Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    TLS Certs Outliving Domain Ownership Open Door to MitM and DoS

Featured Deal: Get 98% off The Ultimate IT Certification Training Bundle Deal

Photo

Windows 10 Upgrade Eureka 7.2 Crash Report -Was told to Repost

Started by nevans07 , Mar 19 2016 01:15 AM

  • This topic is locked This topic is locked
11 replies to this topic

#1 nevans07

nevans07

  • Members
  • 311 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:12:09 PM

Posted 19 March 2016 - 01:15 AM

Dear Bleepingcomputer Staff,   

 

       Hi. I recently upgraded from Windows 7 to Windows 10. Everything was going fine until I installed Comodo and Anti Beacon. I installed Anti Beacon because I really don't want Microsoft rummaging thru my data for advertisers. I now constantly get Eureka 7.2 crash report every 2 seconds. Emsisoft no longer scans automatically after start up like it used to. That's my scheduled scan. Also recently it wont let me  right click and scan with Emsisoft. Please help. I really appreciate your help.



Thank you for what you do.


Best Regards,

 

Nathaniel Evans 

 

EurekaLog 7.2.6.17 RC 1 crash report


Access violation at address 00007FFFA075729B in module 'ntdll.dll'.

Read of address 000000000000030

ExceptionLog7.Init (Location: (000000000{ntdll.dll  }003729B)

[00007FFFA075729B] ntdll.RtlVirtualUnwind + $1DB)



(report generated by EDebugInfo,debugInfoInitDoneErrorHandler)

Press Ctrl + C to copy report to clipboard
 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Nate (administrator) on DESKTOP-6EUV8QJ (18-03-2016 23:36:45)
Running from C:\Users\Nate\Desktop
Loaded Profiles: Nate (Available Profiles: Nate)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(WinPatrol) C:\Program Files\Ruiware\WinAntiRansom\WARSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(WinPatrol) C:\Program Files\Ruiware\WinAntiRansom\WARgk.exe
(WinPatrol) C:\Program Files\Ruiware\WinAntiRansom\WAR_TrayApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.17801.0_x64__8wekyb3d8bbwe\Video.UI.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => X:\Program Files\Apoint2K\Apoint.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-29] (Realtek Semiconductor)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9239064 2016-03-02] (Emsisoft Ltd)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKU\S-1-5-21-386282924-4030248200-1872497031-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-386282924-4030248200-1872497031-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-03-08] (Glarysoft Ltd)
HKU\S-1-5-21-386282924-4030248200-1872497031-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-26] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WAR Tray Application.lnk [2016-03-18]
ShortcutTarget: WAR Tray Application.lnk -> C:\Program Files\Ruiware\WinAntiRansom\WAR_TrayApp.exe (WinPatrol)
BootExecute: autocheck autochk *  
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6e4348de-289e-4364-83e4-1059fb3f19ce}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2015-06-09] ()
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2015-06-09] ()
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2015-06-09] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2015-06-09] ()
Toolbar: HKU\S-1-5-21-386282924-4030248200-1872497031-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2015-06-09] ()
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-02-27] (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2015-06-09] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2015-06-09] ()
 
