Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistant Trojan infecting Windows files and Registry


  • This topic is locked This topic is locked
25 replies to this topic

#1 PaulFrog

PaulFrog

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 27 May 2016 - 02:42 PM

Hey, I am brand new to this forum and came here for the dedicated one-on-one assistance on malware infections.  for the second time I ave had this computer virus, the first time I reset the machine to factory setting but this time I am hoping that this will not be necessary, as I want to learn how to deal with these issues from a Computer science standpoint. I received a file from a phishing scam that downloaded and deleted itself before McAfee could block it, realizing it immediately I looked up assistance. After scanning to little avail, I followed these forums and used programs like FRST and Mbar to try to get an idea on which registries and files were using processes like and Crss.exe ,Winlogon.exe and more recently Scvhost.exe. I have had no leads on what the malware was but discovered this could be a SysWow64 trojan or something similar(since syswow64) was not associated with any positives in files.  I had my registries being affected by a mock Google applet involved with chrome which I uninstalled, and now is slowing my computer down, restricting access to files through windows explorer and freezes occasionally when I try to end A process through Processhacker3 or use certain webpage functions. I cannot even use taskmanager as it freezes and will not open, nothing will open. Please Please Please, someone see this and try to give me their advice soon! no one will teach about issues like this, and I need help as soon as possible.

 

thanks,

   -Paul


Edited by PaulFrog, 27 May 2016 - 02:47 PM.


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 27 May 2016 - 07:24 PM

Hi Paul :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
  • Since I'm still a trainee, all my posts have to be reviewed by an instructor prior to be posted to make sure that you receive the best assistance possible. Sorry for the inconvenience. This being said, I have a full time job, and I also have night classes on Mondays and Wednesdays, which means that if you reply during these two days, it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Let's start by getting some logs, so I can get a clear idea of how your current system looks. Follow the instructions below please.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Scan mode
Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply.
  • Right-click on the executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds;
  • Check the Addition.txt option;
  • Click on the Scan button;
  • On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files;
  • Copy and paste the content of both FRST.txt and Addition.txt in your next reply;
Your next reply(ies) should include:
  • Copy/pasted content of the FRST.txt log;
  • Copy/pasted content of the Addition.txt log;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 27 May 2016 - 10:04 PM

thanks for your response

 

 here is the log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-05-2016 01
Ran by Paul (administrator) on PAUL-PC (27-05-2016 21:53:10)
Running from C:\Users\Paul\Downloads
Loaded Profiles: Paul (Available Profiles: Paul)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel® Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231328 2010-03-15] (Lenovo.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2012-03-17] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2012-03-17] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2012-03-17] (Lenovo)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [VitaKeyTSR] => C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe [383344 2010-12-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1003576 2016-03-31] (McAfee, Inc.)
HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-03-17] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2010-12-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [224352 2010-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-5769159-3156681398-1803590098-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-29] (Valve Corporation)
HKU\S-1-5-21-5769159-3156681398-1803590098-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-04-20] (SUPERAntiSpyware)
HKU\S-1-5-21-5769159-3156681398-1803590098-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2012-03-17] ()
Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-05-14]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{FA2560B0-35D0-49F7-8D9D-C8B1BC9D2326}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-5769159-3156681398-1803590098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-5769159-3156681398-1803590098-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
URLSearchHook: HKU\S-1-5-21-5769159-3156681398-1803590098-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-5769159-3156681398-1803590098-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\S-1-5-21-5769159-3156681398-1803590098-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_enUS691
SearchScopes: HKU\S-1-5-21-5769159-3156681398-1803590098-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-5769159-3156681398-1803590098-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN_enUS691
BHO: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\x64\EgisPBIE.dll [2010-12-13] (Egis Technology Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-06] (Oracle Corporation)
BHO-x32: EgisPBIE Class -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files (x86)\EgisTec BioExcess\EgisPBIE.dll [2010-12-13] (Egis Technology Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-06] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-06] (Google Inc.)
Toolbar: HKU\S-1-5-21-5769159-3156681398-1803590098-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-06] (Google Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-05-09] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-05-09] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-05-09] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-05-09] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-03-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-03-31] (McAfee, Inc.)
 
FireFox:
========
FF ProfilePath: C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\fg7994u6.default
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-31] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-06] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-31] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-19]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\fg7994u6.default\extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2016-05-27]
FF Extension: Adblock Plus - C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\fg7994u6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-27]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files (x86)\EgisTec BioExcess\FFExt
FF Extension:  Online Accounts Extension  - C:\Program Files (x86)\EgisTec BioExcess\FFExt [2012-03-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
 
