016-02-06 18:14 - 2015-10-23 20:39 - 00040008 _____ C:\windows\diagerr.xml
2016-02-06 18:10 - 2015-10-23 20:30 - 00002172 _____ C:\windows\System32\Tasks\DropboxOEM
2016-02-06 18:05 - 2015-10-23 20:03 - 00000000 ___HD C:\Users\Default\Documents\hp.system.package.metadata
2016-02-06 18:05 - 2015-10-23 20:03 - 00000000 ___HD C:\Users\Default User\Documents\hp.system.package.metadata
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ___SD C:\windows\SysWOW64\F12
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ___SD C:\windows\system32\F12
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ___RD C:\windows\DevicesFlow
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\WinBioPlugIns
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\oobe
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ____D C:\windows\system32\appraiser
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ____D C:\windows\Provisioning
2016-02-06 17:24 - 2015-07-10 04:04 - 00000000 ____D C:\windows\L2Schemas
2016-02-06 06:05 - 2015-10-23 20:25 - 00000000 ____D C:\ProgramData\WildTangent
2016-02-06 06:05 - 2015-10-23 20:25 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2016-02-06 01:19 - 2015-06-02 22:37 - 00888064 _____ (Realtek ) C:\windows\system32\Drivers\rt640x64.sys
2016-02-06 01:05 - 2015-07-10 04:04 - 00000000 ___RD C:\windows\Offline Web Pages
2016-02-05 21:24 - 2015-10-23 20:02 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-02-05 21:21 - 2015-07-16 09:03 - 00000000 _RSHD C:\SYSTEM.SAV
2016-02-05 21:21 - 2015-07-16 09:03 - 00000000 ____D C:\SWSETUP
2016-02-05 21:19 - 2015-10-23 19:50 - 00007873 _____ C:\windows\system32\Drivers\rtkhdasetting.zip
2016-02-05 21:19 - 2015-10-23 19:50 - 00000000 ____D C:\ProgramData\SoundResearch
2016-02-05 21:19 - 2015-10-23 19:49 - 00000000 ____D C:\windows\SysWOW64\RTCOM
2016-02-05 21:18 - 2015-06-05 04:00 - 04695288 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2016-02-05 21:18 - 2015-06-05 04:00 - 03309264 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2016-02-05 21:18 - 2015-06-05 04:00 - 03075784 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2016-02-05 21:18 - 2015-06-05 04:00 - 00203432 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2016-02-05 21:18 - 2015-06-05 04:00 - 00032392 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2016-02-05 21:17 - 2015-10-23 20:02 - 00000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2016-02-02 15:47 - 2015-07-10 04:06 - 00828920 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 15:47 - 2015-07-10 04:06 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2016-02-09 00:54 - 2016-02-20 05:45 - 0007605 _____ () C:\Users\LONEW\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-21 15:41

==================== End of FRST.txt ============================



BC AdBot (Login to Remove)

 


#2 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 28 February 2016 - 12:52 PM

oops! I'm sorry, I posted the log twice.



#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:32 AM

Posted 29 February 2016 - 08:19 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your FRST log is clean.

Please paste the Addition.txt file that was also created by the Farbar tool.
I need to review it.

Edit

Found in in your other post which will be closed.

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-02-2016
Ran by LONEW (2016-02-28 10:34:23)
Running from C:\Users\LONEW\AppData\Local\Microsoft\Windows\INetCache\IE\4XR3KKCK
Windows 10 Home (X64) (2016-02-06 04:13:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3021717852-3600035281-275452165-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3021717852-3600035281-275452165-503 - Limited - Disabled)
Guest (S-1-5-21-3021717852-3600035281-275452165-501 - Limited - Disabled)
LONEW (S-1-5-21-3021717852-3600035281-275452165-1001 - Administrator - Enabled) => C:\Users\LONEW