FireFox:
========
FF ProfilePath: C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\buq164hx.default
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-26] (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Nate\AppData\Roaming\Mozilla\Firefox\Profiles\buq164hx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-26]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-15] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-26]
CHR Extension: (Google Docs) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-26]
CHR Extension: (Google Drive) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-26]
CHR Extension: (YouTube) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-26]
CHR Extension: (Adblock Plus) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (Google Search) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-26]
CHR Extension: (Google Sheets) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-26]
CHR Extension: (Google Docs Offline) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-26]
CHR Extension: (Gmail) - C:\Users\Nate\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-26]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [10970064 2016-03-02] (Emsisoft Ltd)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-03] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-26] (SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4432224 2016-02-26] (SurfRight B.V.)
R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [255376 2016-03-08] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 WARSvc; C:\Program Files\Ruiware\WinAntiRansom\WARSvc.exe [205960 2016-03-18] (WinPatrol)
S2 WARWDSvc; C:\Program Files\Ruiware\WinAntiRansom\WARWDSvc.exe [176776 2016-03-18] (WinPatrol)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BCM43XX; C:\Windows\System32\drivers\bcmwl63al.sys [5170176 2015-10-30] (Broadcom Corporation)
R1 CGKDarkWatcher; C:\Windows\System32\drivers\CGKDarkWatcher.sys [15640 2016-03-18] ()
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [828144 2015-11-18] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-02-26] (Glarysoft Ltd)
R3 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [177040 2016-02-26] (SurfRight B.V.)
R3 hmpnet; C:\WINDOWS\system32\drivers\hmpnet.sys [80424 2016-02-26] (SurfRight B.V.)
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-18 23:36 - 2016-03-18 23:37 - 00011523 _____ C:\Users\Nate\Desktop\FRST.txt
2016-03-18 23:36 - 2016-03-18 23:36 - 00000000 ____D C:\FRST
2016-03-18 22:45 - 2016-03-18 22:45 - 02374144 _____ (Farbar) C:\Users\Nate\Desktop\FRST64.exe
2016-03-18 22:44 - 2016-03-18 22:44 - 02374144 _____ (Farbar) C:\Users\Nate\Downloads\FRST64.exe
2016-03-18 21:46 - 2016-03-18 21:46 - 00001083 _____ C:\Users\Public\Desktop\WinAntiRansom Explorer.lnk
2016-03-18 21:46 - 2016-03-18 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ruiware
2016-03-17 17:36 - 2016-03-18 23:26 - 00304506 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2016-03-17 17:11 - 2016-03-17 17:11 - 00001886 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2016-03-17 17:11 - 2016-03-17 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-03-17 17:04 - 2016-03-17 17:04 - 00000000 ____D C:\ProgramData\Comodo Downloader
2016-03-17 17:03 - 2016-03-17 17:05 - 00033392 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-03-17 17:03 - 2016-03-17 17:03 - 00000000 ____D C:\ProgramData\Shared Space
2016-03-17 17:02 - 2016-03-17 17:03 - 00000000 ____D C:\ProgramData\Comodo
2016-03-17 17:02 - 2016-03-17 17:02 - 00000000 ____D C:\Program Files\COMODO
2016-03-16 23:21 - 2016-03-16 23:21 - 00000000 _____ C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}
2016-03-16 06:31 - 2016-03-16 06:42 - 00000000 ____D C:\Users\Nate\AppData\Roaming\ImgBurn
2016-03-16 04:18 - 2016-03-16 04:11 - 3306300812 _____ C:\Users\Nate\Desktop\Win10_1511_1_English_x64.iso
2016-03-16 00:00 - 2016-03-16 04:11 - 3306300812 _____ C:\Users\Nate\Downloads\Win10_1511_1_English_x64.iso
2016-03-12 06:21 - 2016-03-12 06:21 - 00894960 _____ C:\Users\Nate\Downloads\Norton_Removal_Tool (1).exe
2016-03-12 06:10 - 2016-03-12 06:10 - 00158364 _____ C:\Users\Nate\Documents\Admin.evtx.zip
2016-03-12 05:57 - 2016-03-12 05:57 - 00000000 ____D C:\Users\Nate\Documents\LocaleMetaData
2016-03-12 05:56 - 2016-03-12 05:57 - 02166784 _____ C:\Users\Nate\Documents\Admin.evtx
2016-03-10 21:46 - 2016-03-10 19:59 - 00002021 _____ C:\Users\Nate\Desktop\SleepyHead-BrokenGL.lnk
2016-03-10 21:35 - 2016-03-10 21:36 - 07194312 _____ (Microsoft Corporation) C:\Users\Nate\Downloads\vcredist_x64 (1).exe
2016-03-10 21:13 - 2016-03-10 21:38 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-10 21:11 - 2016-03-10 21:11 - 07186992 _____ (Microsoft Corporation) C:\Users\Nate\Downloads\vcredist_x64.exe
2016-03-10 20:44 - 2016-03-10 20:44 - 14572000 _____ (Microsoft Corporation) C:\Users\Nate\Downloads\vc_redist.x64.exe
2016-03-10 20:40 - 2016-03-10 20:40 - 01420840 _____ (Microsoft Corporation) C:\Users\Nate\Downloads\vcredist_arm.exe
2016-03-10 19:59 - 2016-03-10 20:50 - 00001234 _____ C:\Users\Nate\Desktop\SleepyHead-OpenGL.lnk
2016-03-10 19:59 - 2016-03-10 19:59 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SleepyHead-Testing-0.9.8-1-T3-Windows-Installer
2016-03-10 19:58 - 2016-03-10 19:59 - 00000000 ____D C:\Program Files\SleepyHead-Testing-0.9.8-1-T3
2016-03-10 19:51 - 2016-03-10 19:51 - 85344678 _____ C:\Users\Nate\Downloads\SleepyHead-Testing-0.9.8-1-T3-Windows-Installer.exe
2016-03-10 15:00 - 2016-03-10 15:00 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-10 15:00 - 2016-03-10 15:00 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-10 15:00 - 2016-03-10 15:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-10 15:00 - 2016-03-10 15:00 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-10 15:00 - 2016-03-10 15:00 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-10 14:59 - 2016-03-10 14:59 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-10 14:59 - 2016-03-10 14:59 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-10 14:59 - 2016-03-10 14:59 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-10 14:59 - 2016-03-10 14:59 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-10 14:59 - 2016-03-10 14:59 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-10 14:59 - 2016-03-10 14:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-10 14:58 - 2016-03-10 14:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-08 06:30 - 2016-03-08 06:30 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-03-08 06:01 - 2016-03-08 06:01 - 00000000 ____D C:\ProgramData\Acer
2016-03-08 05:21 - 2016-03-08 05:21 - 00004068 _____ C:\WINDOWS\System32\Tasks\UALU notificatin
2016-03-08 05:21 - 2016-03-08 05:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-08 05:21 - 2016-03-08 05:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMachines
2016-03-08 05:21 - 2016-03-08 05:21 - 00000000 ____D C:\ProgramData\eMachines
2016-03-08 05:21 - 2016-03-08 05:21 - 00000000 ____D C:\Program Files\eMachines
2016-03-08 05:21 - 2016-03-08 05:21 - 00000000 ____D C:\OEM
2016-03-08 04:54 - 2016-03-08 04:54 - 08163862 _____ C:\Users\Nate\Downloads\Application_Acer_1.02.3502_W7x64W7x86_A (1).zip
2016-03-08 04:53 - 2016-03-08 04:53 - 02783532 _____ C:\Users\Nate\Downloads\BIOS_eMachines_3.10_A_A (1).zip
2016-03-05 03:03 - 2016-03-05 03:03 - 00001502 _____ C:\Users\Public\Desktop\Tipard 3D Converter.lnk
2016-03-05 03:03 - 2016-03-05 03:03 - 00000000 ____D C:\Users\Nate\Documents\Tipard Studio
2016-03-05 03:03 - 2016-03-05 03:03 - 00000000 ____D C:\Users\Nate\AppData\Local\Tipard Studio