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-13]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-05-14] (Adobe Systems) [File not signed]
S2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [498688 2011-06-14] (Red Bend Ltd.) [File not signed]
S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-05-09] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [889704 2016-03-31] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
S2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.656.0\McCSPServiceHost.exe [1709096 2016-03-14] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [718248 2016-03-07] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [453520 2016-03-10] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2016-01-25] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-02-19] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [279488 2016-01-25] (McAfee, Inc.)
S2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1037048 2016-03-15] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [986112 2011-06-14] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2016-01-29] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 epp; C:\EEK\bin64\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [46960 2016-05-12] ()
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [422184 2016-01-29] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351656 2016-01-29] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2016-01-29] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [847608 2016-01-29] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2016-01-29] (McAfee, Inc.)
S3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2015-10-29] (MediaMall Technologies, Inc.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-05-27] ()
S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
U3 BcmSqlStartupSvc; no ImagePath
U2 CLKMSVC10_3A60B698; no ImagePath
U2 CLKMSVC10_C3B3B687; no ImagePath
S3 cpuz134; \??\C:\Users\Paul\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
U2 DriverService; no ImagePath
U2 IAStorDataMgrSvc; no ImagePath
U2 iATAgentService; no ImagePath
U2 idealife Update Service; no ImagePath
U3 IGRS; no ImagePath
U2 IviRegMgr; no ImagePath
U2 MediaMall Server; no ImagePath
U2 nvUpdatusService; no ImagePath
U2 Oasis2Service; no ImagePath
U2 PCCarerService; no ImagePath
U2 ReadyComm.DirectRouter; no ImagePath
U2 RichVideo; no ImagePath
U2 RtLedService; no ImagePath
U2 SeaPort; no ImagePath
U2 SoftwareService; no ImagePath
U3 SQLWriter; no ImagePath
U2 Stereo Service; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-27 21:37 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-05-27 21:25 - 2016-05-27 21:51 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-27 21:25 - 2016-05-27 21:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-05-27 21:25 - 2016-05-27 21:25 - 00001347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-05-27 21:25 - 2016-05-27 21:25 - 00001335 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-05-27 21:25 - 2016-05-27 21:25 - 00000656 _____ C:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2016-05-27 21:25 - 2016-05-27 21:25 - 00000628 _____ C:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2016-05-27 21:25 - 2016-05-27 21:25 - 00000458 _____ C:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2016-05-27 21:25 - 2016-05-27 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-05-27 21:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2016-05-27 21:11 - 2016-05-27 21:11 - 00000628 _____ C:\Users\Paul\Paul - Shortcut.lnk
2016-05-27 13:26 - 2016-05-27 21:29 - 00843784 _____ C:\windows\ntbtlog.txt
2016-05-27 13:13 - 2016-05-27 13:13 - 00224968 _____ (ESET) C:\Users\Paul\Downloads\ESETPoweliksCleaner.exe
2016-05-26 22:53 - 2016-05-26 23:00 - 00000000 ____D C:\Users\Paul\AppData\Local\Mozilla
2016-05-26 22:53 - 2016-05-26 22:54 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Mozilla
2016-05-26 22:53 - 2016-05-26 22:53 - 00001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-26 22:53 - 2016-05-26 22:53 - 00001103 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-26 22:53 - 2016-05-26 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-26 22:53 - 2016-05-26 22:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-26 21:40 - 2016-05-26 21:44 - 00228334 _____ C:\TDSSKiller.3.1.0.9_26.05.2016_21.40.48_log.txt
2016-05-26 21:36 - 2016-05-26 21:36 - 00000000 ____D C:\SUPERDelete
2016-05-26 20:57 - 2016-05-26 20:58 - 00065232 _____ (Malwarebytes) C:\Users\Paul\Downloads\regassassin-setup-1.03.exe
2016-05-26 20:40 - 2016-05-26 20:41 - 00032457 _____ C:\Users\Paul\Downloads\Addition.txt
2016-05-26 20:39 - 2016-05-27 21:53 - 00000000 _____ C:\Users\Paul\Downloads\FRST.txt
2016-05-26 20:37 - 2016-05-26 20:37 - 02383360 _____ (Farbar) C:\Users\Paul\Downloads\FRST64.exe
2016-05-26 19:09 - 2016-05-26 20:24 - 00000000 ____D C:\Users\Paul\Documents\ttg
2016-05-26 18:06 - 2016-05-26 18:13 - 00228614 _____ C:\TDSSKiller.3.1.0.9_26.05.2016_18.06.13_log.txt
2016-05-26 17:33 - 2016-05-27 20:52 - 00028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2016-05-26 17:33 - 2016-05-26 18:02 - 00000000 ____D C:\ProgramData\RogueKiller
2016-05-26 17:33 - 2016-05-26 17:33 - 00000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-05-26 17:33 - 2016-05-26 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-05-26 17:33 - 2016-05-26 17:33 - 00000000 ____D C:\Program Files\RogueKiller
2016-05-26 17:31 - 2016-05-26 17:31 - 28908032 _____ (Adlice Software ) C:\Users\Paul\Downloads\setup.exe
2016-05-26 17:26 - 2016-05-26 17:26 - 00000000 ____D C:\zoek_backup
2016-05-26 17:21 - 2016-05-26 17:21 - 01309184 _____ C:\Users\Paul\Downloads\zoek.exe
2016-05-26 17:09 - 2016-05-26 17:30 - 00000000 ____D C:\Users\Paul\Downloads\backups
2016-05-26 17:05 - 2016-05-26 17:05 - 00003120 _____ C:\windows\System32\Tasks\{8292091F-0A30-4435-8A4D-95DA93686466}
2016-05-26 16:53 - 2016-05-26 16:53 - 00388608 _____ (Trend Micro Inc.) C:\Users\Paul\Downloads\HijackThis.exe
2016-05-26 16:50 - 2016-05-27 13:03 - 00000508 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 290c1bc7-742b-4959-91ef-96d11db621e2.job
2016-05-26 16:50 - 2016-05-27 00:50 - 00000508 _____ C:\windows\Tasks\SUPERAntiSpyware Scheduled Task a5ec0233-3787-4269-ba6f-14949540ce98.job
2016-05-26 16:50 - 2016-05-26 16:50 - 00003578 _____ C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 290c1bc7-742b-4959-91ef-96d11db621e2
2016-05-26 16:50 - 2016-05-26 16:50 - 00003504 _____ C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task a5ec0233-3787-4269-ba6f-14949540ce98
2016-05-26 16:50 - 2016-05-26 16:50 - 00000000 ____D C:\Users\Paul\AppData\Roaming\SUPERAntiSpyware.com
2016-05-26 16:49 - 2016-05-26 16:50 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-05-26 16:49 - 2016-05-26 16:49 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-05-26 16:49 - 2016-05-26 16:49 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-05-26 16:49 - 2016-05-26 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-05-26 16:48 - 2016-05-26 16:49 - 25962328 _____ (SUPERAntiSpyware) C:\Users\Paul\Downloads\SUPERAntiSpyware.exe
2016-05-26 16:44 - 2016-05-26 16:44 - 00004020 _____ C:\windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-05-26 14:01 - 2016-05-26 14:04 - 00010944 _____ C:\Users\Paul\mg.mp4.sfk
2016-05-24 23:34 - 2016-05-24 23:49 - 00082448 _____ C:\Users\Paul\Downloads\tourettes_guy_e_3.mp4.sfk
2016-05-24 23:33 - 2016-05-24 23:33 - 13921511 _____ C:\Users\Paul\Downloads\tourettes_guy_e_3.mp4
2016-05-24 22:55 - 2016-05-24 23:22 - 302029439 _____ C:\Users\Paul\Downloads\Top 10 WORST episodes of Spongebob Squarepants - 100 subscriber special.mp4
2016-05-24 00:23 - 2016-05-24 00:56 - 00000000 ____D C:\Users\Paul\glitch art
2016-05-24 00:08 - 2016-05-24 00:08 - 01373567 _____ C:\Users\Paul\Documents\ytp tourtettes guy effect 1.wmv
2016-05-23 23:50 - 2016-05-24 00:08 - 00196608 _____ C:\Users\Paul\Downloads\New Recording 5 (1).wav-0-2852324716-1.sfk
2016-05-23 23:08 - 2016-05-23 23:14 - 75862173 _____ C:\Users\Paul\Documents\ytp tourtettes guy.wmv
2016-05-23 22:11 - 2016-05-23 22:15 - 39045915 _____ C:\Users\Paul\Documents\ytp tourtettes guy 2.wmv
2016-05-23 21:53 - 2016-05-23 22:25 - 00006592 _____ C:\Users\Paul\Downloads\bleep I Love You Tourettes Guy.mp4.sfk
2016-05-23 21:53 - 2016-05-23 21:53 - 00223654 _____ C:\Users\Paul\Downloads\bleep I Love You Tourettes Guy.mp4
2016-05-23 17:01 - 2016-05-23 17:01 - 00000000 ____D C:\Users\Paul\Documents\OFX Presets
2016-05-23 16:46 - 2016-05-23 16:48 - 00196608 _____ C:\Users\Paul\Downloads\New Recording 5 (1).sfk
2016-05-23 16:45 - 2016-05-23 16:46 - 25157618 _____ C:\Users\Paul\Downloads\New Recording 5 (1).wav
2016-05-23 16:44 - 2016-05-23 16:44 - 02290323 _____ C:\Users\Paul\Downloads\New Recording 5.m4a
2016-05-23 16:36 - 2016-05-23 16:37 - 02290323 _____ C:\Users\Paul\Downloads\New Recording 5.wav
2016-05-23 15:18 - 2016-05-27 00:24 - 00003846 _____ C:\windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-05-22 21:52 - 2016-05-22 21:52 - 00405561 _____ C:\Users\Paul\Documents\green screen 1  dfdsf.wmv
2016-05-22 18:38 - 2016-05-22 18:43 - 00047176 _____ C:\Users\Paul\Downloads\Chris Chan Assaults Gamestop employee - 12.27.14.mp4.sfk
2016-05-21 20:57 - 2016-05-21 22:04 - 01887432 _____ C:\Users\Paul\Downloads\Ed Edd and Eddy Season 2 ep 2.mp4.sfk
2016-05-21 18:32 - 2016-05-21 20:49 - 1096305152 _____ C:\Users\Paul\Documents\cool cat saves the kids.avi
2016-05-21 18:30 - 2016-05-21 18:30 - 00002753 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eLecta Live Screen Recorder.lnk
2016-05-21 18:30 - 2016-05-21 18:30 - 00002741 _____ C:\Users\Public\Desktop\eLecta Live Screen Recorder.lnk
2016-05-21 18:30 - 2016-05-21 18:30 - 00000000 ____D C:\Program Files (x86)\ELECTA COMMUNICATIONS LTD
2016-05-21 18:28 - 2016-05-21 18:29 - 15736320 _____ C:\Users\Paul\Downloads\eLectaScreenRecorder.msi
2016-05-21 18:24 - 2016-05-21 18:24 - 00000000 ____D C:\Users\Paul\AppData\Local\ScreenCapture
2016-05-21 18:24 - 2016-05-21 18:24 - 00000000 ____D C:\Users\Paul\AppData\Local\Movavi
2016-05-21 18:23 - 2016-05-21 18:23 - 00004908 _____ C:\ProgramData\lbogtyso.zat
2016-05-21 18:23 - 2016-05-21 18:23 - 00000016 _____ C:\ProgramData\mntemp
2016-05-21 18:23 - 2016-05-21 18:23 - 00000000 ____D C:\ProgramData\Movavi Screen Capture 7
2016-05-21 18:23 - 2016-05-21 18:23 - 00000000 ____D C:\ProgramData\Movavi
2016-05-21 18:15 - 2016-05-21 18:15 - 00000000 ____D C:\ProgramData\CyberLink
2016-05-21 16:23 - 2016-05-23 16:28 - 00001134 _____ C:\Users\Paul\Desktop\nativelog.txt
2016-05-21 14:49 - 2016-05-21 14:49 - 00000000 ____D C:\Users\Paul\AppData\Roaming\TechSmith
2016-05-21 14:48 - 2016-05-26 13:55 - 00000000 ____D C:\Users\Paul\Documents\Camtasia Studio
2016-05-21 14:47 - 2016-05-21 14:47 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2016-05-21 14:47 - 2016-05-21 14:47 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2016-05-21 14:47 - 2016-05-21 14:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-05-21 14:46 - 2016-05-21 14:46 - 00000000 ____D C:\ProgramData\TechSmith
2016-05-21 14:39 - 2016-05-21 14:43 - 261137096 _____ C:\Users\Paul\Downloads\camtasia.exe
2016-05-21 14:19 - 2016-05-21 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2016-05-21 14:19 - 2016-05-21 14:48 - 00000000 ____D C:\Users\Paul\AppData\Local\TechSmith
2016-05-21 14:19 - 2016-05-21 14:46 - 00000000 ____D C:\Program Files (x86)\TechSmith
2016-05-21 14:18 - 2016-05-21 14:18 - 06699032 _____ C:\Users\Paul\Downloads\jing.exe
2016-05-21 14:15 - 2016-05-21 14:16 - 00117674 _____ C:\Users\Paul\Documents\cool cat saves the kids.mp4
2016-05-21 14:01 - 2016-05-27 01:19 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-21 14:01 - 2016-05-21 14:02 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-05-21 14:01 - 2016-05-21 14:01 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-21 14:01 - 2016-05-21 14:01 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-21 14:01 - 2016-05-21 14:01 - 00000000 ____D C:\windows\system32\Macromed
2016-05-21 14:00 - 2016-05-21 14:11 - 00000000 ____D C:\ProgramData\MediaMall
2016-05-21 00:13 - 2016-05-21 00:13 - 01453567 _____ C:\Users\Paul\Documents\ytp tourtettes bass.wmv
2016-05-19 14:45 - 2016-05-26 22:27 - 00000000 ____D C:\Users\Paul\Documents\New folder
2016-05-18 22:49 - 2016-05-26 13:59 - 00000000 ____D C:\Users\Paul\AppData\Roaming\vlc
2016-05-18 22:48 - 2016-05-18 22:48 - 00001062 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-05-18 22:48 - 2016-05-18 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-18 22:48 - 2016-05-18 22:48 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-05-18 22:47 - 2016-05-18 22:47 - 30503216 _____ C:\Users\Paul\Downloads\vlc-2.2.3-win32.exe
2016-05-18 22:34 - 2016-05-18 22:44 - 140846641 _____ C:\Users\Paul\Documents\ytp garfield final.wmv
2016-05-18 21:16 - 2016-05-18 21:17 - 00637288 _____ C:\Users\Paul\Downloads\Yah Onny Dail Wance (Re-re-re-xInfinity-upload) - King of the Hill YouTube Poop (YTP).mp4.sfk
2016-05-18 20:07 - 2016-05-18 20:16 - 125238533 _____ C:\Users\Paul\Documents\ytp garfield4.wmv
2016-05-18 17:38 - 2016-05-18 17:38 - 00000000 ____D C:\Program Files\VST Plug-Ins
2016-05-18 17:36 - 2016-05-18 17:36 - 00226089 _____ C:\Users\Paul\Downloads\GSnapWin64.zip
2016-05-18 16:35 - 2016-05-18 16:48 - 111846497 _____ C:\Users\Paul\Documents\ytp garfield3.wmv
2016-05-18 16:35 - 2016-05-18 16:35 - 00181561 _____ C:\Users\Paul\Documents\ytp garfield3wmv.wmv
2016-05-18 00:13 - 2016-05-18 00:19 - 00001608 _____ C:\Users\Paul\Downloads\The Next Day.mp4.sfk
2016-05-17 23:13 - 2016-05-17 23:13 - 44647149 _____ C:\Users\Paul\Downloads\Garfield And Friends Season 1 Episode 1- Peace And Quiet.mp4
2016-05-17 18:40 - 2016-05-17 18:55 - 00100104 _____ C:\Users\Paul\Downloads\The Tourettes Guy - Job Interview.mp4.sfk
2016-05-17 16:53 - 2016-05-17 16:53 - 06828382 _____ C:\Users\Paul\Downloads\smoke explosion smoke cloud - green screen effects.mp4
2016-05-17 15:24 - 2016-05-17 15:24 - 02505846 _____ C:\Users\Paul\Downloads\It felt good didn't it Ricky-.mp4
2016-05-16 22:39 - 2016-05-16 22:46 - 00640200 _____ C:\Users\Paul\Downloads\vl_480_244k_4323729.mp4.sfk
2016-05-16 21:50 - 2016-05-16 21:56 - 14521993 _____ C:\Users\Paul\Downloads\vl_480_244k_4323729.mp4
2016-05-16 20:23 - 2016-05-16 20:23 - 00692416 _____ (Adobe Systems Incorporated) C:\Users\Paul\Downloads\CreativeCloudSet-Up.exe
2016-05-16 19:34 - 2016-05-16 19:44 - 100550629 _____ C:\Users\Paul\Documents\ytp garfield.wmv
2016-05-16 19:34 - 2016-05-16 19:34 - 00141561 _____ C:\Users\Paul\Documents\ytp garfield1.wmv
2016-05-16 19:06 - 2016-05-16 19:12 - 00095256 _____ C:\Users\Paul\Downloads\Garfielf.mp4-0-690690000-1.sfk
2016-05-16 18:40 - 2016-05-16 18:40 - 02338774 _____ C:\Users\Paul\Downloads\Spongebob The Screaming Chocolate Guy (ORIGINAL SCENE).mp4
2016-05-16 18:38 - 2016-05-16 18:38 - 00700311 _____ C:\Users\Paul\Downloads\Spongebob Holy bleep.mp4
2016-05-16 18:09 - 2016-05-16 18:12 - 00095264 _____ C:\Users\Paul\Downloads\Garfielf.mp4.sfk
2016-05-16 18:05 - 2016-05-16 18:08 - 08538543 _____ C:\Users\Paul\Downloads\Mario Head Wants to 'Fly for you'.mp4
2016-05-15 23:25 - 2016-05-24 00:32 - 00000000 ____D C:\Users\Paul\AppData\Local\CrashDumps
2016-05-15 23:15 - 2016-05-15 23:15 - 13320578 _____ C:\Users\Paul\Documents\datamoshc3.avi
2016-05-15 23:13 - 2016-05-15 23:13 - 12893768 _____ C:\Users\Paul\Documents\datamoshc2.avi
2016-05-15 23:12 - 2016-05-15 23:12 - 12899056 _____ C:\Users\Paul\Documents\datamoshc.avi
2016-05-15 23:11 - 2016-05-15 23:11 - 12899056 _____ C:\Users\Paul\Documents\datamoshc
2016-05-15 23:07 - 2016-05-15 23:07 - 00001038 _____ C:\Users\Public\Desktop\Avidemux 2.5.lnk
2016-05-15 23:07 - 2016-05-15 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux
2016-05-15 23:07 - 2016-05-15 23:07 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.5
2016-05-15 23:06 - 2016-05-15 23:06 - 11008549 _____ C:\Users\Paul\Downloads\avidemux_2.5.4_win32.exe
2016-05-15 23:05 - 2016-05-15 23:06 - 36382989 _____ C:\Users\Paul\Downloads\avidemux2_2.5.4_intel.dmg
2016-05-15 23:02 - 2016-05-15 23:09 - 13337734 _____ C:\Users\Paul\Documents\datamosh.avi
2016-05-15 22:49 - 2016-05-15 22:50 - 183741952 _____ C:\Users\Paul\Documents\Untitled.avi
2016-05-15 22:44 - 2016-05-27 13:24 - 00081920 ___SH C:\Users\Paul\Documents\Thumbs.db
2016-05-15 22:44 - 2016-05-15 22:44 - 00029561 _____ C:\Users\Paul\Documents\Untitledd.wmv
2016-05-15 22:43 - 2016-05-15 22:43 - 00029561 _____ C:\Users\Paul\Documents\Untitled.wmv
2016-05-15 22:41 - 2016-05-15 22:41 - 00088124 _____ C:\Users\Paul\Documents\garf.avi.mxf
2016-05-15 22:40 - 2016-05-15 22:40 - 00088124 _____ C:\Users\Paul\Documents\garf.mxf
2016-05-15 22:39 - 2016-05-21 18:17 - 00000000 ____D C:\Users\Paul\Documents\Youcam
2016-05-15 22:39 - 2016-05-15 22:39 - 00000000 ____D C:\Users\Paul\AppData\Roaming\CyberLink
2016-05-15 22:39 - 2016-05-15 22:39 - 00000000 ____D C:\Users\Paul\AppData\Local\CyberLink
2016-05-15 20:16 - 2016-05-15 20:16 - 11948883 _____ C:\Users\Paul\Downloads\Hotel Mario- All Main Cut Scenes.mp4
2016-05-15 17:14 - 2016-05-15 17:14 - 620537341 _____ C:\windows\MEMORY.DMP
2016-05-15 17:14 - 2016-05-15 17:14 - 00262144 _____ C:\windows\Minidump\051516-34725-01.dmp
2016-05-15 17:14 - 2016-05-15 17:14 - 00000000 ____D C:\windows\Minidump
2016-05-15 12:18 - 2016-05-24 19:06 - 00001915 _____ C:\windows\system32\ScanResults.xml
2016-05-15 12:13 - 2016-05-24 19:02 - 00000464 _____ C:\windows\system32\ScannerSettings
2016-05-15 04:04 - 2016-05-15 04:04 - 63386941 _____ C:\Users\Paul\Downloads\Foundation Repair Plano TX - Plano Texas Foundation Repair.mp4
2016-05-15 01:39 - 2016-05-15 01:39 - 68338008 _____ C:\Users\Paul\Downloads\Homemade Air Conditioner (Use Ice From water for better effect).mp4
2016-05-15 01:28 - 2016-05-15 01:37 - 00116416 _____ C:\Users\Paul\Downloads\Star Fox 64 - Fox McCloud's Quotes.mp3.sfk
2016-05-14 23:44 - 2016-05-14 23:44 - 07960432 _____ C:\Users\Paul\Downloads\Garfielf.mp4
2016-05-14 23:32 - 2016-05-26 13:59 - 00000000 ____D C:\Users\Paul\ytp
2016-05-14 23:30 - 2016-05-24 00:56 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Audacity
2016-05-14 23:30 - 2016-05-14 23:30 - 00000000 ____D C:\Users\Paul\AppData\Local\Audacity
2016-05-14 23:29 - 2016-05-14 23:30 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-05-14 23:29 - 2016-05-14 23:29 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-05-14 23:29 - 2016-05-14 23:29 - 00001003 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-05-14 20:39 - 2016-05-14 20:39 - 00000000 ____D C:\Users\Paul\Documents\Updater
2016-05-14 20:33 - 2016-05-14 20:33 - 00002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-05-14 20:32 - 2016-05-14 20:32 - 00000000 ____D C:\Users\Public\Documents\Adobe PDF
2016-05-14 20:31 - 2016-05-14 20:31 - 00002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-05-14 20:31 - 2016-05-14 20:31 - 00002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2016-05-14 20:31 - 2016-05-14 20:31 - 00002042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2016-05-14 20:31 - 2016-05-14 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-05-14 20:28 - 2016-05-14 20:28 - 00000000 ____D C:\PhSp_CS2_UE_Ret
2016-05-14 17:51 - 2016-05-14 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-05-14 17:50 - 2016-05-14 17:50 - 00000000 ____D C:\ProgramData\Sony
2016-05-14 17:50 - 2016-05-14 17:50 - 00000000 ____D C:\Program Files\Sony
2016-05-14 17:50 - 2016-05-14 17:50 - 00000000 ____D C:\Program Files (x86)\Sony
2016-05-13 19:25 - 2016-05-24 00:33 - 00000000 ____D C:\Users\Paul\AppData\Roaming\avidemux
2016-05-13 19:25 - 2016-05-13 19:25 - 00000000 ____D C:\Users\Paul\AppData\Local\EgisTec
2016-05-13 17:55 - 2016-05-13 17:55 - 00000914 _____ C:\Users\Public\Desktop\Avidemux 2.6 - 64 bits.lnk
2016-05-13 17:55 - 2016-05-13 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (64 bits)
2016-05-13 17:55 - 2016-05-13 17:55 - 00000000 ____D C:\Program Files\Avidemux 2.6 - 64 bits
2016-05-12 21:05 - 2016-05-26 14:00 - 00000000 ____D C:\Users\Paul\Documents\Sony Vegas projects
2016-05-12 18:59 - 2016-05-26 22:01 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-05-12 18:47 - 2016-05-12 18:47 - 00000667 _____ C:\Users\Paul\Desktop\Paul.lnk
2016-05-12 18:36 - 2016-05-12 18:43 - 00000000 ____D C:\EEK
2016-05-12 18:35 - 2016-05-12 18:35 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Process Hacker 2
2016-05-12 18:31 - 2016-05-12 18:33 - 00225370 _____ C:\TDSSKiller.3.1.0.9_12.05.2016_18.31.38_log.txt
2016-05-12 18:24 - 2016-05-12 18:24 - 00001839 _____ C:\Users\Public\Desktop\Process Hacker 2.lnk
2016-05-12 18:24 - 2016-05-12 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2016-05-12 18:24 - 2016-05-12 18:24 - 00000000 ____D C:\Program Files\Process Hacker 2
2016-05-12 18:17 - 2016-05-12 18:17 - 00006378 _____ C:\ProgramData\SMRResults501.dat
2016-05-12 18:08 - 2016-05-12 18:08 - 00000398 _____ C:\Users\Paul\Desktop\pc app.appref-ms
2016-05-12 18:08 - 2016-05-12 18:08 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy
2016-05-12 18:07 - 2016-05-12 18:07 - 00000000 ____D C:\Users\Paul\AppData\Local\PackageAware
2016-05-12 18:06 - 2016-05-12 18:44 - 00000000 ____D C:\Users\Paul\AppData\Local\NPE
2016-05-12 18:06 - 2016-05-12 18:07 - 00000000 ____D C:\ProgramData\Norton
2016-05-12 18:02 - 2016-05-12 18:02 - 00046960 _____ C:\windows\system32\Drivers\hitmanpro37.sys
2016-05-12 17:59 - 2016-05-12 17:59 - 00001842 _____ C:\windows\system32\.crusader
2016-05-12 17:16 - 2016-05-12 18:00 - 00000000 ____D C:\ProgramData\HitmanPro
2016-05-12 17:10 - 2016-05-12 17:10 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-12 06:55 - 2016-05-19 00:20 - 00000000 _____ C:\windows\system32\reimage.rep
2016-05-12 03:31 - 2016-05-12 03:31 - 00000000 ____D C:\Users\Paul\AppData\Local\EmieUserList
2016-05-12 03:31 - 2016-05-12 03:31 - 00000000 ____D C:\Users\Paul\AppData\Local\EmieSiteList
2016-05-12 03:31 - 2016-05-12 03:31 - 00000000 ____D C:\Users\Paul\AppData\Local\EmieBrowserModeList
2016-05-12 03:31 - 2009-07-13 17:41 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\tbssvc.dll
2016-05-12 03:30 - 2010-11-20 19:24 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2016-05-12 03:30 - 2009-06-10 15:35 - 00145792 _____ (Intel Corporation) C:\windows\system32\Drivers\E1G6032E.sys
2016-05-12 03:21 - 2016-05-18 16:43 - 00098304 _____ C:\windows\debugpack.cmp
2016-05-12 02:12 - 2016-05-18 15:53 - 00012710 _____ C:\windows\system32\Native.exe
2016-05-12 01:30 - 2016-05-12 01:30 - 00004270 _____ C:\windows\System32\Tasks\ReimageUpdater
2016-05-12 01:29 - 2016-05-18 16:44 - 00000167 _____ C:\windows\Reimage.ini
2016-05-12 01:07 - 2016-05-26 18:24 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-05-12 01:07 - 2016-05-26 17:48 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-12 01:07 - 2016-05-12 01:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-12 01:05 - 2016-05-26 18:24 - 00000000 ____D C:\Users\Paul\Desktop\mbar
2016-05-12 01:05 - 2016-05-26 17:44 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-12 00:53 - 2016-05-27 21:53 - 00000000 ____D C:\FRST
2016-05-12 00:17 - 2016-05-12 00:17 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Publish Providers
2016-05-12 00:08 - 2016-05-12 00:13 - 00000000 ____D C:\Users\Paul\AppData\Local\Sony
2016-05-12 00:07 - 2016-05-15 22:40 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Sony
2016-05-11 18:07 - 2016-05-11 18:07 - 00003064 _____ C:\windows\System32\Tasks\McAfeeLogon
2016-05-11 18:07 - 2016-05-11 18:07 - 00000000 ____D C:\windows\System32\Tasks\McAfee
2016-05-11 18:07 - 2016-05-11 18:07 - 00000000 ____D C:\ProgramData\Intel Security
2016-05-11 18:07 - 2016-05-11 18:07 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2016-05-11 16:55 - 2016-05-11 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-05-11 12:49 - 2016-05-11 14:23 - 00000000 ____D C:\Users\Paul\Pythonworks
2016-05-11 12:25 - 2016-05-11 12:49 - 00000000 ____D C:\Users\Paul\.idlerc
2016-05-11 12:23 - 2016-05-11 12:24 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5
2016-05-11 12:23 - 2016-05-11 12:23 - 00000000 ____D C:\Users\Paul\AppData\Local\Package Cache
2016-05-11 12:21 - 2016-05-11 12:21 - 00000000 ____D C:\Users\Paul\AppData\LocalLow\Adobe
2016-05-11 00:29 - 2016-05-11 00:29 - 00000000 ____D C:\Users\Paul\Documents\Universe Sandbox ²
2016-05-11 00:22 - 2016-05-11 00:22 - 00000000 ____D C:\Users\Paul\AppData\LocalLow\Giant Army
2016-05-11 00:22 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_7.dll
2016-05-11 00:22 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_7.dll
2016-05-11 00:22 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_7.dll
2016-05-11 00:22 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_7.dll
2016-05-11 00:22 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_5.dll
2016-05-11 00:22 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_5.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_43.dll
2016-05-11 00:22 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_43.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_6.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_6.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_6.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_6.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_4.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_4.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_7.dll
2016-05-11 00:22 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_7.dll
2016-05-11 00:22 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_5.dll
2016-05-11 00:22 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_5.dll
2016-05-11 00:22 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_5.dll
2016-05-11 00:22 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_5.dll
2016-05-11 00:22 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_3.dll
2016-05-11 00:22 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_3.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\windows\system32\d3dcsx_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dcsx_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\windows\system32\d3dx11_42.dll
2016-05-11 00:22 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx11_42.dll
2016-05-11 00:22 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_4.dll
2016-05-11 00:22 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_4.dll
2016-05-11 00:22 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_4.dll
2016-05-11 00:22 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_4.dll
2016-05-11 00:22 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_6.dll
2016-05-11 00:22 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_6.dll
2016-05-11 00:22 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_41.dll
2016-05-11 00:22 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_41.dll
2016-05-11 00:22 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_41.dll
2016-05-11 00:22 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_41.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_3.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_3.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_3.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_3.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_2.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_2.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_5.dll