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
Burnout™ Paradise The Ultimate Box (HKLM-x32\...\{9A996B6A-846E-4A89-B9C4-17546B7BE49F}) (Version: 1.0.0.0 - Electronic Arts)
Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
City Life 2008 (HKLM-x32\...\City Life 2008_is1) (Version: - Paradox Interactive)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6618 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.5.6618 - CyberLink Corp.) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.5418 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4.4225 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4.4225 - CyberLink Corp.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.2 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{76272057-98E0-4DC4-AAC3-10C546C47195}) (Version: 14.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - Hewlett-Packard Company)
iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 15.0.1 - iolo technologies, LLC)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Main Street USA Screensaver (HKLM-x32\...\Main Street USA Screensaver) (Version: - )
Malwarebytes Anti-Exploit version 1.8.1.1189 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1189 - Malwarebytes)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7080 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Raptr (HKLM-x32\...\Raptr) (Version: - )
RealDownloader (x32 Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.3.104 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.3 - RealNetworks)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
SPORE™ Creepy & Cute Parts Pack (HKLM-x32\...\{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-3021717852-3600035281-275452165-1001\...\Spotify) (Version: 1.0.23.90.g42187855 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 2 (HKLM-x32\...\{8AB8D458-939E-403F-0097-9BA1C1F013D5}) (Version: - )
The Sims 2 Family Fun Stuff (HKLM-x32\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version: - )
The Sims 2 Glamour Life Stuff (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version: - )
The Sims 2 Nightlife (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
The Sims 2 Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
The Sims 2 Pets (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
The Sims 2 University (HKLM-x32\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version: - )
The Sims™ 2 Apartment Life (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
The Sims™ 2 Bon Voyage (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
The Sims™ 2 Celebration! Stuff (HKLM-x32\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version: - )
The Sims™ 2 FreeTime (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
The Sims™ 2 H&M® Fashion Stuff (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
The Sims™ 2 IKEA® Home Stuff (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
The Sims™ 2 Kitchen & Bath Interior Design Stuff (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
The Sims™ 2 Mansion and Garden Stuff (HKLM-x32\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version: - Electronic Arts)
The Sims™ 2 Seasons (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
The Sims™ 2 Teen Style Stuff (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 70s 80s & 90s Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Ambitions (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Ambitions) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Fast Lane Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Generations (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Generations) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Into the Future (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Into the Future) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Katy Perry's Sweet Treats (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Katy Perry Sweet Treats) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Master Suite Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Movie Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Movie Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Outdoor Living Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Pets (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Pets) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Seasons (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Seasons) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Showtime (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Showtime) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Supernatural (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Supernatural) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 Town Life Stuff (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Town Life Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 University Life (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 University Life) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 3 World Adventures (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 World Adventures) (Version: 1.0.0.0 - Electronic Arts Inc.)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.15.55.1020 - Electronic Arts Inc.)
Tycoon City - New York (HKLM-x32\...\{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}) (Version: 1.00.000 - )