2016-03-05 03:03 - 2016-03-05 03:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tipard
2016-03-05 03:02 - 2016-03-05 03:02 - 00000000 ____D C:\ProgramData\Tipard Studio
2016-03-05 03:02 - 2016-03-05 03:02 - 00000000 ____D C:\Program Files (x86)\Tipard Studio
2016-03-05 02:58 - 2016-03-05 02:58 - 00001274 _____ C:\Users\Nate\Desktop\AVS Audio Editor.lnk
2016-03-05 02:55 - 2016-03-05 03:00 - 00000000 ____D C:\Users\Nate\AppData\Roaming\AVS4YOU
2016-03-05 02:54 - 2016-03-05 03:00 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-03-05 02:52 - 2016-03-05 03:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-03-05 02:52 - 2016-03-05 02:52 - 00001310 _____ C:\Users\Nate\Desktop\AVS Video Converter.lnk
2016-03-05 02:51 - 2016-03-05 03:00 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2016-03-05 02:51 - 2016-03-05 02:55 - 00000000 ____D C:\ProgramData\AVS4YOU
2016-03-05 02:51 - 2016-03-05 02:51 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-03-05 02:34 - 2016-03-05 02:39 - 00001100 _____ C:\Users\Nate\Desktop\bvcsoft3GP.lnk
2016-03-05 02:34 - 2016-03-05 02:34 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\bvcsoft3GP
2016-03-05 02:34 - 2016-03-05 02:34 - 00000000 ____D C:\Program Files (x86)\bvcsoft3GP
2016-03-04 21:23 - 2016-03-04 21:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-03-04 03:18 - 2016-03-04 03:18 - 02933350 _____ C:\Users\Nate\Downloads\Perfmon.zip
2016-03-04 03:17 - 2016-03-04 03:17 - 00457417 _____ C:\Users\Nate\Downloads\SysnativeFileCollectionApp.zip
2016-03-04 03:06 - 2016-03-04 02:59 - 02933350 _____ C:\Users\Nate\Documents\Perfmon.zip
2016-03-04 02:31 - 2016-03-04 02:31 - 00457417 _____ C:\Users\Nate\Documents\SysnativeFileCollectionApp.zip
2016-03-04 02:27 - 2016-03-04 02:30 - 00000000 ____D C:\Users\Nate\Documents\SysnativeFileCollectionApp
2016-03-04 02:15 - 2016-03-04 02:15 - 00158720 _____ (Sysnative) C:\Users\Nate\Downloads\SysnativeBSODCollectionApp.exe
2016-03-02 23:52 - 2016-03-02 23:52 - 00000000 ___HD C:\VTRoot
2016-03-02 22:45 - 2016-03-02 22:45 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Macromedia
2016-03-02 17:06 - 2016-03-02 17:06 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-02 17:06 - 2016-03-02 17:06 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-02 17:05 - 2016-03-02 17:05 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-02 17:05 - 2016-03-02 17:05 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-02 17:05 - 2016-03-02 17:05 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-02 17:05 - 2016-03-02 17:05 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-02 17:05 - 2016-03-02 17:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-02 17:05 - 2016-03-02 17:05 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-02 17:05 - 2016-03-02 17:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-02 17:05 - 2016-03-02 17:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-02 17:05 - 2016-03-02 17:05 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-02 17:04 - 2016-03-02 17:05 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-02 17:04 - 2016-03-02 17:05 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-02 17:04 - 2016-03-02 17:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-02 17:04 - 2016-03-02 17:04 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-02 17:04 - 2016-03-02 17:04 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-02 17:04 - 2016-03-02 17:04 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-02 17:04 - 2016-03-02 17:04 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-02 17:04 - 2016-03-02 17:04 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-02 16:59 - 2016-03-05 00:12 - 00001171 _____ C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware Guard.lnk
2016-02-27 10:01 - 2016-02-27 10:00 - 00001106 _____ C:\Users\Public\Desktop\Notepad++.lnk
2016-02-27 10:00 - 2016-02-27 10:13 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Notepad++
2016-02-27 10:00 - 2016-02-27 10:01 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-02-27 10:00 - 2016-02-27 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-02-27 09:58 - 2016-02-27 09:58 - 00307200 _____ (Secure By Design Inc.) C:\Users\Nate\Desktop\Ninite 7Zip Chrome Firefox Glary ImgBurn Notepad InstallerTHEREAL!!.exe
2016-02-27 09:56 - 2016-02-27 09:57 - 00307200 _____ (Secure By Design Inc.) C:\Users\Nate\Downloads\Ninite 7Zip Chrome Firefox Glary ImgBurn Notepad InstallerTHEREAL!!.exe
2016-02-27 01:35 - 2016-02-27 01:35 - 24411856 _____ (WinPatrol) C:\Users\Nate\Downloads\winantiransom-setup.exe
2016-02-27 01:24 - 2016-02-27 01:24 - 00000000 ____D C:\Users\Nate\Documents\SafeZone
2016-02-27 01:19 - 2016-03-18 21:46 - 00015640 _____ C:\WINDOWS\system32\Drivers\CGKDarkWatcher.sys
2016-02-27 01:18 - 2016-02-27 01:18 - 00000000 ____D C:\ProgramData\WinPatrol
2016-02-27 01:18 - 2016-02-27 01:18 - 00000000 ____D C:\Program Files\Ruiware
2016-02-27 00:59 - 2016-02-27 00:59 - 00002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2016-02-27 00:59 - 2016-02-27 00:59 - 00002193 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2016-02-27 00:59 - 2016-02-27 00:59 - 00000000 ____D C:\Program Files (x86)\Belarc
2016-02-27 00:38 - 2016-03-18 23:38 - 00000492 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a4c946fc-7185-4cbc-8e3b-5c207a91b869.job
2016-02-27 00:38 - 2016-03-16 02:00 - 00000492 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a7298263-8d68-495e-b06b-0ec6b34f0472.job
2016-02-27 00:38 - 2016-02-27 00:38 - 00003730 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task a7298263-8d68-495e-b06b-0ec6b34f0472
2016-02-27 00:38 - 2016-02-27 00:38 - 00003648 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task a4c946fc-7185-4cbc-8e3b-5c207a91b869
2016-02-27 00:37 - 2016-02-27 00:37 - 00000000 ____D C:\Users\Nate\AppData\Roaming\SUPERAntiSpyware.com
2016-02-27 00:37 - 2016-02-27 00:37 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-02-27 00:34 - 2016-02-27 01:08 - 00000000 ____D C:\ProgramData\Foolish IT
2016-02-27 00:34 - 2016-02-27 00:34 - 00053248 _____ C:\WINDOWS\SysWOW64\zlib.dll
2016-02-27 00:26 - 2016-02-27 00:26 - 00000000 ____D C:\Program Files\WOT
2016-02-27 00:26 - 2016-02-27 00:26 - 00000000 ____D C:\Program Files (x86)\WOT
2016-02-26 23:56 - 2016-02-26 23:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-02-26 23:55 - 2016-02-26 23:55 - 00001166 _____ C:\Users\Public\Desktop\Spybot Anti-Beacon.lnk
2016-02-26 23:55 - 2016-02-26 23:55 - 00000000 ____D C:\WINDOWS\SysWOW64\PolicyDefinitions
2016-02-26 23:55 - 2016-02-26 23:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot Anti-Beacon
2016-02-26 23:55 - 2016-02-26 23:55 - 00000000 ____D C:\Program Files (x86)\Spybot Anti-Beacon
2016-02-26 23:32 - 2016-02-26 23:32 - 11199448 _____ (VS Revo Group ) C:\Users\Nate\Downloads\RevoUninProSetup315.exe
2016-02-26 23:26 - 2016-02-26 23:26 - 01876816 _____ (SurfRight B.V.) C:\Users\Nate\Downloads\hmpalert.exe
2016-02-26 23:23 - 2016-02-26 23:35 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2016-02-26 23:23 - 2016-02-26 23:35 - 00001122 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2016-02-26 23:23 - 2016-02-26 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2016-02-26 23:23 - 2016-02-26 23:23 - 00000000 ____D C:\Program Files\VS Revo Group
2016-02-26 23:14 - 2016-02-25 10:46 - 63061656 _____ (Online Media Technologies Ltd. ) C:\Users\Nate\Desktop\AVS_Video_Converter_v9.1.4.574.exe
2016-02-26 23:14 - 2016-02-25 10:46 - 41724816 _____ (Online Media Technologies Ltd. ) C:\Users\Nate\Desktop\AVS_Audio_Editor_v8.0.2.501.exe