2016-05-11 00:22 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_5.dll
2016-05-11 00:22 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_40.dll
2016-05-11 00:22 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_40.dll
2016-05-11 00:22 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_40.dll
2016-05-11 00:22 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_40.dll
2016-05-11 00:22 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_40.dll
2016-05-11 00:22 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_40.dll
2016-05-11 00:22 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_2.dll
2016-05-11 00:22 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_2.dll
2016-05-11 00:22 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_1.dll
2016-05-11 00:22 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_1.dll
2016-05-11 00:22 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_2.dll
2016-05-11 00:22 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_2.dll
2016-05-11 00:22 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_39.dll
2016-05-11 00:22 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_39.dll
2016-05-11 00:22 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_39.dll
2016-05-11 00:22 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_39.dll
2016-05-11 00:22 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_39.dll
2016-05-11 00:22 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_39.dll
2016-05-11 00:22 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_1.dll
2016-05-11 00:22 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_1.dll
2016-05-11 00:22 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_1.dll
2016-05-11 00:22 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_1.dll
2016-05-11 00:22 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\windows\system32\XAPOFX1_0.dll
2016-05-11 00:22 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAPOFX1_0.dll
2016-05-11 00:22 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_4.dll
2016-05-11 00:22 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_4.dll
2016-05-11 00:22 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_38.dll
2016-05-11 00:22 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_38.dll
2016-05-11 00:22 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_38.dll
2016-05-11 00:22 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_38.dll
2016-05-11 00:22 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_38.dll
2016-05-11 00:22 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_38.dll
2016-05-11 00:22 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\windows\system32\XAudio2_0.dll
2016-05-11 00:22 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\windows\SysWOW64\XAudio2_0.dll
2016-05-11 00:22 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine3_0.dll
2016-05-11 00:22 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\windows\system32\xactengine3_0.dll
2016-05-11 00:22 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_3.dll
2016-05-11 00:22 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_3.dll
2016-05-11 00:22 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\windows\system32\D3DX9_37.dll
2016-05-11 00:22 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DX9_37.dll
2016-05-11 00:22 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_37.dll
2016-05-11 00:22 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_37.dll
2016-05-11 00:22 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_37.dll
2016-05-11 00:22 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_37.dll
2016-05-11 00:22 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_10.dll
2016-05-11 00:22 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_10.dll
2016-05-11 00:22 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_36.dll
2016-05-11 00:22 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_36.dll
2016-05-11 00:22 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_36.dll
2016-05-11 00:22 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_36.dll
2016-05-11 00:21 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\windows\system32\X3DAudio1_2.dll
2016-05-11 00:21 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\windows\SysWOW64\X3DAudio1_2.dll
2016-05-11 00:21 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_36.dll
2016-05-11 00:21 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_36.dll
2016-05-11 00:21 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_9.dll
2016-05-11 00:21 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_9.dll
2016-05-11 00:21 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2016-05-11 00:21 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_35.dll
2016-05-11 00:21 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_35.dll
2016-05-11 00:21 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_35.dll
2016-05-11 00:21 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_35.dll
2016-05-11 00:21 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_8.dll
2016-05-11 00:21 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_8.dll
2016-05-11 00:21 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_34.dll
2016-05-11 00:21 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_34.dll
2016-05-11 00:21 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_34.dll
2016-05-11 00:21 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_34.dll
2016-05-11 00:21 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_34.dll
2016-05-11 00:21 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_34.dll
2016-05-11 00:21 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_7.dll
2016-05-11 00:21 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_7.dll
2016-05-11 00:21 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\windows\system32\xinput1_3.dll
2016-05-11 00:21 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_3.dll
2016-05-11 00:21 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\windows\system32\d3dx10_33.dll
2016-05-11 00:21 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10_33.dll
2016-05-11 00:21 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_33.dll
2016-05-11 00:21 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_33.dll
2016-05-11 00:21 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_33.dll
2016-05-11 00:21 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_33.dll
2016-05-11 00:21 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_1.dll
2016-05-11 00:21 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_1.dll
2016-05-11 00:21 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_6.dll
2016-05-11 00:21 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_6.dll
2016-05-11 00:21 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_5.dll
2016-05-11 00:21 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_5.dll
2016-05-11 00:21 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_32.dll
2016-05-11 00:21 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_32.dll
2016-05-11 00:21 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\windows\system32\d3dx10.dll
2016-05-11 00:21 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx10.dll
2016-05-11 00:21 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_31.dll
2016-05-11 00:21 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_31.dll
2016-05-11 00:21 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_4.dll
2016-05-11 00:21 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_4.dll
2016-05-11 00:21 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\windows\system32\xinput1_2.dll
2016-05-11 00:21 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_3.dll
2016-05-11 00:21 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_3.dll
2016-05-11 00:21 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_2.dll
2016-05-11 00:21 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_2.dll
2016-05-11 00:21 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_2.dll
2016-05-11 00:21 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2016-05-11 00:21 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2016-05-11 00:21 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_1.dll
2016-05-11 00:21 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_1.dll
2016-05-11 00:21 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\windows\system32\xinput1_1.dll
2016-05-11 00:21 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\windows\SysWOW64\xinput1_1.dll
2016-05-11 00:21 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_29.dll
2016-05-11 00:21 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_29.dll
2016-05-11 00:21 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\windows\system32\xactengine2_0.dll
2016-05-11 00:21 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\windows\SysWOW64\xactengine2_0.dll
2016-05-11 00:21 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\windows\system32\x3daudio1_0.dll
2016-05-11 00:21 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\windows\SysWOW64\x3daudio1_0.dll
2016-05-11 00:21 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_28.dll
2016-05-11 00:21 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_28.dll
2016-05-11 00:21 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_27.dll
2016-05-11 00:21 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_27.dll
2016-05-11 00:21 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_26.dll
2016-05-11 00:21 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_26.dll
2016-05-11 00:21 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_25.dll
2016-05-11 00:21 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_25.dll
2016-05-11 00:21 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_24.dll
2016-05-11 00:21 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_24.dll
2016-05-11 00:13 - 2016-05-21 14:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-11 00:03 - 2016-05-11 00:03 - 00000000 ____D C:\Users\Paul\AppData\Local\Steam
2016-05-11 00:03 - 2016-05-11 00:03 - 00000000 ____D C:\Users\Paul\AppData\Local\CEF
2016-05-10 23:59 - 2016-05-27 13:20 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-10 23:59 - 2016-05-10 23:59 - 00000959 _____ C:\Users\Public\Desktop\Steam.lnk
2016-05-10 23:59 - 2016-05-10 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-10 21:27 - 2016-05-14 23:25 - 00000000 ____D C:\Users\Paul\Documents\school
2016-05-10 21:27 - 2016-05-10 21:38 - 00000000 ____D C:\Users\Paul\Documents\Open Office database
2016-05-10 21:26 - 2016-05-10 21:26 - 00000000 ____D C:\Users\Paul\AppData\Roaming\OpenOffice
2016-05-10 21:23 - 2016-05-10 21:24 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-05-10 21:23 - 2016-05-10 21:23 - 00001112 _____ C:\Users\Public\Desktop\OpenOffice 4.1.2.lnk
2016-05-10 21:22 - 2016-05-10 21:23 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-05-10 21:19 - 2016-05-10 21:19 - 00000000 ____D C:\Users\Paul\Desktop\OpenOffice 4.1.2 (en-US) Installation Files
2016-05-10 19:11 - 2016-02-11 11:56 - 05572032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-10 19:11 - 2016-02-11 11:52 - 01733592 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-10 19:11 - 2016-02-11 11:48 - 01214464 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-10 19:11 - 2016-02-11 11:48 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-10 19:11 - 2016-02-11 11:45 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-10 19:11 - 2016-02-11 11:44 - 03994560 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-10 19:11 - 2016-02-11 11:44 - 03938240 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-10 19:11 - 2016-02-11 11:44 - 01461248 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-10 19:11 - 2016-02-11 11:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-10 19:11 - 2016-02-11 11:44 - 00730112 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-10 19:11 - 2016-02-11 11:44 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-10 19:11 - 2016-02-11 11:41 - 01314328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-10 19:11 - 2016-02-11 11:41 - 00880128 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-10 19:11 - 2016-02-11 11:37 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-10 19:11 - 2016-02-11 11:35 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-10 19:11 - 2016-02-11 11:33 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-10 19:11 - 2016-02-11 11:30 - 00642560 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-10 19:11 - 2016-02-11 10:34 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-10 19:11 - 2016-02-08 23:53 - 00387792 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-05-10 19:11 - 2016-02-08 23:10 - 00341200 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-05-10 19:11 - 2016-02-08 14:05 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-05-10 19:11 - 2016-02-08 13:51 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-05-10 19:11 - 2016-02-08 13:39 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-05-10 19:11 - 2016-02-08 13:39 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-05-10 19:11 - 2016-02-08 13:38 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-05-10 19:11 - 2016-02-08 13:38 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-05-10 19:11 - 2016-02-08 13:37 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-05-10 19:11 - 2016-02-08 13:34 - 02280448 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-05-10 19:11 - 2016-02-08 13:32 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-05-10 19:11 - 2016-02-08 13:31 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-05-10 19:11 - 2016-02-08 13:30 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-05-10 19:11 - 2016-02-08 13:28 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-05-10 19:11 - 2016-02-08 13:28 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-05-10 19:11 - 2016-02-08 13:28 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-05-10 19:11 - 2016-02-08 13:20 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-05-10 19:11 - 2016-02-08 13:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-10 19:11 - 2016-02-08 13:15 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-05-10 19:11 - 2016-02-08 13:13 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-05-10 19:11 - 2016-02-08 13:12 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-05-10 19:11 - 2016-02-08 13:11 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-05-10 19:11 - 2016-02-08 13:10 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-05-10 19:11 - 2016-02-08 13:10 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-05-10 19:11 - 2016-02-08 13:05 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-05-10 19:11 - 2016-02-08 13:03 - 13012480 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-05-10 19:11 - 2016-02-08 13:03 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-05-10 19:11 - 2016-02-08 13:02 - 00687104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-05-10 19:11 - 2016-02-08 13:01 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-05-10 19:11 - 2016-02-08 13:01 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-05-10 19:11 - 2016-02-08 12:43 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-05-10 19:11 - 2016-02-08 12:39 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-05-10 19:11 - 2016-02-08 12:38 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-05-10 19:11 - 2016-02-08 11:41 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-05-10 19:11 - 2016-02-08 11:41 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-05-10 19:11 - 2016-02-08 11:27 - 02887680 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-05-10 19:11 - 2016-02-08 11:27 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-05-10 19:11 - 2016-02-08 11:26 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-05-10 19:11 - 2016-02-08 11:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-05-10 19:11 - 2016-02-08 11:26 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-05-10 19:11 - 2016-02-08 11:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-05-10 19:11 - 2016-02-08 11:19 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-05-10 19:11 - 2016-02-08 11:18 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-05-10 19:11 - 2016-02-08 11:16 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-05-10 19:11 - 2016-02-08 11:15 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-05-10 19:11 - 2016-02-08 11:14 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-05-10 19:11 - 2016-02-08 11:14 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-05-10 19:11 - 2016-02-08 11:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-05-10 19:11 - 2016-02-08 11:13 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-05-10 19:11 - 2016-02-08 11:06 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-05-10 19:11 - 2016-02-08 11:03 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-05-10 19:11 - 2016-02-08 10:56 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-05-10 19:11 - 2016-02-08 10:54 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-05-10 19:11 - 2016-02-08 10:52 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-05-10 19:11 - 2016-02-08 10:51 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-05-10 19:11 - 2016-02-08 10:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-05-10 19:11 - 2016-02-08 10:47 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-05-10 19:11 - 2016-02-08 10:37 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-05-10 19:11 - 2016-02-08 10:35 - 00718336 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-05-10 19:11 - 2016-02-08 10:34 - 00798720 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-05-10 19:11 - 2016-02-08 10:33 - 14613504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-05-10 19:11 - 2016-02-08 10:33 - 02123264 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-05-10 19:11 - 2016-02-08 10:33 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-05-10 19:11 - 2016-02-08 10:19 - 02597376 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-05-10 19:11 - 2016-02-08 10:07 - 01546752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-05-10 19:11 - 2016-02-08 09:55 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-05-10 19:11 - 2016-02-04 10:52 - 03211264 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-10 19:11 - 2016-01-06 12:02 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-10 19:11 - 2016-01-06 12:02 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-10 19:11 - 2016-01-06 11:41 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-10 19:11 - 2015-12-08 14:52 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-10 19:11 - 2015-12-08 12:07 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-10 19:11 - 2015-10-01 11:06 - 00692672 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-10 19:11 - 2015-10-01 11:04 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-10 19:11 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-10 19:11 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-10 19:11 - 2013-03-03 05:43 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-10 19:11 - 2013-03-03 05:43 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-10 19:11 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-10 19:11 - 2010-11-20 19:24 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-10 19:11 - 2010-11-20 19:24 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-10 19:11 - 2010-11-20 19:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-10 19:10 - 2016-02-11 11:56 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-10 19:10 - 2016-02-11 11:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-10 19:10 - 2016-02-11 11:49 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-10 19:10 - 2016-02-11 11:49 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-10 19:10 - 2016-02-11 11:48 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-10 19:10 - 2016-02-11 11:47 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-10 19:10 - 2016-02-11 11:46 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-10 19:10 - 2016-02-11 11:45 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-10 19:10 - 2016-02-11 11:45 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-10 19:10 - 2016-02-11 11:42 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-10 19:10 - 2016-02-11 11:42 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-10 19:10 - 2016-02-11 11:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:41 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-10 19:10 - 2016-02-11 11:38 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-10 19:10 - 2016-02-11 11:37 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-10 19:10 - 2016-02-11 11:37 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-10 19:10 - 2016-02-11 11:35 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-10 19:10 - 2016-02-11 11:35 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-10 19:10 - 2016-02-11 11:34 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-10 19:10 - 2016-02-11 11:31 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 11:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 10:48 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-10 19:10 - 2016-02-11 10:43 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-10 19:10 - 2016-02-11 10:41 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-10 19:10 - 2016-02-11 10:40 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-10 19:10 - 2016-02-11 10:34 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-10 19:10 - 2016-02-11 10:33 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-10 19:10 - 2016-02-11 10:32 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-10 19:10 - 2016-02-11 10:32 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-10 19:10 - 2016-02-11 10:32 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-10 19:10 - 2016-02-11 10:32 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-10 19:10 - 2016-02-11 10:32 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-10 19:10 - 2016-02-11 10:32 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-10 19:10 - 2016-02-11 10:31 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-10 19:10 - 2016-02-11 10:30 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 10:30 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 10:30 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-10 19:10 - 2016-02-11 10:30 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-10 19:10 - 2015-10-01 11:01 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-10 19:10 - 2015-10-01 11:00 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-10 19:10 - 2015-10-01 11:00 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-10 19:10 - 2015-10-01 11:00 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-10 19:10 - 2015-10-01 11:00 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-10 19:10 - 2015-10-01 10:50 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-10 19:10 - 2015-10-01 10:00 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-10 19:10 - 2015-04-17 20:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-10 19:10 - 2015-04-17 19:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-10 19:10 - 2015-02-02 20:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 19:10 - 2015-02-02 20:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-10 19:10 - 2010-11-20 19:24 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-10 18:25 - 2016-05-10 18:25 - 00000000 ___SD C:\windows\system32\CompatTel
2016-05-10 18:25 - 2016-05-10 18:25 - 00000000 ____D C:\windows\system32\appraiser
2016-05-09 18:37 - 2016-05-09 19:43 - 00000000 ____D C:\Users\Paul\AppData\Roaming\.minecraft
2016-05-09 18:37 - 2016-05-09 18:37 - 00000961 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-05-09 18:37 - 2016-05-09 18:37 - 00000000 ____D C:\Users\Paul\AppData\Roaming\java
2016-05-09 18:37 - 2016-05-09 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-05-09 18:37 - 2016-05-09 18:37 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-05-09 18:00 - 2016-05-27 21:37 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-09 18:00 - 2016-05-26 17:43 - 00003348 _____ C:\windows\System32\Tasks\McAfee Remediation (Prepare)
2016-05-09 17:04 - 2016-05-09 17:04 - 00000000 ____D C:\Users\Paul\AppData\Local\GWX
2016-05-09 17:01 - 2015-05-19 13:59 - 00207208 _____ (McAfee, Inc.) C:\windows\system32\Drivers\HipShieldK.sys
2016-05-09 16:53 - 2009-07-13 17:28 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2016-05-09 16:53 - 2009-07-13 17:11 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2016-05-09 16:53 - 2009-07-13 17:11 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2016-05-09 16:53 - 2009-07-13 17:11 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2016-05-09 16:53 - 2009-07-13 17:11 - 00006144 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2016-05-09 16:52 - 2016-04-04 13:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-05-09 16:52 - 2016-04-02 08:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-05-09 16:52 - 2016-03-17 13:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-05-09 16:52 - 2016-03-17 13:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-05-09 16:52 - 2016-03-17 13:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-05-09 16:52 - 2016-03-17 13:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-05-09 16:52 - 2016-02-03 09:07 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2016-05-09 16:52 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2016-05-09 16:52 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2016-05-09 16:52 - 2012-07-06 15:07 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2016-05-09 16:52 - 2011-04-27 22:54 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2016-05-09 16:52 - 2010-11-20 19:24 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-05-09 16:52 - 2010-11-20 19:24 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2016-05-09 16:52 - 2010-11-20 19:24 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2016-05-09 16:52 - 2009-07-13 17:40 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-05-09 16:52 - 2009-07-13 17:28 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2016-05-09 16:52 - 2009-07-13 17:28 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2016-05-09 16:52 - 2009-07-13 17:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2016-05-09 16:39 - 2016-05-09 16:39 - 00000000 ____D C:\ProgramData\Energy Management
2016-05-09 16:37 - 2016-05-09 16:38 - 00000000 ___SD C:\windows\system32\GWX