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
ZC DVD Copy 1.3.7 (HKLM-x32\...\ZC DVD Copy_is1) (Version: - ZC Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3021717852-3600035281-275452165-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\LONEW\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B0A2B4F-602B-4B4F-9680-821BBFDBFC0C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {1C525778-38A1-4F0D-BD7C-F2F78ABF64D6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-05] (Dropbox, Inc.)
Task: {329B7E86-C5C5-4F5A-A533-E75CC6D3FF53} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {37F1B15B-86EC-4A9A-9C93-44AE542586B2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-05] (Dropbox, Inc.)
Task: {3B773E4A-E3FB-4147-8030-231EB6D3F231} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {43A31E63-7E24-4046-8F42-B64204CC175A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-08] (Google Inc.)
Task: {4BFA4803-8227-47F7-8FAC-9231EAA9C9F1} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-02-03] ()
Task: {4EC900B3-AF3D-44DC-A55E-D3ACA0F2815D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3021717852-3600035281-275452165-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {4F481B8E-0A05-4507-83D3-80771388E27E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {53068E4C-ED15-436A-B712-1D370B3FB5FD} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-12-04] (Advanced Micro Devices, Inc.)
Task: {5C16F436-D65B-4CAF-9C3E-F1CC32879959} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {5EA78982-5695-46B9-8CD0-5EE13FD301A4} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-01-03] (McAfee, Inc.)
Task: {6F050ED0-FAC1-43C6-B4EC-0F71CD0991B0} - System32\Tasks\{69A67D0B-85F7-4174-9758-BDE60453B23C} => pcalua.exe -a "C:\Program Files (x86)\Lionhead Studios Ltd\The Movies\Movies.exe" -d "C:\Program Files (x86)\Lionhead Studios Ltd\The Movies"
Task: {7C2F0ECF-A994-4FA3-84CC-61426EC02236} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3021717852-3600035281-275452165-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-02-03] (RealNetworks, Inc.)
Task: {83837DF9-01FC-403C-A15F-D08685F3754C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-09-28] (Hewlett-Packard Company)
Task: {8C0D533C-7504-483C-A91B-85AE3D30B876} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {93E7F109-D6C9-4F19-8F59-8E3387DBAC19} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2015-12-09] (iolo technologies, LLC)
Task: {9981E537-841D-41CF-A224-054CA38D1DB5} - System32\Tasks\{02C984DF-4155-4FE2-91F4-6E1F23C64422} => pcalua.exe -a "C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\Apps\SimCity 4.exe" -d "C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\Apps"
Task: {9CC2801D-3573-4745-B487-79BA77F7D52F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A8B250E5-2DB8-471E-BFCA-A5FE2DA275AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {B000A4B1-B837-499E-AA86-A25EC2C9EDFF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3021717852-3600035281-275452165-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {B832E3EE-6E2F-476F-A2DF-8550C751F6A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-08] (Google Inc.)
Task: {BD86DF3E-49B6-486E-8053-35021418B1F7} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-06-19] ()
Task: {C0135B6B-98C8-4677-8483-7F1AB794E9D6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {C1401F78-DFA2-400A-A94D-5B812051977C} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-16] (McAfee, Inc.)
Task: {F4F15751-291B-47C5-B8E3-15FD3F9D12B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.priceline.com/?refid=PLHBC6240OPQ&refclickid=square
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 04:00 - 2015-07-10 04:00 - 00028160 _____ () C:\windows\SYSTEM32\efsext.dll
2015-10-23 20:37 - 2015-10-23 20:37 - 00032768 _____ () C:\windows\SYSTEM32\licensemanagerapi.dll
2016-02-06 00:49 - 2015-08-11 02:14 - 00404480 _____ () C:\windows\System32\diagtrack_wininternal.dll
2015-10-23 20:20 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-02-03 18:49 - 2016-02-03 18:49 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-02-06 00:50 - 2015-09-16 23:48 - 02494712 _____ () C:\windows\system32\CoreUIComponents.dll
2016-02-06 00:50 - 2015-09-16 23:48 - 02494712 _____ () C:\windows\System32\CoreUIComponents.dll
2016-02-06 00:49 - 2015-09-16 22:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-06 00:51 - 2015-11-24 21:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-02-06 00:50 - 2015-11-24 21:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-06 00:51 - 2015-11-24 21:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-06 00:51 - 2015-09-16 22:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:00 - 2015-07-10 06:15 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-02-03 18:00 - 2016-02-03 18:00 - 00712432 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-02-12 02:12 - 2016-02-12 02:12 - 09789952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.27.2.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-10-23 20:22 - 2014-02-18 20:21 - 00541683 _____ () C:\Program Files (x86)\Cyberlink\PowerDVD14\Kernel\DMS\sqlite3.dll