2016-02-26 23:14 - 2016-02-25 10:46 - 154787896 _____ (Online Media Technologies Ltd. ) C:\Users\Nate\Desktop\AVSVideoEditor.exe
2016-02-26 23:14 - 2016-02-25 10:45 - 63784984 _____ (Online Media Technologies Ltd. ) C:\Users\Nate\Desktop\AVSVideoConverterlatest.exe
2016-02-26 23:14 - 2016-02-25 10:45 - 63577584 _____ (Online Media Technologies Ltd. ) C:\Users\Nate\Desktop\AVSVideoConverterNewUpdate!!!!.exe
2016-02-26 23:14 - 2015-10-06 22:07 - 18499408 _____ (Online Media Technologies Ltd.) C:\Users\Nate\Desktop\AVSAudioEditor.exe
2016-02-26 23:14 - 2015-10-06 21:58 - 17396560 _____ (Online Media Technologies Ltd.) C:\Users\Nate\Desktop\AVSVideoConverter.exe
2016-02-26 23:13 - 2016-02-25 10:45 - 24314616 _____ ( ) C:\Users\Nate\Desktop\3d-converter.exe
2016-02-26 23:13 - 2016-02-25 10:45 - 21462048 _____ (Blue Ridge Networks ) C:\Users\Nate\Desktop\AppGuardSetup.exe
2016-02-26 23:12 - 2016-02-25 10:48 - 11199448 _____ (VS Revo Group ) C:\Users\Nate\Desktop\LatestRevoUninProSetup.exe
2016-02-26 23:12 - 2016-02-25 10:46 - 04405856 _____ C:\Users\Nate\Desktop\Belarc_Advisor_v8.5c.exe
2016-02-26 23:11 - 2016-02-25 10:48 - 23222992 _____ (WinPatrol) C:\Users\Nate\Desktop\winantiransom-setup.exe
2016-02-26 23:11 - 2016-02-25 10:48 - 02027520 _____ C:\Users\Nate\Desktop\WOT-latest-en-InternetExplorerWebOfTrustx64.msi
2016-02-26 23:11 - 2016-02-25 10:46 - 09072763 _____ C:\Users\Nate\Desktop\bvcsoft3GPSetup.exe
2016-02-26 23:10 - 2016-02-25 20:10 - 02618336 _____ (Foolish IT LLC ) C:\Users\Nate\Desktop\CryptoPreventSetup.exe
2016-02-26 23:10 - 2016-01-27 07:40 - 07935904 _____ (SUPERAntiSpyware) C:\Users\Nate\Desktop\SUPERANTISPYWARE.EXE
2016-02-26 22:52 - 2016-02-26 22:52 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Nate\Desktop\procexp.exe
2016-02-26 22:49 - 2016-03-16 20:33 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-02-26 22:43 - 2016-02-26 22:43 - 02691400 _____ (Safer-Networking Ltd. ) C:\Users\Nate\Downloads\SpybotAntiBeacon-1.5-setup.exe
2016-02-26 22:38 - 2016-02-26 22:38 - 00002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-02-26 22:38 - 2016-02-26 22:38 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-26 22:38 - 2016-02-26 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-02-26 22:38 - 2016-02-26 22:38 - 00000000 ____D C:\Program Files\CCleaner
2016-02-26 22:36 - 2016-02-26 22:36 - 06837784 _____ (Piriform Ltd) C:\Users\Nate\Downloads\ccsetup515.exe
2016-02-26 22:29 - 2016-02-26 22:29 - 00000000 ____D C:\Users\Nate\AppData\Local\VS Revo Group
2016-02-26 22:28 - 2016-02-26 22:28 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-02-26 22:12 - 2016-03-18 21:56 - 00000000 ____D C:\WINDOWS\CryptoGuard
2016-02-26 22:12 - 2016-03-18 21:49 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2016-02-26 22:12 - 2016-02-26 23:02 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2016-02-26 22:12 - 2016-02-26 22:13 - 00854224 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll
2016-02-26 22:12 - 2016-02-26 22:13 - 00770768 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll
2016-02-26 22:12 - 2016-02-26 22:13 - 00177040 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys
2016-02-26 22:12 - 2016-02-26 22:13 - 00080424 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpnet.sys
2016-02-26 22:12 - 2016-02-26 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2016-02-26 22:07 - 2016-02-26 22:07 - 00002144 _____ C:\Users\Nate\Desktop\VirusTotal Uploader 2.2.lnk
2016-02-26 22:07 - 2016-02-26 22:07 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2016-02-26 22:07 - 2016-02-26 22:07 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2016-02-26 21:55 - 2016-03-03 00:32 - 00000000 ____D C:\Users\Nate\AppData\Local\Mozilla
2016-02-26 21:55 - 2016-02-26 21:56 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Mozilla
2016-02-26 21:49 - 2016-02-26 21:49 - 00142744 _____ C:\Users\Nate\Downloads\vtuploader2.2.exe
2016-02-26 21:47 - 2016-02-26 21:47 - 04343968 _____ (SurfRight B.V.) C:\Users\Nate\Downloads\hmpalert31.exe
2016-02-26 19:58 - 2016-02-26 19:58 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-02-26 19:53 - 2016-02-26 19:54 - 00000000 ____D C:\Users\Nate\Downloads\cfw_installer_6106_53
2016-02-26 19:09 - 2016-02-26 19:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-02-26 19:06 - 2016-03-10 18:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-26 19:06 - 2016-03-10 18:48 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-26 19:05 - 2016-02-26 19:05 - 00000000 ____D C:\Users\Nate\Desktop\cfw_installer_6106_53
2016-02-26 19:04 - 2016-02-26 19:04 - 00000000 ____D C:\Users\Nate\AppData\Roaming\WinRAR
2016-02-26 18:59 - 2016-02-26 19:01 - 220699928 _____ (COMODO) C:\Users\Nate\Downloads\cfw_installer_6106_53.exe
2016-02-26 18:48 - 2016-02-26 18:48 - 00001062 _____ C:\Users\Public\Desktop\WinRAR.lnk
2016-02-26 18:48 - 2016-02-26 18:48 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-26 18:48 - 2016-02-26 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-02-26 18:48 - 2016-02-26 18:48 - 00000000 ____D C:\Program Files\WinRAR
2016-02-26 18:46 - 2016-02-26 18:46 - 00307200 _____ (Secure By Design Inc.) C:\Users\Nate\Downloads\Ninite 7Zip Chrome Firefox Glary ImgBurn VLC Installer (1).exe
2016-02-26 18:24 - 2016-02-26 20:57 - 00000000 ____D C:\Program Files\HitmanPro
2016-02-26 18:24 - 2016-02-26 18:25 - 00001962 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-02-26 18:24 - 2016-02-26 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-02-26 18:20 - 2016-02-26 18:31 - 00000000 ____D C:\ProgramData\HitmanPro
2016-02-26 18:18 - 2016-02-26 18:18 - 11441744 _____ (SurfRight B.V.) C:\Users\Nate\Downloads\HitmanPro_x64.exe
2016-02-26 18:16 - 2016-02-26 23:31 - 00000000 ____D C:\Users\Nate\AppData\Local\Google
2016-02-26 18:12 - 2016-02-26 18:12 - 00000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-26 18:12 - 2016-02-26 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-26 18:11 - 2016-03-18 21:51 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2016-02-26 18:11 - 2016-03-10 14:42 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-26 18:11 - 2016-03-10 14:42 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-26 18:11 - 2016-03-08 04:37 - 00003394 _____ C:\WINDOWS\System32\Tasks\GlaryInitialize 5
2016-02-26 18:11 - 2016-03-08 04:37 - 00003040 _____ C:\WINDOWS\System32\Tasks\GU5SkipUAC
2016-02-26 18:11 - 2016-03-08 04:37 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-02-26 18:11 - 2016-03-08 04:37 - 00001149 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-02-26 18:11 - 2016-02-26 18:11 - 00020160 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2016-02-26 18:11 - 2016-02-26 18:11 - 00001946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-02-26 18:11 - 2016-02-26 18:11 - 00001934 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\Users\Nate\AppData\Roaming\GlarySoft
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\Users\Nate\AppData\Roaming\DiskDefrag
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\Program Files\VideoLAN
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\Program Files\7-Zip
2016-02-26 18:11 - 2016-02-26 18:11 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-02-26 18:10 - 2016-03-18 23:15 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-26 18:10 - 2016-03-18 22:06 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-26 18:10 - 2016-03-18 22:06 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-26 18:10 - 2016-03-18 22:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-26 18:10 - 2016-03-18 22:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-26 18:10 - 2016-03-18 21:49 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-26 18:10 - 2016-02-26 18:10 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-26 18:10 - 2016-02-26 18:10 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-26 18:10 - 2016-02-26 18:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-26 17:57 - 2016-02-26 17:58 - 00000000 ____D C:\Users\Nate\AppData\Local\MicrosoftEdge