2016-05-09 16:37 - 2016-05-09 16:37 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-07 09:22 - 2015-11-10 13:55 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2016-05-07 09:22 - 2015-11-10 13:55 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2016-05-07 09:22 - 2015-11-10 13:39 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2016-05-07 09:22 - 2015-07-30 13:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2016-05-07 09:22 - 2015-07-30 12:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2016-05-07 09:21 - 2015-12-08 16:54 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2016-05-07 09:21 - 2015-12-08 14:07 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2016-05-07 09:21 - 2015-02-03 22:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2016-05-07 09:21 - 2015-02-03 21:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2016-05-07 03:23 - 2016-05-07 03:23 - 00262144 _____ C:\windows\system32\config\ELAM
2016-05-07 03:10 - 2010-11-20 19:23 - 00419880 _____ C:\windows\SysWOW64\locale.nls
2016-05-07 03:10 - 2010-11-20 19:23 - 00419880 _____ C:\windows\system32\locale.nls
2016-05-07 02:50 - 2015-07-30 08:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-07 02:50 - 2015-07-30 08:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-07 02:47 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2016-05-07 02:42 - 2016-05-07 02:42 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2016-05-07 02:42 - 2016-05-07 02:42 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2016-05-07 02:42 - 2016-05-07 02:42 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2016-05-07 02:42 - 2016-05-07 02:42 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2016-05-07 02:42 - 2016-05-07 02:42 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2016-05-07 02:42 - 2016-05-07 02:42 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2016-05-07 02:42 - 2016-05-07 02:42 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2016-05-07 02:33 - 2016-05-07 02:33 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-05-07 02:33 - 2016-05-07 02:33 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-05-07 02:16 - 2016-05-11 12:26 - 00000000 ____D C:\windows\system32\MRT
2016-05-07 02:16 - 2016-04-10 07:03 - 143659408 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-07 01:32 - 2016-05-07 01:32 - 00758128 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-05-07 01:11 - 2012-06-02 09:57 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-05-07 01:11 - 2010-11-20 19:23 - 00681472 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2016-05-07 01:11 - 2010-11-20 19:23 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2016-05-07 01:11 - 2010-11-20 19:23 - 00182784 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2016-05-07 01:11 - 2010-11-20 19:23 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2016-05-07 01:11 - 2010-11-20 19:23 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2016-05-07 01:11 - 2010-11-20 19:23 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2016-05-07 01:11 - 2010-11-20 19:23 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2016-05-07 01:01 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fs_rec.sys
2016-05-07 01:01 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\wmi.dll
2016-05-07 01:01 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmi.dll
2016-05-07 00:55 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2016-05-07 00:55 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2016-05-07 00:55 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2016-05-07 00:55 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2016-05-07 00:55 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2016-05-07 00:55 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2016-05-07 00:55 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2016-05-07 00:55 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2016-05-07 00:53 - 2015-01-08 22:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2016-05-07 00:53 - 2009-07-13 17:41 - 00867840 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2016-05-07 00:53 - 2009-07-13 17:41 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2016-05-07 00:53 - 2009-07-13 17:16 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2016-05-07 00:53 - 2009-07-13 16:09 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\RNDISMP.sys
2016-05-07 00:52 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2016-05-07 00:52 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2016-05-07 00:52 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2016-05-07 00:52 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2016-05-07 00:52 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2016-05-07 00:52 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2016-05-07 00:52 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2016-05-07 00:52 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2016-05-07 00:51 - 2015-02-02 22:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2016-05-07 00:51 - 2015-02-02 22:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2016-05-07 00:51 - 2015-02-02 22:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2016-05-07 00:51 - 2015-02-02 22:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2016-05-07 00:51 - 2015-02-02 22:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2016-05-07 00:51 - 2015-02-02 22:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2016-05-07 00:51 - 2015-02-02 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2016-05-07 00:51 - 2015-02-02 22:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2016-05-07 00:51 - 2015-02-02 22:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2016-05-07 00:51 - 2015-02-02 22:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2016-05-07 00:51 - 2015-02-02 22:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2016-05-07 00:51 - 2015-02-02 22:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2016-05-07 00:51 - 2015-02-02 22:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2016-05-07 00:49 - 2015-07-22 19:02 - 01390592 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2016-05-07 00:49 - 2015-07-22 11:48 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2016-05-07 00:49 - 2015-07-15 13:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-05-07 00:49 - 2015-07-15 13:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2016-05-07 00:49 - 2015-07-15 13:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2016-05-07 00:49 - 2013-12-15 06:26 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2016-05-07 00:49 - 2013-12-12 00:39 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2016-05-07 00:48 - 2010-11-20 19:23 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2016-05-07 00:48 - 2009-07-13 17:41 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2016-05-07 00:48 - 2009-07-13 17:39 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2016-05-07 00:48 - 2009-07-13 17:14 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2016-05-07 00:47 - 2015-07-14 22:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-05-07 00:47 - 2010-11-20 19:24 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2016-05-07 00:47 - 2010-11-20 19:24 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2016-05-07 00:47 - 2010-11-20 19:23 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2016-05-07 00:47 - 2009-07-13 17:39 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2016-05-07 00:47 - 2009-07-13 17:39 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2016-05-07 00:47 - 2009-07-13 17:16 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2016-05-07 00:47 - 2009-07-13 17:14 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2016-05-07 00:47 - 2009-07-13 17:14 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2016-05-07 00:46 - 2016-01-16 12:01 - 02085888 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-05-07 00:46 - 2016-01-16 11:36 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-05-07 00:46 - 2014-10-31 15:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-05-07 00:46 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2016-05-07 00:46 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2016-05-07 00:45 - 2016-01-21 23:17 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-05-07 00:45 - 2016-01-21 23:02 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-05-07 00:45 - 2016-01-21 23:02 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2016-05-07 00:45 - 2010-11-20 19:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2016-05-07 00:45 - 2010-11-20 19:24 - 00322048 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2016-05-07 00:45 - 2010-11-20 19:24 - 00306688 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2016-05-07 00:45 - 2010-11-20 19:24 - 00280064 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2016-05-07 00:45 - 2010-11-20 19:24 - 00278016 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2016-05-07 00:45 - 2010-11-20 19:24 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2016-05-07 00:45 - 2010-11-20 19:24 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2016-05-07 00:45 - 2010-11-20 19:23 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2016-05-07 00:45 - 2010-11-20 19:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2016-05-07 00:45 - 2010-11-20 19:23 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2016-05-07 00:45 - 2010-11-20 19:23 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2016-05-07 00:44 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2016-05-07 00:44 - 2012-11-02 00:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2016-05-07 00:44 - 2012-11-02 00:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00994760 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:07 - 00011616 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00922432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-05-07 00:43 - 2015-11-19 09:06 - 00011616 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-05-07 00:43 - 2013-04-25 18:30 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2016-05-07 00:43 - 2013-03-31 17:52 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2016-05-07 00:42 - 2015-02-02 20:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-05-07 00:42 - 2015-02-02 20:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-05-07 00:42 - 2015-02-02 20:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2016-05-07 00:42 - 2015-02-02 20:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2016-05-07 00:42 - 2015-02-02 20:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-05-07 00:42 - 2015-02-02 20:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-05-07 00:42 - 2015-02-02 20:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2016-05-07 00:42 - 2015-02-02 20:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2016-05-07 00:42 - 2013-06-25 17:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2016-05-07 00:42 - 2012-11-28 17:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2016-05-07 00:42 - 2012-11-28 17:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2016-05-07 00:42 - 2012-11-28 17:56 - 00000003 _____ C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-05-07 00:42 - 2012-10-03 12:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2016-05-07 00:41 - 2016-02-12 13:52 - 03169792 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-05-07 00:41 - 2016-02-12 13:52 - 00192512 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-05-07 00:41 - 2016-02-12 13:52 - 00098816 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-05-07 00:41 - 2016-02-12 13:44 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2016-05-07 00:41 - 2016-02-12 13:39 - 00174080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2016-05-07 00:41 - 2016-02-12 13:22 - 02610688 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-05-07 00:41 - 2016-02-12 13:19 - 00709120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-05-07 00:41 - 2016-02-12 13:18 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-05-07 00:41 - 2016-02-12 13:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-05-07 00:41 - 2016-02-12 13:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-05-07 00:41 - 2016-02-12 13:18 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-05-07 00:41 - 2016-02-12 13:18 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2016-05-07 00:41 - 2016-02-12 13:06 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2016-05-07 00:41 - 2016-02-12 13:05 - 00093696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2016-05-07 00:41 - 2016-02-12 13:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2016-05-07 00:41 - 2016-02-12 13:05 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2016-05-07 00:41 - 2012-10-03 12:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2016-05-07 00:41 - 2010-11-20 19:24 - 00750080 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2016-05-07 00:41 - 2010-11-20 19:24 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2016-05-07 00:41 - 2010-11-20 19:24 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2016-05-07 00:41 - 2010-11-20 19:23 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2016-05-07 00:41 - 2009-07-13 17:42 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\xmllite.dll
2016-05-07 00:41 - 2009-07-13 17:41 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2016-05-07 00:41 - 2009-07-13 17:30 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2016-05-07 00:41 - 2009-07-13 17:16 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\xmllite.dll
2016-05-07 00:41 - 2009-07-13 17:16 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2016-05-07 00:41 - 2009-07-13 17:07 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2016-05-07 00:40 - 2015-11-10 13:55 - 01008640 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-05-07 00:40 - 2015-11-10 13:37 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-05-07 00:40 - 2013-04-12 17:45 - 01656680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2016-05-07 00:40 - 2010-11-20 19:25 - 02314752 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 02223616 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 01548288 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 01401344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 00288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2016-05-07 00:40 - 2010-11-20 19:25 - 00197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2016-05-07 00:40 - 2010-11-20 19:24 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntshrui.dll
2016-05-07 00:40 - 2010-11-20 19:24 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-05-07 00:40 - 2010-11-20 19:23 - 00509952 _____ (Microsoft Corporation) C:\windows\system32\ntshrui.dll
2016-05-07 00:40 - 2009-07-13 17:41 - 00491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2016-05-07 00:40 - 2009-07-13 17:41 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2016-05-07 00:40 - 2009-07-13 17:41 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-05-07 00:40 - 2009-07-13 17:40 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2016-05-07 00:40 - 2009-07-13 17:40 - 00113152 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-05-07 00:40 - 2009-07-13 17:40 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2016-05-07 00:40 - 2009-07-13 17:39 - 00593408 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2016-05-07 00:40 - 2009-07-13 17:39 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2016-05-07 00:40 - 2009-07-13 17:39 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2016-05-07 00:40 - 2009-07-13 17:16 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-05-07 00:40 - 2009-07-13 17:15 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2016-05-07 00:40 - 2009-07-13 17:15 - 00191488 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2016-05-07 00:40 - 2009-07-13 17:15 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2016-05-07 00:40 - 2009-07-13 17:15 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2016-05-07 00:40 - 2009-07-13 17:14 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2016-05-07 00:40 - 2009-07-13 17:14 - 00164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2016-05-07 00:40 - 2009-07-13 17:14 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2016-05-07 00:39 - 2016-01-07 12:42 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2016-05-07 00:39 - 2015-07-14 20:19 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-05-07 00:39 - 2015-07-14 20:14 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-05-07 00:39 - 2015-07-14 19:55 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-05-07 00:39 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-05-07 00:39 - 2015-07-10 12:51 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2016-05-07 00:39 - 2015-07-10 12:51 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2016-05-07 00:39 - 2015-07-10 12:51 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2016-05-07 00:39 - 2015-07-10 12:34 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2016-05-07 00:39 - 2015-07-10 12:34 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2016-05-07 00:39 - 2015-07-10 12:33 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2016-05-07 00:39 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2016-05-07 00:39 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2016-05-07 00:39 - 2011-11-17 01:35 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\webio.dll
2016-05-07 00:39 - 2011-11-17 00:35 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\webio.dll
2016-05-07 00:39 - 2010-11-20 19:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2016-05-07 00:39 - 2010-11-20 19:24 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2016-05-07 00:39 - 2010-11-20 19:24 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2016-05-07 00:39 - 2010-11-20 19:24 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2016-05-07 00:39 - 2010-11-20 19:23 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2016-05-07 00:39 - 2009-07-13 17:42 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2016-05-07 00:38 - 2016-02-03 13:07 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS
2016-05-07 00:38 - 2015-08-05 12:56 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2016-05-07 00:38 - 2015-07-01 15:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2016-05-07 00:38 - 2015-07-01 15:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2016-05-07 00:38 - 2015-07-01 15:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2016-05-07 00:38 - 2015-07-01 15:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2016-05-07 00:38 - 2015-04-24 13:17 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2016-05-07 00:38 - 2015-04-24 12:56 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2016-05-07 00:38 - 2015-04-12 22:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2016-05-07 00:38 - 2015-02-02 22:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2016-05-07 00:38 - 2015-02-02 22:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2016-05-07 00:38 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2016-05-07 00:38 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2016-05-07 00:38 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2016-05-07 00:38 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2016-05-07 00:38 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2016-05-07 00:38 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2016-05-07 00:38 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2016-05-07 00:38 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2016-05-07 00:38 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2016-05-07 00:38 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2016-05-07 00:38 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2016-05-07 00:38 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2016-05-07 00:38 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2016-05-07 00:38 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2016-05-07 00:38 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2016-05-07 00:38 - 2013-07-12 05:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2016-05-07 00:38 - 2013-07-12 05:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2016-05-07 00:38 - 2013-02-11 23:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2016-05-07 00:38 - 2010-11-20 19:25 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2016-05-07 00:38 - 2010-11-20 19:24 - 02543616 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2016-05-07 00:38 - 2010-11-20 19:24 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-05-07 00:38 - 2010-11-20 19:24 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2016-05-07 00:38 - 2010-11-20 19:24 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2016-05-07 00:38 - 2009-07-13 20:47 - 00073280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-05-07 00:37 - 2016-02-04 20:19 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
2016-05-07 00:37 - 2016-02-04 13:41 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
2016-05-07 00:37 - 2016-02-03 13:58 - 00862208 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-05-07 00:37 - 2016-02-03 13:52 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
2016-05-07 00:37 - 2016-02-03 13:49 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-05-07 00:37 - 2016-02-03 13:43 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
2016-05-07 00:37 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2016-05-07 00:37 - 2015-11-13 18:09 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2016-05-07 00:37 - 2015-11-13 18:08 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2016-05-07 00:37 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2016-05-07 00:37 - 2015-11-13 17:50 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2016-05-07 00:37 - 2015-11-13 17:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2016-05-07 00:37 - 2015-11-11 13:53 - 01735680 _____ (Microsoft Corporation) C:\windows\system32\comsvcs.dll
2016-05-07 00:37 - 2015-11-11 13:53 - 00525312 _____ (Microsoft Corporation) C:\windows\system32\catsrvut.dll
2016-05-07 00:37 - 2015-11-11 13:39 - 01242624 _____ (Microsoft Corporation) C:\windows\SysWOW64\comsvcs.dll
2016-05-07 00:37 - 2015-11-11 13:39 - 00487936 _____ (Microsoft Corporation) C:\windows\SysWOW64\catsrvut.dll
2016-05-07 00:37 - 2015-11-05 14:05 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wshrm.dll
2016-05-07 00:37 - 2015-11-05 14:02 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshrm.dll
2016-05-07 00:37 - 2015-11-05 04:53 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
2016-05-07 00:37 - 2015-11-03 14:04 - 00802304 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2016-05-07 00:37 - 2015-11-03 13:56 - 00627712 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2016-05-07 00:37 - 2015-10-13 11:41 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2016-05-07 00:37 - 2015-10-13 11:40 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2016-05-07 00:37 - 2015-06-01 19:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2016-05-07 00:37 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2016-05-07 00:37 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2016-05-07 00:37 - 2014-01-28 21:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2016-05-07 00:37 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2016-05-07 00:37 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2016-05-07 00:37 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2016-05-07 00:37 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2016-05-07 00:37 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2016-05-07 00:37 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2016-05-07 00:37 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2016-05-07 00:37 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2016-05-07 00:37 - 2013-07-02 23:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2016-05-07 00:37 - 2013-07-02 23:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2016-05-07 00:37 - 2011-06-15 05:02 - 00212992 _____ (Microsoft Corporation) C:\windows\system32\odbctrac.dll
2016-05-07 00:37 - 2011-06-15 05:02 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\odbccp32.dll
2016-05-07 00:37 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccu32.dll
2016-05-07 00:37 - 2011-06-15 05:02 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\odbccr32.dll
2016-05-07 00:37 - 2011-06-15 03:55 - 00319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcjt32.dll
2016-05-07 00:37 - 2011-06-15 03:55 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbctrac.dll
2016-05-07 00:37 - 2011-06-15 03:55 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccp32.dll
2016-05-07 00:37 - 2011-06-15 03:55 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccu32.dll
2016-05-07 00:37 - 2011-06-15 03:55 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbccr32.dll
2016-05-07 00:37 - 2010-11-20 19:24 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2016-05-07 00:37 - 2010-11-20 19:24 - 01371136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2016-05-07 00:37 - 2010-11-20 19:24 - 00515584 _____ (Microsoft Corporation) C:\windows\system32\timedate.cpl
2016-05-07 00:37 - 2010-11-20 19:24 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2016-05-07 00:37 - 2010-11-20 19:24 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2016-05-07 00:37 - 2010-11-20 19:23 - 00478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\timedate.cpl
2016-05-07 00:37 - 2010-11-20 19:23 - 00155520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2016-05-07 00:37 - 2009-07-13 17:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2016-05-07 00:37 - 2009-07-13 17:40 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\dwmapi.dll
2016-05-07 00:37 - 2009-07-13 17:40 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2016-05-07 00:37 - 2009-07-13 17:39 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2016-05-07 00:37 - 2009-07-13 17:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2016-05-07 00:37 - 2009-07-13 17:15 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmapi.dll
2016-05-07 00:37 - 2009-07-13 17:14 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2016-05-07 00:36 - 2016-02-05 13:54 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2016-05-07 00:36 - 2016-02-05 13:54 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2016-05-07 00:36 - 2016-02-05 13:53 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2016-05-07 00:36 - 2016-02-05 13:53 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2016-05-07 00:36 - 2016-02-05 13:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2016-05-07 00:36 - 2016-02-05 13:44 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2016-05-07 00:36 - 2016-02-05 13:42 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2016-05-07 00:36 - 2016-02-05 12:48 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2016-05-07 00:36 - 2016-02-05 12:43 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2016-05-07 00:36 - 2016-02-05 12:43 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2016-05-07 00:36 - 2015-09-23 06:15 - 00460776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-05-07 00:36 - 2015-09-23 06:15 - 00299632 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2016-05-07 00:36 - 2015-09-23 06:09 - 00251000 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2016-05-07 00:36 - 2015-06-15 16:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-05-07 00:36 - 2015-06-15 16:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2016-05-07 00:36 - 2015-06-15 16:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2016-05-07 00:36 - 2015-06-15 16:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-05-07 00:36 - 2015-06-15 16:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2016-05-07 00:36 - 2015-06-15 16:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2016-05-07 00:36 - 2015-06-15 16:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2016-05-07 00:36 - 2015-06-15 16:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2016-05-07 00:36 - 2013-09-07 21:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2016-05-07 00:36 - 2013-09-07 21:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2016-05-07 00:36 - 2012-08-21 16:01 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\OxpsConverter.exe