2016-02-03 18:48 - 2016-02-03 18:48 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-02-03 18:48 - 2016-02-03 18:48 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-02-03 18:49 - 2016-02-03 18:49 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 00022288 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\mediautil.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 01520912 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avformat-55.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 04274960 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 00322832 _____ () c:\program files (x86)\real\realplayer\RPDS\Tools\ffmpeg\avutil-52.dll
2016-02-08 02:01 - 2015-12-14 22:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-02-08 02:01 - 2015-07-03 09:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-02-08 02:01 - 2016-02-04 14:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll
2016-02-08 02:01 - 2015-09-23 17:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-02-08 02:01 - 2015-09-23 17:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-02-08 02:01 - 2015-09-23 17:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-02-08 02:01 - 2015-09-23 17:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-02-08 02:01 - 2015-09-23 17:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-02-08 02:01 - 2015-07-03 09:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-02-08 02:01 - 2015-07-03 09:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-02-08 02:01 - 2016-02-04 14:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-02-08 02:01 - 2015-12-29 18:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2016-02-12 15:48 - 2016-02-12 15:48 - 00089328 _____ () c:\program files (x86)\real\realplayer\CrashRpt\CrashRpt1402.dll
2016-02-05 21:33 - 2016-01-12 11:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-02-17 06:26 - 2016-01-12 11:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-02-17 06:26 - 2016-01-12 11:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-02-05 21:33 - 2016-01-12 11:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-02-05 21:33 - 2016-01-12 11:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-02-05 21:33 - 2016-02-16 11:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-02-05 21:33 - 2016-01-12 11:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-02-17 06:26 - 2016-01-12 11:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-02-05 21:33 - 2016-02-16 11:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-02-05 21:33 - 2016-01-12 11:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-02-17 06:26 - 2016-02-16 11:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-02-05 21:33 - 2016-01-12 11:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-17 06:26 - 2016-02-16 11:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-02-17 06:26 - 2016-02-16 11:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-02-05 21:33 - 2016-02-16 11:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-05 21:33 - 2016-02-16 11:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-02-17 06:26 - 2016-01-12 11:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-02-05 21:33 - 2016-01-12 11:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-02-05 21:33 - 2016-01-12 11:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-10 14:52 - 2016-02-16 11:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-05 21:33 - 2016-01-12 11:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-02-05 21:33 - 2016-01-12 11:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-05 21:33 - 2016-01-12 11:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-02-17 06:26 - 2016-02-16 11:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-02-17 06:26 - 2016-01-12 11:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-02-17 06:26 - 2016-02-16 11:39 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-02-17 06:26 - 2015-11-04 17:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-02-05 21:33 - 2016-02-16 11:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-05 21:33 - 2016-01-12 11:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-02-17 06:26 - 2016-01-12 11:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-02-17 06:26 - 2016-01-12 11:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-10 14:52 - 2016-02-16 11:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-10 14:52 - 2016-02-16 11:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-10 14:52 - 2016-02-16 11:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-10 14:52 - 2016-02-16 11:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-02-17 06:26 - 2016-02-16 11:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-02-05 21:33 - 2016-01-12 11:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-10 14:52 - 2016-02-16 11:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-02-17 06:26 - 2016-02-16 11:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-02-05 21:33 - 2016-01-12 11:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-02-17 06:26 - 2016-01-12 11:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-02-17 06:26 - 2016-01-12 11:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-02-05 21:33 - 2016-02-16 11:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-02-17 06:26 - 2016-02-16 11:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-02-05 21:33 - 2016-01-12 11:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-03 17:53 - 2016-02-03 17:53 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-02-12 15:46 - 2016-02-12 15:46 - 00654608 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2016-02-08 02:01 - 2016-01-05 18:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 04:04 - 2016-02-26 13:04 - 00000967 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3021717852-3600035281-275452165-1001\Control Panel\Desktop\\Wallpaper -> c:\users\lonew\pictures\my album\kiss pic's\1541.