2016-02-26 17:47 - 2016-03-18 21:46 - 00000000 ____D C:\ProgramData\InstallMate
2016-02-26 17:47 - 2016-02-27 01:18 - 00000000 ____D C:\Users\Nate\AppData\Roaming\WinPatrol
2016-02-26 17:47 - 2016-02-26 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2016-02-26 17:47 - 2016-02-26 17:47 - 00000000 ____D C:\Program Files (x86)\Ruiware
2016-02-26 17:35 - 2016-03-18 21:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-26 17:35 - 2016-02-26 17:36 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-26 17:35 - 2016-02-26 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-26 17:35 - 2016-02-26 17:36 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-26 17:35 - 2016-02-26 17:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-26 17:35 - 2015-10-05 10:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-26 17:35 - 2015-10-05 10:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-26 17:35 - 2015-10-05 10:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-26 17:30 - 2016-02-26 17:30 - 00000000 ____D C:\ProgramData\Emsisoft
2016-02-26 17:23 - 2016-02-26 17:23 - 00000000 ____D C:\Users\Nate\AppData\Local\Comms
2016-02-26 17:14 - 2016-02-26 17:14 - 00000937 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-02-26 17:14 - 2016-02-26 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-02-26 17:13 - 2016-03-18 23:37 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-02-26 17:07 - 2016-02-26 17:08 - 00002360 _____ C:\Users\Nate\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-26 17:07 - 2016-02-26 17:08 - 00000000 ___RD C:\Users\Nate\OneDrive
2016-02-26 17:06 - 2016-02-26 17:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-02-26 17:06 - 2016-02-26 17:06 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-02-26 17:04 - 2016-02-26 17:04 - 00000000 ____D C:\Users\Nate\AppData\Local\Publishers
2016-02-26 17:04 - 2016-02-26 17:04 - 00000000 ____D C:\Users\Nate\AppData\Local\ActiveSync
2016-02-26 17:03 - 2016-03-02 23:20 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-26 17:02 - 2016-02-27 00:15 - 00000000 ____D C:\Users\Nate\AppData\Local\Packages
2016-02-26 17:02 - 2016-02-26 17:07 - 00000000 ____D C:\Users\Nate
2016-02-26 17:02 - 2016-02-26 17:02 - 00000020 ___SH C:\Users\Nate\ntuser.ini
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 _SHDL C:\Users\Nate\My Documents
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 _SHDL C:\Users\Nate\Documents\My Videos
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 _SHDL C:\Users\Nate\Documents\My Pictures
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 _SHDL C:\Users\Nate\Documents\My Music
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 ____D C:\Users\Nate\AppData\Roaming\Adobe
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 ____D C:\Users\Nate\AppData\Local\VirtualStore
2016-02-26 17:02 - 2016-02-26 17:02 - 00000000 ____D C:\Users\Nate\AppData\Local\TileDataLayer
2016-02-26 16:58 - 2016-03-18 21:54 - 01190954 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-26 16:55 - 2015-10-30 03:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-02-26 16:54 - 2016-02-26 16:54 - 00000000 ____D C:\ProgramData\USOShared
2016-02-26 16:53 - 2016-03-18 21:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Public\Documents\My Videos
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Public\Documents\My Pictures
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Public\Documents\My Music
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default\My Documents
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\Default User
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Users\All Users
2016-02-26 16:53 - 2016-02-26 16:53 - 00000000 _SHDL C:\Documents and Settings
2016-02-26 16:48 - 2016-02-26 16:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-02-26 16:48 - 2016-02-26 16:48 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-02-26 16:48 - 2016-02-26 16:48 - 00000000 ____D C:\Program Files\Realtek
2016-02-26 16:44 - 2016-03-10 18:33 - 00203320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-26 16:44 - 2016-02-26 16:44 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-02-26 16:43 - 2016-02-26 16:43 - 00000000 _____ C:\Recovery.txt
2016-02-26 16:41 - 2016-02-26 16:56 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-26 16:41 - 2016-02-26 16:41 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-02-26 16:41 - 2016-02-26 16:41 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\Program Files\Synaptics
2016-02-26 16:40 - 2016-02-26 16:40 - 00000000 ____D C:\Program Files\Apoint2K
2016-02-26 16:39 - 2016-02-26 16:39 - 00000000 ____D C:\WINDOWS\Setup
2016-02-26 16:38 - 2016-02-26 16:38 - 00000000 ____D C:\WINDOWS\OCR
2016-02-26 16:38 - 2016-02-26 16:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-02-26 16:38 - 2016-02-26 16:38 - 00000000 ____D C:\Program Files\MSBuild
2016-02-26 16:38 - 2016-02-26 16:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-02-26 16:38 - 2016-02-26 16:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\0409
2016-02-26 16:37 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-02-26 16:33 - 2016-03-10 15:01 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-26 16:33 - 2016-03-10 15:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-26 16:31 - 2016-02-26 16:43 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-02-26 16:31 - 2016-02-26 16:27 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-02-26 16:31 - 2016-02-26 16:27 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-02-26 16:31 - 2016-02-26 16:27 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-02-26 16:31 - 2016-02-26 16:27 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-02-26 16:31 - 2016-02-26 16:27 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-02-26 16:31 - 2016-02-26 16:27 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-02-26 16:31 - 2016-02-26 16:27 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-02-26 16:31 - 2016-02-26 16:27 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-02-26 16:31 - 2016-02-26 16:27 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-02-26 16:31 - 2016-02-26 16:27 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-02-26 16:31 - 2016-02-26 16:27 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-02-26 16:31 - 2016-02-26 16:27 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-02-26 16:31 - 2016-02-26 16:27 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-02-26 16:31 - 2016-02-26 16:27 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-02-26 16:31 - 2016-02-26 16:27 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-02-26 16:31 - 2016-02-26 16:27 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-02-26 16:31 - 2016-02-26 16:27 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-02-26 16:30 - 2016-03-18 21:01 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-26 16:30 - 2016-03-18 21:00 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-26 16:30 - 2016-03-10 18:30 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-02-26 16:30 - 2016-03-10 18:30 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-02-26 16:30 - 2016-03-10 18:30 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-02-26 16:30 - 2016-03-10 18:30 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-02-26 16:30 - 2016-03-08 06:31 - 00000000 ____D C:\WINDOWS\rescache