2016-05-07 00:36 - 2010-11-20 19:24 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-05-07 00:36 - 2009-07-13 17:41 - 00107008 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-05-07 00:36 - 2009-07-13 17:16 - 00060928 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-05-07 00:35 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2016-05-07 00:35 - 2015-07-09 12:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2016-05-07 00:35 - 2015-07-09 12:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2016-05-07 00:35 - 2012-12-07 06:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2016-05-07 00:35 - 2012-12-07 06:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2016-05-07 00:35 - 2012-12-07 06:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2016-05-07 00:35 - 2012-12-07 06:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2016-05-07 00:35 - 2012-12-07 05:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2016-05-07 00:35 - 2012-12-07 05:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2016-05-07 00:35 - 2012-12-07 05:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2016-05-07 00:35 - 2012-12-07 05:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2016-05-07 00:35 - 2010-11-20 19:25 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2016-05-07 00:35 - 2010-11-20 19:24 - 02746880 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2016-05-07 00:35 - 2009-07-13 17:41 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2016-05-07 00:35 - 2009-07-13 17:16 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2016-05-07 00:35 - 2009-07-13 15:55 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00053760 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00037376 _____ (Microsoft) C:\windows\system32\pegi.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00031232 _____ (Microsoft) C:\windows\system32\usk.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00016896 _____ (Microsoft) C:\windows\system32\grb.rs
2016-05-07 00:35 - 2009-07-13 15:55 - 00007680 _____ (Microsoft) C:\windows\system32\csrr.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00053760 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00037376 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00031232 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00016896 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2016-05-07 00:35 - 2009-07-13 15:40 - 00007680 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2016-05-07 00:35 - 2009-07-13 15:39 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2016-05-07 00:23 - 2016-01-22 01:18 - 00961024 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2016-05-07 00:23 - 2016-01-22 01:18 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\EncDec.dll
2016-05-07 00:23 - 2016-01-22 01:04 - 00642048 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2016-05-07 00:23 - 2016-01-22 01:04 - 00535040 _____ (Microsoft Corporation) C:\windows\SysWOW64\EncDec.dll
2016-05-07 00:23 - 2011-08-17 00:26 - 00613888 _____ (Microsoft Corporation) C:\windows\system32\psisdecd.dll
2016-05-07 00:23 - 2011-08-17 00:25 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\psisrndr.ax
2016-05-07 00:23 - 2011-08-16 23:24 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisdecd.dll
2016-05-07 00:23 - 2011-08-16 23:19 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\psisrndr.ax
2016-05-07 00:22 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2016-05-07 00:22 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2016-05-07 00:21 - 2015-12-08 16:54 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 01568768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVENCOD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 01325056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOE.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00902144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00815616 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOE.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00740352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
2016-05-07 00:21 - 2015-12-08 16:54 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVXENCD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00358400 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSENCD.DLL
2016-05-07 00:21 - 2015-12-08 16:54 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\VIDRESZR.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00970240 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2adec.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00829952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00609280 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFWMAAEC.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00415744 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP4SDECD.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MPG4DECD.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00241152 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP43DECD.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\RESAMPLEDMO.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
2016-05-07 00:21 - 2015-12-08 16:53 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\COLORCNV.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00079872 _____ (Microsoft Corporation) C:\windows\SysWOW64\MP3DMOD.DLL
2016-05-07 00:21 - 2015-12-08 16:53 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\devenum.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfvdsp.dll
2016-05-07 00:21 - 2015-12-08 16:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2016-05-07 00:21 - 2015-12-08 16:53 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2016-05-07 00:21 - 2015-12-08 16:53 - 00004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksuser.dll
2016-05-07 00:21 - 2015-12-08 16:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 01955328 _____ (Microsoft Corporation) C:\windows\system32\WMVENCOD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 01575424 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOE.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 01573888 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 01393152 _____ (Microsoft Corporation) C:\windows\system32\WMALFXGFXDSP.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 01307136 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2adec.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 01153024 _____ (Microsoft Corporation) C:\windows\system32\WMADMOE.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 01026048 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 01010688 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\MP4SDECD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00642048 _____ (Microsoft Corporation) C:\windows\system32\WMVXENCD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00632320 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\MFWMAAEC.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\WMVSENCD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\SysFxUI.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00292352 _____ (Microsoft Corporation) C:\windows\system32\VIDRESZR.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00225792 _____ (Microsoft Corporation) C:\windows\system32\RESAMPLEDMO.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00224768 _____ (Microsoft Corporation) C:\windows\system32\MPG4DECD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\MP43DECD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\COLORCNV.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\MP3DMOD.DLL
2016-05-07 00:21 - 2015-12-08 14:07 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\devenum.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\mfvdsp.dll
2016-05-07 00:21 - 2015-12-08 14:07 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2016-05-07 00:21 - 2015-12-08 14:07 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\ksuser.dll
2016-05-07 00:21 - 2015-12-08 14:06 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
2016-05-07 00:21 - 2015-12-08 14:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2016-05-07 00:21 - 2015-12-08 14:04 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2016-05-07 00:21 - 2015-12-08 13:54 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2016-05-07 00:21 - 2015-12-08 13:12 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2016-05-07 00:21 - 2015-12-08 13:11 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmkaud.sys
2016-05-07 00:21 - 2015-02-18 02:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2016-05-07 00:21 - 2015-02-18 02:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2016-05-07 00:19 - 2016-02-09 04:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
2016-05-07 00:19 - 2015-12-08 16:53 - 00509952 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2016-05-07 00:19 - 2015-12-08 14:07 - 00624640 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2016-05-07 00:19 - 2015-07-14 20:19 - 02004992 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2016-05-07 00:19 - 2015-07-14 20:14 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2016-05-07 00:19 - 2015-07-14 19:55 - 01390592 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2016-05-07 00:19 - 2015-07-14 19:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2016-05-07 00:19 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2016-05-07 00:19 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2016-05-07 00:19 - 2015-02-24 22:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2016-05-07 00:19 - 2015-01-16 21:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2016-05-07 00:19 - 2015-01-16 21:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2016-05-07 00:19 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2016-05-07 00:19 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2016-05-07 00:19 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2016-05-07 00:19 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2016-05-07 00:19 - 2013-04-26 00:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2016-05-07 00:19 - 2013-04-25 23:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2016-05-07 00:19 - 2012-09-25 17:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2016-05-07 00:19 - 2012-09-25 17:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2016-05-07 00:19 - 2012-03-17 02:58 - 00075120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\partmgr.sys
2016-05-07 00:19 - 2010-11-20 22:23 - 00273792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2016-05-07 00:19 - 2010-11-20 19:24 - 02018304 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-05-07 00:19 - 2010-11-20 19:24 - 01175040 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-05-07 00:19 - 2010-11-20 19:24 - 00189824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-05-07 00:19 - 2010-11-20 19:24 - 00027520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2016-05-07 00:19 - 2009-07-13 17:42 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2016-05-07 00:19 - 2009-07-13 17:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-05-07 00:19 - 2009-07-13 17:42 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-05-07 00:19 - 2009-07-13 17:39 - 00265728 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2016-05-07 00:19 - 2009-07-13 17:39 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2016-05-07 00:19 - 2009-07-13 17:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2016-05-07 00:19 - 2009-07-13 17:16 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2016-05-07 00:19 - 2009-07-13 17:16 - 00213504 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-05-07 00:19 - 2009-07-13 17:16 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-05-07 00:19 - 2009-07-13 17:14 - 00198144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2016-05-07 00:19 - 2009-07-13 17:14 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2016-05-07 00:19 - 2009-07-13 17:06 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2016-05-07 00:19 - 2009-07-13 16:06 - 00068864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stream.sys
2016-05-07 00:18 - 2014-07-16 21:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2016-05-07 00:18 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2016-05-07 00:18 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2016-05-07 00:18 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2016-05-07 00:18 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2016-05-07 00:18 - 2014-07-16 20:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2016-05-07 00:18 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2016-05-07 00:18 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2016-05-07 00:18 - 2012-04-26 00:41 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\rdpwsx.dll
2016-05-07 00:18 - 2012-04-26 00:34 - 00009216 _____ (Microsoft Corporation) C:\windows\system32\rdrmemptylst.exe
2016-05-07 00:17 - 2015-08-06 11:04 - 14176768 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-05-07 00:17 - 2015-08-06 11:03 - 01866752 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-05-07 00:17 - 2015-08-06 10:44 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-05-07 00:17 - 2015-08-06 10:44 - 01498624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-05-07 00:17 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-05-07 00:17 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-05-07 00:17 - 2010-11-20 19:24 - 02872320 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-05-07 00:17 - 2010-11-20 19:24 - 02616320 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-05-07 00:16 - 2016-02-09 04:57 - 14634496 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2016-05-07 00:16 - 2016-02-09 04:57 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2016-05-07 00:16 - 2016-02-09 04:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2016-05-07 00:16 - 2016-02-09 04:56 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2016-05-07 00:16 - 2016-02-09 04:54 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2016-05-07 00:16 - 2016-02-09 04:51 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2016-05-07 00:16 - 2016-02-09 04:51 - 11411456 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2016-05-07 00:16 - 2016-02-09 04:13 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2016-05-07 00:16 - 2016-02-09 04:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2016-05-07 00:16 - 2016-02-09 04:13 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2016-05-07 00:16 - 2012-11-22 22:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2016-05-07 00:16 - 2012-07-04 17:16 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\netapi32.dll
2016-05-07 00:16 - 2012-07-04 17:13 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\browser.dll
2016-05-07 00:16 - 2012-07-04 17:13 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\browcli.dll
2016-05-07 00:16 - 2012-07-04 16:16 - 00057344 _____ (Microsoft Corporation) C:\windows\SysWOW64\netapi32.dll
2016-05-07 00:16 - 2012-07-04 16:14 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\browcli.dll
2016-05-07 00:16 - 2009-07-13 17:40 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2016-05-07 00:16 - 2009-07-13 17:15 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2016-05-07 00:15 - 2015-10-12 23:57 - 00950720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
2016-05-07 00:15 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2016-05-07 00:15 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2016-05-07 00:15 - 2011-05-24 06:42 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\umpnpmgr.dll
2016-05-07 00:15 - 2011-05-24 05:40 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\devobj.dll
2016-05-07 00:15 - 2011-05-24 05:40 - 00044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\devrtl.dll
2016-05-07 00:15 - 2011-05-24 05:39 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\cfgmgr32.dll
2016-05-07 00:15 - 2011-05-24 05:37 - 00252928 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvinst.exe
2016-05-07 00:14 - 2015-11-03 14:04 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\els.dll
2016-05-07 00:14 - 2015-11-03 13:55 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\els.dll
2016-05-07 00:14 - 2014-12-07 22:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2016-05-07 00:14 - 2014-12-07 21:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2016-05-07 00:14 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2016-05-07 00:14 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2016-05-07 00:14 - 2013-10-11 21:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2016-05-07 00:14 - 2013-10-11 21:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2016-05-07 00:14 - 2013-10-11 21:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2016-05-07 00:14 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2016-05-07 00:14 - 2013-10-11 21:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2016-05-07 00:14 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2016-05-07 00:14 - 2013-10-11 21:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2016-05-07 00:14 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2016-05-07 00:14 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2016-05-07 00:14 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2016-05-07 00:14 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2016-05-07 00:14 - 2013-05-13 00:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2016-05-07 00:14 - 2013-05-12 22:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2016-05-07 00:14 - 2013-05-12 22:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2016-05-07 00:14 - 2013-05-12 22:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2016-05-07 00:14 - 2012-06-06 01:02 - 01133568 _____ (Microsoft Corporation) C:\windows\system32\cdosys.dll
2016-05-07 00:14 - 2012-06-06 00:03 - 00805376 _____ (Microsoft Corporation) C:\windows\SysWOW64\cdosys.dll
2016-05-07 00:14 - 2012-05-14 00:26 - 00956928 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2016-05-07 00:14 - 2011-12-16 03:46 - 00634880 _____ (Microsoft Corporation) C:\windows\system32\msvcrt.dll
2016-05-07 00:14 - 2011-12-16 02:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcrt.dll
2016-05-07 00:14 - 2011-08-27 00:37 - 00331776 _____ (Microsoft Corporation) C:\windows\system32\oleacc.dll
2016-05-07 00:14 - 2011-08-26 23:26 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleacc.dll
2016-05-07 00:14 - 2011-02-22 23:55 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2016-05-07 00:14 - 2010-11-20 19:24 - 00223248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2016-05-07 00:14 - 2010-11-20 19:24 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2016-05-07 00:13 - 2015-03-03 23:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2016-05-07 00:13 - 2015-03-03 23:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2016-05-07 00:13 - 2015-03-03 23:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2016-05-07 00:03 - 2012-02-17 01:38 - 01031680 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2016-05-07 00:03 - 2012-02-17 00:34 - 00826880 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2016-05-07 00:03 - 2012-02-16 23:57 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdtcp.sys
2016-05-06 22:44 - 2016-05-06 22:44 - 00000000 ____D C:\8d3221aaf674d80d6b09b9497627
2016-05-06 22:37 - 2016-05-06 22:37 - 00000000 ____D C:\e2584d84fb513ee8f2378a
2016-05-06 22:34 - 2016-05-06 22:34 - 00000000 ____D C:\ca6a37dfa73443a9968f13
2016-05-06 22:25 - 2016-05-06 22:25 - 00097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-06 22:25 - 2016-05-06 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-06 22:24 - 2016-05-06 22:24 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-06 22:23 - 2016-05-11 16:55 - 00001844 _____ C:\Users\Public\Desktop\McAfee AntiVirus Plus.lnk
2016-05-06 22:18 - 2016-05-06 22:18 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Macromedia
2016-05-06 21:59 - 2016-05-14 17:47 - 00000000 ____D C:\Program Files (x86)\Amazon Browser Settings
2016-05-06 21:59 - 2016-05-07 00:03 - 00000000 ___SD C:\Users\Paul\AppData\LocalLow\Temp
2016-05-06 21:59 - 2016-05-06 21:59 - 00000000 ____D C:\Users\Paul\AppData\Local\Amazon Browser Settings
2016-05-06 21:58 - 2016-05-06 22:25 - 00000000 ____D C:\ProgramData\Oracle
2016-05-06 21:58 - 2016-05-06 21:58 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Sun
2016-05-06 21:58 - 2016-05-06 21:58 - 00000000 ____D C:\Users\Paul\AppData\LocalLow\Sun
2016-05-06 21:58 - 2016-05-06 21:58 - 00000000 ____D C:\Users\Paul\.oracle_jre_usage
2016-05-06 21:57 - 2016-05-06 21:57 - 00000000 ____D C:\Users\Paul\AppData\LocalLow\Oracle
2016-05-06 21:50 - 2016-05-14 20:50 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Adobe
2016-05-06 21:46 - 2016-05-19 21:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-06 21:46 - 2016-05-14 20:34 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-06 21:46 - 2016-05-10 18:03 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-06 21:46 - 2016-05-06 21:46 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-06 21:44 - 2016-05-14 21:42 - 00000000 ____D C:\Users\Paul\AppData\Local\Adobe
2016-05-06 21:19 - 2016-05-06 21:19 - 00000000 ____D C:\Users\Paul\AppData\Local\Microsoft Games
2016-05-06 20:52 - 2016-05-06 21:50 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Google
2016-05-06 20:49 - 2016-05-14 20:50 - 00066832 _____ C:\Users\Paul\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-06 20:49 - 2016-05-12 18:20 - 00000000 ____D C:\Users\Paul\AppData\Local\Deployment
2016-05-06 20:49 - 2016-05-06 20:49 - 00000000 ____D C:\Users\Paul\AppData\Local\EgisTec IPS
2016-05-06 20:49 - 2016-05-06 20:49 - 00000000 ____D C:\Users\Paul\AppData\Local\BioExcess
2016-05-06 20:49 - 2016-05-06 20:49 - 00000000 ____D C:\Users\Paul\AppData\Local\Apps\2.0
2016-05-06 20:48 - 2016-05-27 21:11 - 00000000 ____D C:\Users\Paul
2016-05-06 20:48 - 2016-05-15 22:39 - 00000000 ____D C:\Users\Paul\AppData\Local\VirtualStore
2016-05-06 20:48 - 2016-05-07 08:57 - 00001409 _____ C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-06 20:48 - 2016-05-06 20:49 - 00002086 _____ C:\Users\Paul\Desktop\OneKey Recovery.lnk
2016-05-06 20:48 - 2016-05-06 20:49 - 00001118 _____ C:\Users\Paul\Desktop\Cyberlink Power2Go.lnk
2016-05-06 20:48 - 2016-05-06 20:49 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-05-06 20:48 - 2016-05-06 20:48 - 00000020 ___SH C:\Users\Paul\ntuser.ini
2016-05-06 20:48 - 2016-05-06 20:48 - 00000000 _SHDL C:\Users\Paul\My Documents
2016-05-06 20:48 - 2016-05-06 20:48 - 00000000 _SHDL C:\Users\Paul\Documents\My Videos
2016-05-06 20:48 - 2016-05-06 20:48 - 00000000 _SHDL C:\Users\Paul\Documents\My Pictures
2016-05-06 20:48 - 2016-05-06 20:48 - 00000000 _SHDL C:\Users\Paul\Documents\My Music
2016-05-06 20:48 - 2016-05-06 20:48 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Intel
2016-05-06 20:48 - 2011-02-22 06:42 - 00000000 ____D C:\Users\Paul\AppData\Roaming\Media Center Programs
2016-05-06 20:48 - 2010-12-19 00:31 - 00000189 _____ C:\Users\Paul\Desktop\Lenovo Telephony Start Now.url
2016-05-06 13:38 - 2016-05-13 15:33 - 00000000 ____D C:\Users\Paul\Adobe Premiere Pro CC 2015 v9.0 + Crack
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-27 21:34 - 2009-07-14 00:13 - 00832406 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-27 21:34 - 2009-07-13 22:20 - 00000000 ____D C:\windows\inf
2016-05-27 21:28 - 2012-03-17 09:55 - 00112751 _____ C:\windows\system32\fastboot.set
2016-05-27 13:15 - 2009-07-13 23:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-27 13:15 - 2009-07-13 23:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-27 13:10 - 2012-03-17 09:39 - 00000000 ____D C:\ProgramData\VeriFace
2016-05-27 13:03 - 2009-07-14 00:08 - 00011736 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-05-27 13:03 - 2009-07-14 00:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-26 21:14 - 2012-03-17 09:52 - 00000000 ____D C:\Program Files\Google
2016-05-26 19:07 - 2012-03-17 09:34 - 00000000 ____D C:\ProgramData\McAfee
2016-05-26 18:07 - 2012-03-17 09:51 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-26 13:16 - 2012-03-17 09:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-05-21 14:06 - 2012-03-17 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-19 00:21 - 2009-07-14 00:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2016-05-18 16:43 - 2012-03-17 08:58 - 00001614 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-05-18 16:43 - 2012-03-17 08:58 - 00001435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-05-18 16:43 - 2009-07-13 23:57 - 00001712 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-15 13:27 - 2009-07-13 23:45 - 00290392 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-14 20:30 - 2012-03-17 09:33 - 00000000 ____D C:\ProgramData\Adobe
2016-05-12 03:32 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-12 03:32 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Services
2016-05-12 03:31 - 2011-02-22 06:42 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 03:31 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-12 03:31 - 2009-07-13 22:20 - 00000000 ____D C:\windows\SysWOW64\Dism
2016-05-12 03:30 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\Dism
2016-05-12 03:30 - 2009-07-13 22:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2016-05-11 19:48 - 2009-07-13 22:20 - 00000000 ____D C:\windows\rescache
2016-05-11 18:09 - 2012-03-17 09:34 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-05-11 12:11 - 2009-07-13 22:20 - 00000000 ____D C:\windows\AppCompat
2016-05-10 21:19 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-05-10 18:25 - 2009-07-13 22:20 - 00000000 ____D C:\windows\PolicyDefinitions
2016-05-10 18:02 - 2012-03-17 09:51 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-10 18:02 - 2012-03-17 09:51 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 18:02 - 2012-03-17 09:51 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-09 16:37 - 2009-07-13 22:20 - 00000000 ____D C:\windows\tracing
2016-05-07 08:44 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-05-07 08:44 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-05-07 03:24 - 2012-03-17 09:34 - 00000000 ____D C:\Program Files\mcafee
2016-05-07 03:24 - 2012-03-17 09:34 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-05-06 21:18 - 2012-03-17 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-05-06 15:46 - 2011-02-22 06:19 - 00000000 ____D C:\windows\Panther
 