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{466F6CBA-390E-4C46-8AE6-D4216D3C2644}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{79895EBD-4115-4780-9D11-813D37D1E8D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B92CD892-7D15-4F84-9017-4B9A9F7D1472}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2446515C-C3CE-472A-8BF4-034F6B59D233}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C1ABB146-B548-4ADA-BE7B-9E58D6CA14F5}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{9FD668DF-D2C4-4271-839B-B215A4D2442B}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{186CF667-5D55-49AD-9AAE-D226D7E4F22C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{06149D6F-29B5-46F0-A083-7A41509EDCFE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{9D7F14DF-217A-45CC-8650-704A7CD5CF3B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{DB98D083-2F91-4043-B425-8497C211C196}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{F38586C0-F894-44F7-9303-E3E6D48CAB2C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{463A4075-4594-4E48-B00D-24FFC6453CFB}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{8E6BBFC9-76AF-4BB0-B8F5-4E8C244C6C9C}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{8FB65507-05D9-471E-9B36-01C4772F8592}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{C00EBF46-B170-4E56-B793-83DF3BCCE30B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{07EE1411-ADDD-4CF7-B1EE-A2B166F8475D}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{E37E8FFB-B8BE-42E3-A84F-67EB21948C92}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{F6E2278D-CBE3-41F7-9A0D-439C88C6DFEC}C:\users\lonew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lonew\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F80614F3-CB24-4A51-BF04-6A6D3731B7D6}C:\users\lonew\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lonew\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A59017E8-57C2-4324-9361-A043D9F16979}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{676990A9-A8AF-4DE4-8057-0224AC5751E2}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutLauncher.exe
FirewallRules: [{5D2B142B-35E9-4625-B7D7-A882F90A12BF}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{DB86AC9D-3279-41AE-A674-233862806964}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutConfigTool.exe
FirewallRules: [{C5677E08-298F-41C8-A858-2473E23572E8}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{042213E8-F34A-4A0B-AC0C-1BAB3343C3C3}] => (Allow) C:\Program Files (x86)\Electronic Arts\Burnout™ Paradise The Ultimate Box\BurnoutParadise.exe
FirewallRules: [{A84139E1-CC9A-42DA-A0AC-3193360BE949}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{D190D47D-96F9-448E-A662-D828C4824489}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{BF6D4271-1771-44AE-8F7C-C7F15EDF59EA}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed™ Most Wanted\NFS13.exe
FirewallRules: [{05122C31-131F-4FD1-89B5-808E3294725F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed™ Most Wanted\NFS13.exe
FirewallRules: [{9DCA05E4-3F39-4C83-9F21-79A59AD7437C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4ECA7094-572A-4B4A-AF33-C1C4325059DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{26A4D369-1AA6-473A-9D8E-B305A78DD5DA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{87EAAA34-3C70-4286-97DC-0038F9BFCDC2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{34F7168A-6AE2-41EE-80B9-95E86DBCB9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{EF6871B7-4AEB-4039-91A2-F9AA820BADA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{F1E3BDEF-9F08-4A65-A55D-5C71D8BA79A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A5134E23-7A74-4CA7-A732-8D0E45D6D178}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AA76C8A3-7A8B-4F31-A314-F074B6E5B34B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{B9342B00-AC6F-4445-B388-6E090B52F63C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{D93D20AB-4D3D-4A73-BB06-3ED6A649AE82}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{DB5D37B4-76F4-4643-95F3-99A8D44A0CD4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{FFFB3A59-5499-494E-9F1F-08613383AFEE}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{16EC2E66-712C-407C-8A8E-BDB31FB7C488}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{F415D022-D985-4F5B-8C68-0195BB39153E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{221EAA0D-A727-4C91-854A-A6684C06E32E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B13274F0-18EB-4E0A-BA17-DEFBD96EE909}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3D6B05A2-9029-40EB-BE83-1F0FB90D1692}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{AC1EFFFB-7278-454F-9CDB-60E4C627BD57}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