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 __RSD C:\WINDOWS\Media
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-02-26 16:30 - 2016-03-02 23:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-26 16:30 - 2016-02-26 19:14 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-02-26 16:30 - 2016-02-26 19:14 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-02-26 16:30 - 2016-02-26 19:14 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-02-26 16:30 - 2016-02-26 19:14 - 00000000 ____D C:\WINDOWS\Provisioning
2016-02-26 16:30 - 2016-02-26 17:20 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-02-26 16:30 - 2016-02-26 17:03 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-02-26 16:30 - 2016-02-26 17:03 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-02-26 16:30 - 2016-02-26 17:02 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-02-26 16:30 - 2016-02-26 16:56 - 00000000 ____D C:\WINDOWS\system32\spool
2016-02-26 16:30 - 2016-02-26 16:56 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-02-26 16:30 - 2016-02-26 16:54 - 00000000 ____D C:\ProgramData\USOPrivate
2016-02-26 16:30 - 2016-02-26 16:51 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\setup
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\system32\Com
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\IME
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\Help
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\Program Files\Windows Defender
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-02-26 16:30 - 2016-02-26 16:37 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\ias
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\ShellNew
2016-02-26 16:30 - 2016-02-26 16:31 - 00000000 ____D C:\WINDOWS\Registration
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 __RHD C:\Users\Public\Libraries
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Web
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Vss
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\tracing
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\TAPI
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SystemResources
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SystemApps
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\ras
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\IME
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\System
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SKB
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\security
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\schemas
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\SchCache
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Resources
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\PLA
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Performance
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\InputMethod
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Globalization
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Cursors
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\Branding
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\appcompat
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\addins
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\ProgramData\Comms
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\Program Files\Windows NT
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\Program Files\Common Files\Services
2016-02-26 16:30 - 2016-02-26 16:30 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-02-26 16:30 - 2016-02-26 16:27 - 00000219 _____ C:\WINDOWS\system.ini
2016-02-26 16:30 - 2016-02-26 16:27 - 00000092 _____ C:\WINDOWS\win.ini
2016-02-26 16:28 - 2016-03-18 21:54 - 00000000 ____D C:\WINDOWS\INF
2016-02-26 16:19 - 2016-03-10 15:09 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-26 16:11 - 2016-03-18 21:48 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 16:11 - 2016-02-26 16:54 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-26 16:11 - 2016-02-26 16:37 - 00000000 ____D C:\WINDOWS\servicing
2016-02-26 16:11 - 2016-02-26 16:30 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-02-26 16:11 - 2015-10-30 02:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-02-26 13:34 - 2016-02-26 13:34 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-02-26 13:34 - 2016-02-26 13:34 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-02-26 13:34 - 2016-02-26 13:34 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-26 13:34 - 2016-02-26 13:34 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-26 13:34 - 2016-02-26 13:34 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-02-26 13:34 - 2016-02-26 13:34 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-02-26 13:34 - 2016-02-26 13:34 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-02-26 13:34 - 2016-02-26 13:34 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-02-26 13:34 - 2016-02-26 13:34 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-02-26 13:34 - 2016-02-26 13:34 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-02-26 13:34 - 2016-02-26 13:34 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-26 13:34 - 2016-02-26 13:34 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-02-26 13:34 - 2016-02-26 13:34 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-02-26 13:34 - 2016-02-26 13:34 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-02-26 13:34 - 2016-02-26 13:34 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-02-26 13:34 - 2016-02-26 13:34 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-02-26 13:34 - 2016-02-26 13:34 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-26 13:33 - 2016-02-26 13:33 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-26 13:33 - 2016-02-26 13:33 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-02-26 13:33 - 2016-02-26 13:33 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-02-26 13:33 - 2016-02-26 13:33 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-26 13:33 - 2016-02-26 13:33 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-02-26 13:33 - 2016-02-26 13:33 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-02-26 13:33 - 2016-02-26 13:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-02-26 13:33 - 2016-02-26 13:33 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-02-26 13:33 - 2016-02-26 13:33 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-02-26 13:33 - 2016-02-26 13:33 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-02-26 13:24 - 2015-10-23 21:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-02-26 13:24 - 2015-10-23 21:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-02-26 13:24 - 2015-10-23 21:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-02-26 13:24 - 2015-10-23 21:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-02-26 13:24 - 2015-10-23 21:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-02-26 13:24 - 2015-10-23 21:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-02-26 12:54 - 2016-02-26 16:43 - 00000000 ___HD C:\$SysReset
2016-02-25 10:48 - 2016-02-25 10:48 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Nate\Desktop\mbar-1.07.0.1009AntiRootkit!!!.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-04 21:23 - 2014-01-22 08:52 - 00214832 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-03-04 21:23 - 2014-01-22 08:52 - 00122160 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-02-26 09:18 - 2013-03-11 16:48 - 04931384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll
 