==================== Files in the root of some directories =======
 
2016-05-21 18:23 - 2016-05-21 18:23 - 0004908 _____ () C:\ProgramData\lbogtyso.zat
2016-05-21 18:23 - 2016-05-21 18:23 - 0000016 _____ () C:\ProgramData\mntemp
2016-05-12 18:17 - 2016-05-12 18:17 - 0006378 _____ () C:\ProgramData\SMRResults501.dat
 
Files to move or delete:
====================
C:\ProgramData\SMRResults501.dat
 
 
Some files in TEMP:
====================
C:\Users\Paul\AppData\Local\Temp\dllnt_dump.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-09 17:50
 
==================== End of FRST.txt ============================


#4 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 27 May 2016 - 10:14 PM

Here is the ADDITION.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-05-2016 01
Ran by Paul (2016-05-26 20:40:17)
Running from C:\Users\Paul\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2016-05-07 01:48:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-5769159-3156681398-1803590098-500 - Administrator - Disabled)
Guest (S-1-5-21-5769159-3156681398-1803590098-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-5769159-3156681398-1803590098-1002 - Limited - Enabled)
Paul (S-1-5-21-5769159-3156681398-1803590098-1000 - Administrator - Enabled) => C:\Users\Paul
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Active Protection System (HKLM-x32\...\{F493761C-E465-4B9E-9FC1-A312F161DE0A}) (Version: 1.70.11 - Lenovo)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{FFB768E4-E427-4553-BC36-A11F5E62A94D}) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.4.6714 - )
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Best Buy Connect (HKLM-x32\...\{B435FD87-CA14-45E3-9D0B-A30F1F9F3866}) (Version: 3.00.68 - Best Buy)
Best Buy pc app (HKU\S-1-5-21-5769159-3156681398-1803590098-1000\...\48e4cff94f039634) (Version: 3.2.420.5 - Best Buy)
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
BioExcess (HKLM-x32\...\InstallShield_{E6CB67CC-71D2-46b9-8D43-A4641A9EECB2}) (Version: 7.0.67.0 - Egis Technology Inc.)
BioExcess (Version: 7.0.67.0 - Egis Technology Inc.) Hidden
BioExcess (x32 Version: 7.0.67.0 - Egis Technology Inc.) Hidden
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3623 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EgisTec ES603 WDM Driver (HKLM-x32\...\InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}) (Version: 3.0.10.4 - Egis Technology Inc.)
Electa Live Screen Recorder (HKLM-x32\...\{ACBEFFFE-9499-407A-8D44-C1DDB3DB94F0}) (Version: 1.2 - ELECTA COMMUNICATIONS LTD)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.1 - Lenovo)
Energy Management (x32 Version: 6.0.2.1 - Lenovo) Hidden
ES603 WDM Driver (x32 Version: 3.0.10.4 - Egis Technology Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.10.1201.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo Security Suite (HKLM-x32\...\InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}) (Version: 2.0.11.0 - Lenovo)
Lenovo Security Suite (x32 Version: 2.0.11.0 - Lenovo) Hidden
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.8185 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.190 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Port Locker (HKLM-x32\...\InstallShield_{A6FEE06D-C7E1-48CB-A9DF-1E317CF83CA4}) (Version: 1.0.5.24 - Egis Technology Inc.)
Port Locker (Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Port Locker (x32 Version: 1.0.5.24 - Egis Technology Inc.) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
Python 3.5.1 (32-bit) (HKU\S-1-5-21-5769159-3156681398-1803590098-1000\...\{c39d559b-aa83-4476-ba20-988a35a1199a}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Core Interpreter (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Launcher (32-bit) (HKLM-x32\...\{17778F7B-FB5A-4A93-9719-D75BAF673498}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.1 pip Bootstrap (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (32-bit) (x32 Version: 3.5.1150.0 - Python Software Foundation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.2.6 - Reimage) <==== ATTENTION
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1218 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.7.0 - Synaptics Incorporated)
Universe Sandbox ² (HKLM\...\Steam App 230290) (Version:  - Giant Army)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System  (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {043DB609-FB31-4CEE-B71B-86D2EEAF9D31} - System32\Tasks\SUPERAntiSpyware Scheduled Task 290c1bc7-742b-4959-91ef-96d11db621e2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) <==== ATTENTION
Task: {12FB4929-E23A-4524-8A96-97B86CAD1C47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-06] (Google Inc.)
Task: {24671B09-7E8B-4B42-8FDE-BDA1D5A4E49F} - \DistromaticSearchProtect-hourly -> No File <==== ATTENTION
Task: {2FFD50E1-6DE4-4AC4-911C-74E8EE8DFC5B} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {5838866E-9709-4D2D-8CBB-651B19B299A2} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-31] (McAfee, Inc.)
Task: {5AD21B14-538A-49E1-A126-D90B4D4217C2} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
Task: {5CA14685-6439-4677-95A9-C4121A3E784F} - System32\Tasks\{8292091F-0A30-4435-8A4D-95DA93686466} => pcalua.exe -a C:\Users\Paul\Downloads\HijackThis.exe -d C:\Users\Paul\Downloads
Task: {796639FA-A2E0-475B-A004-34CB590751E1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-24] (CyberLink)
Task: {81E14746-4FED-42B1-AA63-B1F69459F50F} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-05-12] (McAfee, Inc.)
Task: {8FE3726C-C2AB-4800-849A-7115FE734B31} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9EAD9717-146A-45B8-A161-CAA2A20421A5} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-05-12] (McAfee, Inc.)
Task: {9EF2AD77-3CAF-4ABD-8814-BE037E2F9D38} - System32\Tasks\SUPERAntiSpyware Scheduled Task a5ec0233-3787-4269-ba6f-14949540ce98 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) <==== ATTENTION
Task: {C7B3C08D-1E00-4401-BCE0-1257A65D8BB1} - \DistromaticUpdater-logon -> No File <==== ATTENTION
Task: {CB134CD5-6F47-4A00-B52F-69C7448C1F48} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-21] (Adobe Systems Incorporated)
Task: {D124D781-F7E8-420E-9727-9A645595A7D3} - \DistromaticSearchProtect-logon -> No File <==== ATTENTION
Task: {DB62FC0A-D7F2-4634-A2C4-0DF49A470DB2} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2016-03-10] (McAfee, Inc.)
Task: {E1952AA3-44E0-4355-BDA6-35070EB62771} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-06] (Google Inc.)
Task: {F9A8611E-34AA-4944-BF62-ACFC4E887836} - \DistromaticUpdater-periodic -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 290c1bc7-742b-4959-91ef-96d11db621e2.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <==== ATTENTION
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task a5ec0233-3787-4269-ba6f-14949540ce98.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe <==== ATTENTION
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-11-02 07:58 - 2010-11-02 07:58 - 01501696 _____ () c:\program files\common files\intel\wirelesscommon\LIBEAY32.dll
2010-11-02 07:58 - 2010-11-02 07:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-03-17 09:39 - 2012-03-17 09:39 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2012-03-17 09:39 - 2012-03-17 09:39 - 00628064 _____ () C:\windows\system32\SimpleExt.dll
2009-01-21 11:45 - 2009-01-21 11:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec BioExcess\x64\LIBEAY32.dll
2015-08-19 03:56 - 2015-08-19 03:56 - 06908904 _____ () C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
2011-04-15 00:28 - 2011-03-25 04:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-02 07:58 - 2010-11-02 07:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2008-12-19 22:20 - 2012-03-17 09:53 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-19 22:20 - 2012-03-17 09:53 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2016-05-12 17:07 - 2016-05-11 06:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-12 17:07 - 2016-05-11 06:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2012-03-17 09:39 - 2012-03-17 09:39 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
2015-10-21 15:50 - 2015-10-21 15:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-5769159-3156681398-1803590098-1000\...\amazon.com -> hxxps://amazon.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-5769159-3156681398-1803590098-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F391DE50-7A8C-4AFB-A093-0015DEB1A2DC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A705EC93-92D4-458B-A64B-14E0081FBF28}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{C86EBF03-1334-4FBF-9356-12E2E0768484}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{9762A8BB-D830-4819-94F9-2A63C810F25D}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{A3695EAB-86CF-413B-BC5C-A1C867053179}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{62CB1969-9DAF-4D1E-86A8-9958975DB6A0}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{E775A0D5-733E-4773-B022-4C21B5E99511}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E4DD844F-7105-4BD7-9516-F9DDAD9E5DDE}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{F35B3127-C117-4BAA-A256-FC293367F10F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FFF6F22E-D8D9-4525-9D20-1577D51D810E}] => (Allow) LPort=2869
FirewallRules: [{80653B3F-6439-4FF2-BC52-40840043092C}] => (Allow) LPort=1900
FirewallRules: [{82D31313-819D-41A7-A28D-0E8749FFD9A2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{04EFB0CB-9E3E-479C-8C61-632EDACE3CA5}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{D62FA12C-037F-487E-BC1E-309942CD2DD2}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{19E0EF72-4DE5-4D07-9218-6E49A9BCF469}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9E2D952E-B01E-482E-B355-6AD324DA35B9}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{09A8097D-7753-45D4-AB26-B36103FAE38A}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1FC3C7AF-A913-443A-B04D-457663D370AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A3268B5F-8CE8-409E-B4CF-BDAEA2DA7F11}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A87DDBD1-AA5F-4669-9442-AC722E0EFF97}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{311559B7-72C9-4DD7-A63C-E6466D1480FF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1404B624-047C-4EC1-969A-07B6E7D6D453}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{BBF3F9B2-388C-4840-A2B8-13F48772E8D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{583E4C92-41FB-41C8-B610-31ADE0B72844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{4A0B0913-8C98-41F9-A595-2636B3E18983}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox VR.exe
FirewallRules: [{9AA8EDCD-67F4-48E1-A148-11FC5A47034F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2C8B13A7-5E69-4AAD-B631-9BA134D590E0}] => (Allow) LPort=8317
 