==================== Restore Points =========================

15-02-2016 03:03:47 Installed The Movies™
23-02-2016 09:52:52 Scheduled Checkpoint
24-02-2016 15:50:01 Installed DirectX
25-02-2016 16:24:43 Installed The Sims Medieval
26-02-2016 18:44:54 Installed ProductName from default.wxl
27-02-2016 21:55:20 Malwarebytes Anti-Rootkit Restore Point
28-02-2016 09:15:26 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2016 10:17:50 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (02/28/2016 09:23:56 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (02/28/2016 09:15:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/28/2016 09:11:57 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (02/28/2016 09:09:47 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.

Error: (02/28/2016 08:02:16 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2736) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (02/28/2016 08:02:16 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (2736) An attempt to create the file "C:\windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (02/28/2016 08:02:06 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2736) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (02/28/2016 08:02:06 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (2736) An attempt to create the file "C:\windows\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).

Error: (02/28/2016 08:01:56 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (2736) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.


System errors:
=============
Error: (02/28/2016 10:16:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: Amazon.

Error: (02/28/2016 10:16:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073cf9: The Weather Channel for HP.

Error: (02/28/2016 10:16:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: The Weather Channel for HP.

Error: (02/28/2016 10:09:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SecDrv service failed to start due to the following error:
%%1275

Error: (02/28/2016 10:09:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\windows\SysWow64\drivers\SECDRV.SYS

Error: (02/28/2016 10:09:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069

Error: (02/28/2016 10:09:17 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/28/2016 10:09:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\windows\System32\bcmihvsrv64.dll

Error: (02/28/2016 10:09:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\windows\System32\bcmihvsrv64.dll

Error: (02/28/2016 10:09:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024001e: The Weather Channel for HP.


CodeIntegrity:
===================================
Date: 2016-02-28 02:39:21.537
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\AMD\Packages\Apps\Radeon-Crimson-15.12-MinimalSetup\Bin64\atdcm64a.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-13 05:53:44.783
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:53:44.378
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:53:30.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:53:28.724
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:53:26.335
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:53:19.942
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:53:04.459
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-02-13 05:52:58.864
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 31%
Total physical RAM: 7863.8 MB
Available physical RAM: 5375.19 MB
Total Virtual: 9079.8 MB
Available Virtual: 6481.86 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:912.14 GB) (Free:507.7 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.08 GB) (Free:2.35 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: CB55F419)

Partition: GPT.

==================== End of Addition.txt ============================

Edited by nasdaq, 29 February 2016 - 08:21 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:32 AM

Posted 29 February 2016 - 08:46 AM


Here is my suggested fix.



I noticed that your Anti-Virus is disabled. Reset it.
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}

===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is it now?

#5 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 01 March 2016 - 02:41 PM

I ran the FRST and put the fix. Restarted the computer. Chrome is still going to mysearch.com. Internet explorer is not. Tried to turn on Mcafee but kept turn itself off. Here is the log:

 

Fix result of Farbar Recovery Scan Tool (x64) Version:27-02-2016
Ran by LONEW (2016-02-29 19:51:15) Run:1
Running from C:\Users\LONEW\Downloads\farbar
Loaded Profiles: LONEW (Available Profiles: LONEW)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
ShortcutWithArgument: C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dmysearch.com/?prd=set_epc&s=G2Qzcsdtn0,726e7c45-8f88-45fb-882a-bc8d43482396,
 
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\Users\LONEW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk => Shortcut argument removed successfully.
C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully.
C:\Users\LONEW\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => Shortcut argument removed successfully.
EmptyTemp: => 507.2 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 19:51:32 ====


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:32 AM

Posted 01 March 2016 - 03:11 PM

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

Restart Chrome.
====

If the problem persists please run the Farbar tool one more time.
Make sure that you check the box to create an Addition.txt file.

Paste the contents in our next reply.

===

The McAfee issue.

This is quoted from this topic.
https://community.mcafee.com/thread/74073?start=0&tstart=0

My solution was to grant local admin rights to the dedicated Service Account of McAfee Portal Shield, which was used to access the database. After restarting the PortalShield Service i saw the green icon. The Serviceaccount was also granted to be logon as a service in the local security policies. Both permissions are NOT mentioned in the McAfee documentation.

Hope it helps.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:32 AM

Posted 07 March 2016 - 08:25 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#8 cartong

cartong
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:32 AM

Posted 07 March 2016 - 09:36 PM

I reset Chrome and now the browser is working normally again.

 

Thank you.



#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:32 AM

Posted 08 March 2016 - 07:32 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users