Some files in TEMP:
====================
C:\Users\Nate\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Nate\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-03-12 06:51
 
==================== End of FRST.txt ============================

Attached Files


BC AdBot (Login to Remove)

 

#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,736 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:01:09 PM

Posted 23 March 2016 - 09:02 AM

nevans07:

 

Hello and welcome to the Bleeping Computer Virus, Trojans, Spyware, and Malware Removal Logs Forum.  My name is Phil and I am a trainee in the Bleeping Computer Malware Removal Study Hall.  If you would permit me to address you by your first name, I would prefer to do that since we will be working together.

 

I will be assisting you with your computer issues.  All of my proposed fixes and suggestions must be approved by a fully-qualified Malware Removal Team member or instructor.  This will delay response times somewhat, but I will endeavor to respond daily when possible, and no later than 48 hours after your last post.

 

I will need some time to review your FRST logs.  Once I have done, so I will post back with instructions.

 

Thank you and have a great day.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators

#3 nevans07

nevans07
  • Topic Starter

  • Members
  • 311 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:12:09 PM

Posted 23 March 2016 - 04:04 PM

Thank you Phil!

#4 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,736 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:01:09 PM

Posted 25 March 2016 - 04:39 AM

nevans07:

 

Thank you for your patience.  I have analyzed your FRST log files.  Bleeping Computer Study Hall rules require that my analysis, and proposed "fixes", be approved before I can post them.  This is done for "protection" of the computer users, like yourself, who have come here for assistance.  I am still in training and therefore Bleeping Computer wants to ensure that any direction given in these Forums by a Study Hall trainee is the correct solution and will not damage a user's computer.

 

I submitted my analysis for approval on Wednesday PM and I am still awaiting a response.  I did communicate by private message with a Study Hall Administrator yesterday.

 

Apparently there is a shortage of instructors currently, which is delaying approvals.  These Forums are very busy, as you can see.  I apologize for the delay.  I will be active all day on my computer and will post as soon as I get approval to do so.

 

Once again, thank you for your patience.  You are not forgotten.  Have a great day, and I hope to post later today.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators

#5 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,736 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:01:09 PM

Posted 25 March 2016 - 06:32 AM

nevans07:

I have analyzed your FRST logs. The good news is that I did not detect any active malware.

I did notice that the following security programs, or traces thereof, were installed on your computer.
  • Hitman Pro with CryptoGuard
  • Emsisoft Anti-Malware
  • Comodo Firewall shown as "Installed Program", but files, drivers, etc. and Scheduled Tasks for Comodo Internet Security
  • Malwarebytes Anti-Malware
  • WinPatrol
  • WinPatrol WinAntiRansom
  • Web of Trust BHO
  • Microsoft Anti-Malware boot driver loading (wdboot.sys) (S3 - On Demand)
  • Sybot Anti-Beacon
  • (-) Adblock Plus
  • (-) CryptoPrevent
  • (-) SUPERAntiSpyware, not shown as "Installed Program" but there are Scheduled Tasks.
  • (-) Malwarebytes Anti-Rootkit
(-) Does not show in Addition.txt Installed Programs, but files are found in the FRST scan log.