==================== Restore Points =========================
 
26-05-2016 14:47:19 Scheduled Checkpoint
26-05-2016 17:27:12 zoek.exe restore point
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/26/2016 01:17:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/24/2016 12:32:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: avidemux2.exe, version: 2.5.4.0, time stamp: 0x4ccdbe44
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeaf722
Exception code: 0xc0000005
Fault offset: 0x00013f7c
Faulting process id: 0x1764
Faulting application start time: 0xavidemux2.exe0
Faulting application path: avidemux2.exe1
Faulting module path: avidemux2.exe2
Report Id: avidemux2.exe3
 
Error: (05/21/2016 06:30:04 PM) (Source: MsiInstaller) (EventID: 11500) (User: Paul-PC)
Description: Product: Electa Live Screen Recorder -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one.
 
Error: (05/21/2016 02:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.7601.19148, time stamp: 0x56b9adac
Faulting module name: kernel32.dll, version: 6.1.7601.19160, time stamp: 0x56bcd5c2
Exception code: 0xc0000005
Fault offset: 0x00011369
Faulting process id: 0x21dc
Faulting application start time: 0xwmplayer.exe0
Faulting application path: wmplayer.exe1
Faulting module path: wmplayer.exe2
Report Id: wmplayer.exe3
 
Error: (05/20/2016 03:11:32 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created.  Additional information: (0x81000101).
 
Error: (05/20/2016 03:11:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x81000101).
 
Error: (05/19/2016 12:24:25 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 6380. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (05/19/2016 12:24:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
 
Error: (05/19/2016 12:24:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3001) (User: NT AUTHORITY)
Description: The performance counter name string value in the registry is not formatted correctly. The malformed string is 6380. The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (05/19/2016 12:21:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (05/26/2016 05:51:06 PM) (Source: volsnap) (EventID: 16) (User: )
Description: The shadow copies of volume D: were aborted because volume D:, which contains shadow copy storage for this shadow copy, was force dismounted.
 
Error: (05/25/2016 06:06:30 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (05/25/2016 05:52:26 PM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.
 
Error: (05/25/2016 02:08:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (05/25/2016 02:21:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.
 
Error: (05/24/2016 01:56:46 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.
 
Error: (05/23/2016 03:12:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (05/21/2016 02:00:44 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The MediaMall Server service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (05/21/2016 01:01:31 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (05/20/2016 01:48:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 67%
Total physical RAM: 6058.14 MB
Available physical RAM: 1977.09 MB
Total Virtual: 12114.49 MB
Available Virtual: 8222.93 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:421.81 GB) (Free:319.2 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:0.11 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0F1D34CC)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
 
==================== End of Addition.txt ============================


#5 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 29 May 2016 - 12:44 PM

Sorry to nag you especially since you're taking it upon yourself to do this, but have you found any leads? Just curious

#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 29 May 2016 - 12:47 PM

Hi Paul :)

Since I'm still a trainee, all my posts have to be checked and approved by an Instructor before being posted here. I submitted my post already, and I'm currently waiting for an approval to post it here.

Sorry for the delay!

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 29 May 2016 - 02:51 PM

That's totally fine, I actually would also hope to learn the computer science of dealing with these issues so I could fix issues like this and maybe give tutorials to help someone else

#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 29 May 2016 - 06:45 PM

Thank you for the logs :)

I received a file from a phishing scam that downloaded and deleted itself before McAfee could block it, realizing it immediately I looked up assistance.


Phishing links spread via email usually don't distribute malware payloads that way, since they really are just plain phishing links. Do you still have that email you are talking about? If so, can you copy/paste the address of the phishing link here using either the CODE tag, and/or replacing the http at the beginning by hxxp so the link won't be active?

I have had no leads on what the malware was but discovered this could be a SysWow64 trojan or something similar(since syswow64) was not associated with any positives in files.


SysWOW64 is a legitimate Windows folder on 64-bit version of Windows, which means "Windows on Windows 64-bit". This is where 32-bit Windows files are located (64-bit files are in the system32 folder).

I had my registries being affected by a mock Google applet involved with chrome which I uninstalled


Do you remember the name of that program? Was it something along the lines of Chromium, Crossbrowser, Cassiopesa, etc.?

restricting access to files through windows explorer


Which files are you trying to access through Windows Explorer?

freezes occasionally when I try to end A process through Processhacker3 or use certain webpage functions.


What freezes? The system? Does it crashes when you try to end a process? Which processes are you trying to end via ProcessHacker, and which webpage functions are you trying to use?

I cannot even use taskmanager as it freezes and will not open, nothing will open


"Nothing will open", what else other than the Task Manager won't open? And did you try giving the Task Manager some time to open, let's say, 5 minutes?

warning.gifMalicious Programs Warning!

I noticed that you have malicious programs installed on your system. I'll ask you to uninstall them since uninstalling such programs before running malware removal tools will ensure a better clean-up.
  • Reimage Repair
If you have an issue when uninstalling a program, please let me know.

We'll run a first fix using FRST. Follow the instructions below please.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;
[attachment=180999:fixlist.txt]

Your next reply(ies) should include:
  • The phishing link you think got you infected (if you still have it);
  • The name of the Google mock-up applet you uninstalled (if you remember it);
  • The name of the files you cannot access through Windows Explorer;
  • Answers to my questions about your system freezing when you try to end a process (what freezes, what process are you trying to end, etc);
  • Answers to my questions about the Task Manager;
  • Confirmation that you uninstalled Reimage Repair;
  • Copy/pasted content of the FRST fixlog.txt;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 29 May 2016 - 07:36 PM

I cannot find the link to the malicious file anymore it was changed or removed. The Google app was just called chrome. I uninstalled chrome beforehand yet there was a registry with terms like "partner", a file with Google toolbar and chrome was discovered in C:\Users\Paul\appdata\local even after uninstalling. It was more likely to be malware since it had filed with nonspecific extensions. At one time when networking was enabled, I found I couldn't access any desktop files or any real hard drive files due to an error involving location on the disk(it hasn't happened since). This started with McAffe having its real-time scanning disabling itself shortly after I activated it. When I tried to end an Internet browser process,Process Hacker2 or tried to terminate a Conhost.exe that had never given me issues prior. There was a point were this freezing caused a time-out for the loading of Task Manager or other Ctrl Alt Delete options. Reimage was a program that was supposed to fix the registry and was removed due to it conflicting with other anti-malware programs it seems to be part of an adware scam but is removed "windows\system32\reimage.rep=> removed successfully "
 

 

please if you can, tell me how you discovered the suggestive files to be removed and your process taken to approach them, thank you

 

Fix result of Farbar Recovery Scan Tool (x64) Version:25-05-2016 01
Ran by Paul (2016-05-29 19:25:38) Run:1
Running from C:\Users\Paul\Downloads
Loaded Profiles: Paul (Available Profiles: Paul)
Boot Mode: Safe Mode (minimal)
==============================================
 
fixlist content:
*****************
CreateRestorePoint: CloseProcesses: 
Winlogon\Notify\SDWinLogon-x32: 
SDWinLogon.dll [X] Task: 
{5AD21B14-538A-49E1-A126-
D90B4D4217C2} -
System32\Tasks\ReimageUpdater => 
C:\Program Files\Reimage\Reimage
Protector\ReiGuard.exe [2015-08-19] 
(Reimage®) <==== ATTENTION Task: 
{24671B09-7E8B-4B42-8FDE-
BDA1D5A4E49F} - 
\DistromaticSearchProtect-hourly -> 
No File <==== ATTENTION Task: {C7B3C08D-1E00-4401-BCE0-
1257A65D8BB1} -
\DistromaticUpdater-logon -> No File <==== ATTENTION Task: 
{D124D781-F7E8-420E-9727-
9A645595A7D3} -
\DistromaticSearchProtect-logon ->
No File <==== ATTENTION Task:
{F9A8611E-34AA-4944-BF62-
ACFC4E887836} -
\DistromaticUpdater-periodic -> No 
File <==== ATTENTION FF Plugin: 
@bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> 
C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No 
File] 
C:\Program Files\Reimage 
C:\ProgramData\SMRResults501.dat 
C:\windows\Reimage.ini 
C:\windows\system32\reimage.rep 
Folder: C:\PhSp_CS2_UE_Ret 
EmptyTemp:
*****************
 
Error: Restore point can only be created in normal mode.
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => key removed successfully
SDWinLogon.dll [X] Task: => Error: No automatic fix found for this entry.
{5AD21B14-538A-49E1-A126- => Error: No automatic fix found for this entry.
D90B4D4217C2} - => Error: No automatic fix found for this entry.
System32\Tasks\ReimageUpdater => => Error: No automatic fix found for this entry.
"C:\Program Files\Reimage\Reimage" => not found.
Protector\ReiGuard.exe [2015-08-19] => Error: No automatic fix found for this entry.
<==== ATTENTION Task: => No running process found
{24671B09-7E8B-4B42-8FDE- => Error: No automatic fix found for this entry.
BDA1D5A4E49F} - => Error: No automatic fix found for this entry.
\DistromaticSearchProtect-hourly -> => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\No File <==== ATTENTION Task: {C7B3C08D-1E00-4401-BCE0- => key not found. 
1257A65D8BB1} - => Error: No automatic fix found for this entry.
\DistromaticUpdater-logon -> No File <==== ATTENTION Task: => Error: No automatic fix found for this entry.
{D124D781-F7E8-420E-9727- => Error: No automatic fix found for this entry.
9A645595A7D3} - => Error: No automatic fix found for this entry.
\DistromaticSearchProtect-logon -> => Error: No automatic fix found for this entry.
No File <==== ATTENTION Task: => Error: No automatic fix found for this entry.
{F9A8611E-34AA-4944-BF62- => Error: No automatic fix found for this entry.
ACFC4E887836} - => Error: No automatic fix found for this entry.
\DistromaticUpdater-periodic -> No => Error: No automatic fix found for this entry.
HKLM\Software\MozillaPlugins\File <==== ATTENTION FF Plugin: => key not found. 
"File <==== ATTENTION FF Plugin:" => not found.
@bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> => Error: No automatic fix found for this entry.
"C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No" => not found.
File] => Error: No automatic fix found for this entry.
"C:\Program Files\Reimage" => not found.
C:\ProgramData\SMRResults501.dat => moved successfully
C:\windows\Reimage.ini => moved successfully
C:\windows\system32\reimage.rep => moved successfully
 