I think that the numerous security programs are "tripping over" each other. It is recommended to have only one anti-virus and one anti-malware product installed and active on your computer.
 

IMPORTANT NOTE: Using more than one anti-virus program is not advisable. Why? The primary concern with doing so is due to Windows resource management and significant conflicts that can arise especially when they are running in real-time protection mode simultaneously. Even if one of them is disabled for use as a stand-alone on demand scanner, it can still affect the other and cause conflicts. Anti-virus software components insert themselves deep into the operating systems core where they install kernel mode drivers that load at boot-up regardless of whether real-time protection is enabled or not. Thus, using multiple anti-virus solutions can result in kernel mode conflicts causing system instability, catastrophic crashes, slow performance and waste vital system resources. When actively running in the background while connected to the Internet, each anti-virus may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.


Reference Link I recommend that you read the entire post from Quietman7. He provides some great security advice.


I see that you have Emsisoft Anti-Malware, which includes both anti-virus and anti-malware capabilities. I would recommend that you start by uninstalling Comodo and Spybot Anti-Beacon, which precipitated your issues. I noted that you have Revo Uninstaller Pro installed on your computer. I would use that to uninstall those programs. Reboot please, between each uninstallation, as anti-malware and anti-virus applications "go deep" and a reboot is usually required to clean out residual files.

I will leave it to you decide which anti-virus and which anti-malware application(s) that you want to keep. If it was my computer, I would uninstall the others.

When you have completed that, then test your computer. If all is good, create a restore point, and then reinstall Spybot Anti-Beacon, if you so choose, since it is not really an anti-virus or anti-malware product, and see if your computer is still functioning fine.

Please post back with your results. Thank you for your patience waiting for a response from me and have a great day.

Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators

#6 nevans07

nevans07
  • Topic Starter

  • Members
  • 311 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:12:09 PM

Posted 25 March 2016 - 07:49 PM

Dear Phil,


        Hi. Thank you for your time. I uninstalled as you instructed. I am having a compatibility issue with Comodo and Windows 10. I did not have this problem in Windows 7. I had to install Comodo Internet Security and then modify it just to use the firewall. Do you or your instructors have any ideas or suggestions?? I read an article that for the life of me I can't find- detailing the fw hates anti beacon microsofts privacy data location as 00000000. And basically gives a castrating false positive. They had a way of changing the 0000000s so the fw wouldn't lose its mind. Not too technical. I'm just paraphrasing. The article.

 

Thank You,
Nathaniel Evans


#7 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,736 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:01:09 PM

Posted 27 March 2016 - 05:25 AM

Nathaniel:

Thank you for your post. It is not clear to me what security program(s) your uninstalled and which one(s) you are currently running. The Bleeping Computer recommendation is to only have one anti-virus application and one anti-malware application (see my previous post).

I have very little knowledge of the Spybot Anti-Beacon application. Much more knowledgeable folks can be found in the Bleeping Computer Anti-Virus, Anti-Malware, and Privacy Software Forum. You could also try researching at the Spybot Forums here.

How is your computer working now? What security application(s) are you running now?

Thank you and have a great day.

Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators

#8 nevans07

nevans07
  • Topic Starter

  • Members
  • 311 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:12:09 PM

Posted 29 March 2016 - 07:42 PM

Dear Phil,

 

I had posted to Spybot Anti Beacon as you suggested. I will post to Virus, Anti-Malware, and Privacy Software Forum as you instruct. A instructor on the forum Spybot Anti Beacon forum you referred me to(great suggestion!) told me to finish here. I'm just following instructions. My apologies. I had already uninstalled comodo and responded to the instructor prior to you who told me to post here. Again my apologies for not being more clear.

I uninstalled Comodo. And when I uninstalled Comodo-  Voila! No more Eureka Crash Reports. Emsisoft scans as scheduled. Now I know what was causing the crash report. Help! Only problem is I need my Comodo. I did not have this problem with Windows 7. I reinstalled Comodo. Any advice will be appreciated. 

 

Best Regards,

Nathaniel Evans


#9 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,736 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:01:09 PM

Posted 01 April 2016 - 09:13 AM

nevans07:

 

Thank you for your post.  I am pleased that you have identified the cause of your crash issue.

 

As I previously told you, I can see no sign of active malware on your computer.

 

Certainly you do need a firewall active on your computer.  You didn't say whether the crashes returned after you reinstalled Comodo?

 

Sometimes, a reinstall of security software is necessary because the installation becomes corrupted and that might be sufficient to solve your problem.  I see that all the time in the Bitdefender and Malwarebytes Forums (those are the security solutions that I personally use).  Their experts recommend doing a complete clean uninstall and then reinstall of their applications.  In most cases that seems to solve the problem.

 

If that doesn't work for you, then posting in the Virus, Anti-Malware, and Privacy Software Forum is probably your best bet.  The experts there would know of any conflicts between the security applications that you are running and how to resolve them.  Also you could consider visiting the Comodo Forums here to see if there are any reports of issues there.

 

If you don't need anything further in terms of malware log analysis, I will ask a moderator to close this thread.  Please let me know.

 

It has been my pleasure assisting you.  Thank you for choosing Bleeping Computer to help you with your computer issues.

 

Have a great day.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators

#10 nevans07

nevans07
  • Topic Starter

  • Members
  • 311 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:12:09 PM

Posted 01 April 2016 - 10:23 AM

Thank you Phil! After I reinstalled Comodo unfortunately the crash reports returned. I will post in the forums you suggested. Thanks again.

#11 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,736 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:01:09 PM

Posted 01 April 2016 - 10:52 AM

nevans07:

 

Thank you for your post.  Best of luck resolving your Comodo issues.  Have a great day.

 

Regards,

-Phil


Member of the Unified Network of Instructors and Trusted Eliminators

#12 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,079 posts
  • OFFLINE
    •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:05:09 PM

Posted 02 April 2016 - 06:45 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~

Back to Virus, Trojan, Spyware, and Malware Removal Help


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·