========================= Folder: C:\PhSp_CS2_UE_Ret ========================
 
2005-03-21 13:41 - 2005-03-21 13:41 - 0012793 _____ () C:\PhSp_CS2_UE_Ret\How To Install.html
2005-02-25 14:37 - 2005-02-25 14:37 - 0157035 _____ () C:\PhSp_CS2_UE_Ret\LegalNotices.pdf
2005-02-22 13:31 - 2005-02-22 13:31 - 0142049 _____ () C:\PhSp_CS2_UE_Ret\Photoshop At A Glance.pdf
2005-02-22 13:32 - 2005-02-22 13:32 - 2723276 _____ () C:\PhSp_CS2_UE_Ret\Photoshop New Features.pdf
2005-02-23 11:24 - 2005-02-23 11:24 - 0002773 _____ () C:\PhSp_CS2_UE_Ret\Read Me First.html
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\International
2005-02-23 18:41 - 2005-02-23 18:41 - 0137148 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\International\Adobe Certified Datasheet.pdf
2005-02-23 18:56 - 2005-02-23 18:56 - 0110445 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\International\ASN Developer Program Datasheet.pdf
2005-02-23 19:08 - 2005-02-23 19:08 - 0133432 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\International\ASN Print Service Provider Program Datasheet.pdf
2005-02-23 20:05 - 2005-02-23 20:05 - 0114587 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\International\ASN Training Provider Program Datasheet.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\North America
2005-02-23 19:25 - 2005-02-23 19:25 - 0137796 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\North America\Adobe Certified Datasheet.pdf
2005-02-23 18:57 - 2005-02-23 18:57 - 0105939 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\North America\ASN Developer Program Datasheet.pdf
2005-02-23 19:22 - 2005-02-23 19:22 - 0136218 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\North America\ASN Print Service Provider Program Datasheet.pdf
2005-02-23 20:18 - 2005-02-23 20:18 - 0112983 _____ () C:\PhSp_CS2_UE_Ret\Adobe Solutions Network\North America\ASN Training Provider Program Datasheet.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2
2003-02-25 10:04 - 2003-02-25 10:04 - 0004632 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\0x0409.ini
2005-02-03 14:04 - 2005-02-03 14:04 - 0000686 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\Abcpy.ini
2005-03-28 11:02 - 2005-03-28 11:02 - 5092236 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\Adobe Photoshop CS2.msi
2005-03-28 11:02 - 2005-03-28 11:02 - 152609396 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\Data1.cab
2002-03-11 06:45 - 2002-03-11 06:45 - 1708856 _____ (Microsoft Corporation) C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\instmsia.exe
2002-03-11 10:06 - 2002-03-11 10:06 - 1822520 _____ (Microsoft Corporation) C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\instmsiw.exe
2005-03-01 17:46 - 2005-03-01 17:46 - 0045486 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\Photoshop Read Me.wri
2005-03-28 11:01 - 2005-03-28 11:01 - 0225280 _____ (Adobe Systems, Inc.                                         ) C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\setup.exe
2005-03-28 11:02 - 2005-03-28 11:02 - 0001207 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\Setup.ini
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\bridge
2005-03-24 17:29 - 2005-03-24 17:29 - 31518208 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\bridge\Adobe Bridge 1.0.msi
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\commonfilesinstaller
2005-03-16 20:20 - 2005-03-16 20:20 - 0539648 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\commonfilesinstaller\Adobe Common File Installer.msi
2005-03-16 20:20 - 2005-03-16 20:20 - 88670105 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\commonfilesinstaller\Data1.cab
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\help center
2005-03-15 21:53 - 2005-03-15 21:53 - 12826624 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\help center\Adobe Help Center 1.0.msi
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\stock photography
2005-03-16 21:14 - 2005-03-16 21:14 - 3559424 _____ () C:\PhSp_CS2_UE_Ret\Adobe® Photoshop® CS2\stock photography\Adobe Stock Photos 1.0.msi
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Customer Support
2004-09-30 10:06 - 2004-09-30 10:06 - 0355811 _____ () C:\PhSp_CS2_UE_Ret\Customer Support\Adobe Support Info.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies
2002-03-04 07:56 - 2002-03-04 07:56 - 0180969 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Adobe Type Library.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets
2005-02-16 12:07 - 2005-02-16 12:07 - 0000923 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Mixer Read Me.html
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps
1997-11-11 14:21 - 1997-11-11 14:21 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\CMYK Rotate Channels Back.cha
1997-11-11 14:20 - 1997-11-11 14:20 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\CMYK Rotate Channels Fore.cha
1997-11-11 14:22 - 1997-11-11 14:22 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\CMYK Swap Cyan&Black.cha
1997-09-21 05:21 - 1997-09-21 05:21 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\CMYK Swap Cyan&Magenta.cha
1997-09-21 05:22 - 1997-09-21 05:22 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\CMYK Swap Cyan&Yellow.cha
1997-09-21 04:42 - 1997-09-21 04:42 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\RGB Rotate Channels.cha
1997-09-21 05:22 - 1997-09-21 05:22 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\RGB Swap Green&Blue.cha
1997-09-21 05:22 - 1997-09-21 05:22 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\RGB Swap Red&Blue.cha
1997-09-21 05:21 - 1997-09-21 05:21 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Channel Swaps\RGB Swap Red&Green.cha
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale
1997-09-24 07:18 - 1997-09-24 07:18 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale\CMYK to Gray.cha
1997-09-21 04:39 - 1997-09-21 04:39 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale\Grayscale Blues.cha
1997-09-21 04:41 - 1997-09-21 04:41 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale\Grayscale Standard.cha
1997-11-11 14:07 - 1997-11-11 14:07 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale\Grayscale Yellows.cha
1997-09-21 04:38 - 1997-09-21 04:38 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale\Grayscale Yellows2.cha
1997-09-21 05:13 - 1997-09-21 05:13 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Grayscale\RGB Inverted Grayscale.cha
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects
1997-10-23 10:08 - 1997-10-23 10:08 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\CMYK Holiday Wrap.cha
1997-11-06 13:51 - 1997-11-06 13:51 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Blacklight.cha
1997-11-06 13:48 - 1997-11-06 13:48 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Blueprint.cha
1997-11-06 13:44 - 1997-11-06 13:44 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Burnt Foliage.cha
1997-11-11 14:13 - 1997-11-11 14:13 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Easter colors.cha
1997-11-06 12:50 - 1997-11-06 12:50 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Holiday Wrap.cha
1997-09-21 05:14 - 1997-09-21 05:14 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Inverted Warm Brass.cha
1997-11-06 13:40 - 1997-11-06 13:40 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Over Saturate.cha
1998-01-09 07:54 - 1998-01-09 07:54 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Pastels.cha
1997-09-21 05:09 - 1997-09-21 05:09 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Sepiatone subtle color.cha
1997-09-22 09:23 - 1997-09-22 09:23 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Sepiatone subtle color2.cha
1997-09-22 09:42 - 1997-09-22 09:42 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Sepiatone subtle color3.cha
1997-11-06 13:39 - 1997-11-06 13:39 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\RGB Warmer.cha
1997-09-24 07:25 - 1997-09-24 07:25 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\Special Effects\Yellows&Blues (RGB or CMYK).cha
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\YCC Color
1997-11-06 13:02 - 1997-11-06 13:02 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\YCC Color\RGB to YCrCb.cha
1997-11-06 13:12 - 1997-11-06 13:12 - 0000044 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Channel Mixer Presets\YCC Color\YCrCb to RGB.cha
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Custom File Info Panels
2005-02-16 12:16 - 2005-02-16 12:16 - 0002467 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Custom File Info Panels\File Info Panels Read Me.html
2003-09-19 12:47 - 2003-09-19 12:47 - 0330931 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Custom File Info Panels\XMP Custom Panels.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Custom File Info Panels\Sample File Info Panels
2003-09-19 15:06 - 2003-09-19 15:06 - 0002154 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Custom File Info Panels\Sample File Info Panels\CustomPanel_allWidgets.txt
2003-09-19 15:06 - 2003-09-19 15:06 - 0007094 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Custom File Info Panels\Sample File Info Panels\Description.txt
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures
2003-09-12 16:43 - 2003-09-12 16:43 - 0003126 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\AdobeP8M.md0
2003-09-12 16:43 - 2003-09-12 16:43 - 1012475 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\AdobeP8P.tb0
2003-09-12 16:43 - 2003-09-12 16:43 - 0013694 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\AdobeP8T.tb0
2002-02-19 23:46 - 2002-02-19 23:46 - 3656500 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\Japanese Rice Paper.jpg
2002-02-19 23:46 - 2002-02-19 23:46 - 6764627 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\Red Origami Flowers.jpg
2002-02-19 23:46 - 2002-02-19 23:46 - 2857306 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\Sepia Marble Paper.jpg
2002-02-19 23:46 - 2002-02-19 23:46 - 6380752 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\Woodchip Paper.jpg
2002-02-19 23:46 - 2002-02-19 23:46 - 5220475 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Hi Res RGB Textures\Wrinkled Woodchip Paper.jpg
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches
1996-10-14 16:08 - 1996-10-14 16:08 - 0006724 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\216 browser safe colors.aco
1996-10-09 06:47 - 1996-10-09 06:47 - 0002244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\216 by hue.aco
1996-10-09 06:09 - 1996-10-09 06:09 - 0002244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\216 by luminosity.aco
1996-10-05 12:44 - 1996-10-05 12:44 - 0001284 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\desaturated range.aco
1996-07-20 11:49 - 1996-07-20 11:49 - 0005124 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\full saturated range.aco
1996-07-27 14:35 - 1996-07-27 14:35 - 0003204 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\med saturation range.aco
1998-05-25 13:09 - 1998-05-25 13:09 - 0009604 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\standard set.aco
2005-02-16 12:37 - 2005-02-16 12:37 - 0001675 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Web Swatches Read Me.html
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes
1996-10-05 12:43 - 1996-10-05 12:43 - 0002884 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\blue analogous.aco
1996-07-17 07:34 - 1996-07-17 07:34 - 0004004 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\blue desaturated range.aco
1996-07-20 09:35 - 1996-07-20 09:35 - 0006244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\blue saturated range.aco
1996-10-05 12:34 - 1996-10-05 12:34 - 0002884 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\cyan analogous.aco
1996-07-17 13:31 - 1996-07-17 13:31 - 0004004 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\cyan desaturated range.aco
1996-07-20 09:38 - 1996-07-20 09:38 - 0006244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\cyan saturated range.aco
1996-10-05 12:38 - 1996-10-05 12:38 - 0002884 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\green analogous.aco
1996-07-17 07:44 - 1996-07-17 07:44 - 0004004 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\green desaturated range.aco
1996-07-20 09:40 - 1996-07-20 09:40 - 0006244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\green saturated range.aco
1996-10-05 12:42 - 1996-10-05 12:42 - 0002884 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\magenta analogous.aco
1996-07-17 13:15 - 1996-07-17 13:15 - 0004004 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\magenta desaturated range.aco
1996-07-20 09:41 - 1996-07-20 09:41 - 0006244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\magenta saturated range.aco
1996-10-05 12:40 - 1996-10-05 12:40 - 0002884 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\red analogous.aco
1996-07-17 07:27 - 1996-07-17 07:27 - 0004004 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\red desaturated range.aco
1996-07-20 09:42 - 1996-07-20 09:42 - 0006244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\red saturated range.aco
1996-10-05 12:36 - 1996-10-05 12:36 - 0002884 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\yellow analogous.aco
1996-07-17 13:21 - 1996-07-17 13:21 - 0004004 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\yellow desaturated range.aco
1996-07-20 09:45 - 1996-07-20 09:45 - 0006244 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Color Schemes\yellow saturated range.aco
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts
1996-07-17 14:20 - 1996-07-17 14:20 - 0000324 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts\greyscale.aco
1996-09-23 11:59 - 1996-09-23 11:59 - 0000964 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts\luminosity desaturated.aco
1996-09-23 12:19 - 1996-09-23 12:19 - 0002404 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts\luminosity full saturation.aco
1996-09-23 11:57 - 1996-09-23 11:57 - 0001764 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts\luminosity medium saturatin.aco
1997-09-15 08:39 - 1997-09-15 08:39 - 0001284 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts\muted.aco
1996-07-13 05:42 - 1996-07-13 05:42 - 0001284 _____ () C:\PhSp_CS2_UE_Ret\Goodies\lynda.com Web swatches\Other Layouts\rgbcmyk 11 step gradation.aco
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ditherbox
2001-08-24 06:54 - 2001-08-24 06:54 - 0067898 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ditherbox\Dither Box filter.pdf
2005-02-18 10:00 - 2005-02-18 10:00 - 0000945 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ditherbox\Ditherbox Read Me.html
1999-06-24 12:28 - 1999-06-24 12:28 - 0097792 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ditherbox\DitherBx.8bf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory
2000-10-10 14:59 - 2000-10-10 14:59 - 0049152 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Ffactory.8bf
2003-07-21 09:58 - 2003-07-21 09:58 - 0037677 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Ffactory.wri
1997-04-17 10:51 - 1997-04-17 10:51 - 0055808 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Ffexamp.8bf
1997-04-17 10:51 - 1997-04-17 10:51 - 0000396 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Ffexamp.afs
1994-10-30 05:39 - 1994-10-30 05:39 - 0064216 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Fftutor.pdf
2005-02-23 19:33 - 2005-02-23 19:33 - 0001418 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Filter Factory Read Me.html
1998-03-04 07:22 - 1998-03-04 07:22 - 0183165 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Filter_Factory.pdf
1997-04-17 10:51 - 1997-04-17 10:51 - 0055808 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Lights.8bf
1997-04-17 10:51 - 1997-04-17 10:51 - 0000651 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Lights.afs
1993-07-23 01:00 - 1993-07-23 01:00 - 0210944 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Msvcrt10.dll
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples
1995-05-03 02:11 - 1995-05-03 02:11 - 0057344 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Edittran.8bf
1997-04-17 10:51 - 1997-04-17 10:51 - 0000118 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Edittrns.afs
1995-05-03 02:11 - 1995-05-03 02:11 - 0057344 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Lumopac.8bf
1997-04-17 10:51 - 1997-04-17 10:51 - 0000058 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Lumopac.afs
1995-05-03 02:12 - 1995-05-03 02:12 - 0057344 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Opaclum.8bf
1997-04-17 10:51 - 1997-04-17 10:51 - 0000096 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Opaclum.afs
1995-05-03 02:12 - 1995-05-03 02:12 - 0057344 _____ (Adobe Systems, Inc.) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Settrans.8bf
1997-04-17 10:51 - 1997-04-17 10:51 - 0000052 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Settrans.afs
1996-10-29 15:49 - 1996-10-29 15:49 - 0034173 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Ffactory\Transparency Examples\Transparency Read Me.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format
2005-02-16 11:36 - 2005-02-16 11:36 - 0000958 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\About Alias Format.html
2005-02-16 11:49 - 2005-02-16 11:49 - 0000946 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\About ElectricImage Format.html
2005-02-16 11:51 - 2005-02-16 11:51 - 0000849 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\About IFF Format.html
2005-02-16 11:57 - 2005-02-16 11:57 - 0000977 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\About RLA Format.html
2005-02-16 12:00 - 2005-02-16 12:00 - 0000989 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\About SGI RGB Format.html
2005-03-03 13:44 - 2005-03-03 13:44 - 0000918 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\About SoftImage Format.html
2005-03-22 04:20 - 2005-03-22 04:20 - 0014848 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\Alias.8BI
2005-03-22 04:21 - 2005-03-22 04:21 - 0019456 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\ElectricImage.8BI
2005-03-22 04:20 - 2005-03-22 04:20 - 0031744 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\IFF Format.8BI
2005-03-22 04:24 - 2005-03-22 04:24 - 0016384 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\Rla.8bi
2005-03-22 04:25 - 2005-03-22 04:25 - 0016384 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\Sgirgb.8bi
2005-03-22 04:25 - 2005-03-22 04:25 - 0013824 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\File Format\SoftImage.8BI
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Filters
2005-03-22 04:31 - 2005-03-22 04:31 - 0286720 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Filters\3D Transform.8BF
2005-03-22 04:36 - 2005-03-22 04:36 - 0020992 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Filters\Texture Fill.8BF
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\File Formats
2005-02-16 12:10 - 2005-02-16 12:10 - 0001079 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\File Formats\File Formats Read Me.html
2005-03-22 04:22 - 2005-03-22 04:22 - 0176128 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\File Formats\JPEG2000.8BI
2005-03-22 04:22 - 2005-03-22 04:22 - 0016896 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\File Formats\Mac Paint.8BI
2005-02-09 04:24 - 2005-02-09 04:24 - 0023552 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\File Formats\PIXPNT8B.8BI
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\HSBHSL
2005-02-16 18:19 - 2005-02-16 18:19 - 0001194 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\HSBHSL\HSBHSL Read Me.html
2005-03-22 04:32 - 2005-03-22 04:32 - 0017408 _____ (Adobe Systems, Incorporated) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\HSBHSL\Hsbhsl.8bf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions
2004-05-06 14:54 - 2004-05-06 14:54 - 0000121 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AllowNetworkScratch_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000134 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AllowNetworkScratch_ON.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000123 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AllowRemovableScrtch_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000136 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AllowRemovableScrtch_ON.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000117 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AlwaysImportClipbd_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000130 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AlwaysImportClipbd_ON.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000114 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AlwaysShowPalettes_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000127 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\AlwaysShowPalettes_ON.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000124 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BadDriverRGBBlitCheck_OFF.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000111 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BadDriverRGBBlitCheck_ON_D.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000115 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BadDriverStickyCrsr_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000128 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BadDriverStickyCrsr_ON.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000115 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BlitSingleScanLines_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000128 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BlitSingleScanLines_ON.reg
2004-09-03 10:59 - 2004-09-03 10:59 - 0000256 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BrokenLargeCursors_OFF.reg
2004-09-03 10:59 - 2004-09-03 10:59 - 0000256 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\BrokenLargeCursors_ON_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000120 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ClipboardSizeLimit_OFF.reg
2004-05-06 14:53 - 2004-05-06 14:53 - 0000105 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ClipboardSizeLimit_ON_D.reg
2004-05-06 14:52 - 2004-05-06 14:52 - 0000116 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\DisableScratchCmprs_OFF_D.reg
2004-05-06 14:56 - 2004-05-06 14:56 - 0000129 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\DisableScratchCmprs_ON.reg
2004-05-06 14:24 - 2004-05-06 14:24 - 0000109 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ForceProgress_OFF_D.reg
2004-05-06 14:24 - 2004-05-06 14:24 - 0000122 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ForceProgress_ON.reg
2004-05-06 14:52 - 2004-05-06 14:52 - 0000111 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ForceVMCompression_OFF_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000124 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ForceVMCompression_ON.reg
2004-05-06 14:52 - 2004-05-06 14:52 - 0000110 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\IgnoreEXIFsRGB_OFF_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000123 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\IgnoreEXIFsRGB_ON.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000133 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\OptimizeResizeDrawing_OFF.reg
2004-05-06 14:52 - 2004-05-06 14:52 - 0000120 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\OptimizeResizeDrawing_ON_D.reg
2004-05-06 14:52 - 2004-05-06 14:52 - 0000118 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\PrintPassthrough_NORM_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000131 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\PrintPassthrough_PASS.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000131 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\PrintPassthrough_PS_PASS.reg
2005-02-25 10:07 - 2005-02-25 10:07 - 0014495 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\Registry Keys Read Me.html
2004-05-06 14:52 - 2004-05-06 14:52 - 0000111 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\RememberSlowFiles_OFF_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000124 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\RememberSlowFiles_ON.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000126 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ShowWindowsThumbnails_OFF.reg
2004-05-06 14:51 - 2004-05-06 14:51 - 0000113 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\ShowWindowsThumbnails_ON_D.reg
2004-05-06 14:51 - 2004-05-06 14:51 - 0000109 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\TaskDebugging_OFF_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000122 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\TaskDebugging_ON.reg
2004-05-06 14:51 - 2004-05-06 14:51 - 0000109 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\UnlimitedPreviews_OFF_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000124 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\UnlimitedPreviews_ON.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000119 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\UseAsyncIO_OFF.reg
2004-05-06 14:51 - 2004-05-06 14:51 - 0000106 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\UseAsyncIO_ON_D.reg
2004-05-06 14:51 - 2004-05-06 14:51 - 0000111 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\UseAsyncScratch_OFF_D.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000124 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\UseAsyncScratch_ON.reg
2004-05-06 14:55 - 2004-05-06 14:55 - 0000129 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\WarnSavePrefsFailure_OFF.reg
2004-05-06 14:51 - 2004-05-06 14:51 - 0000114 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Photoshop Only\Optional Extensions\WarnSavePrefsFailure_ON_D.reg
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Seiko Epson
2003-09-03 17:10 - 2003-09-03 17:10 - 1858682 _____ (SEIKO EPSON CORPORATION                                     ) C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Seiko Epson\PIM II Installer.exe
2003-09-12 19:16 - 2003-09-12 19:16 - 0211573 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Optional Plug-Ins\Seiko Epson\PRINT Image Matching.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects
2003-09-22 15:26 - 2003-09-22 15:26 - 0024084 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\AdobeP8M.md0
2003-09-22 15:26 - 2003-09-22 15:26 - 3886711 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\AdobeP8P.tb0
2003-09-22 15:26 - 2003-09-22 15:26 - 0027374 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\AdobeP8T.tb0
1994-11-30 10:18 - 1994-11-30 10:18 - 0262041 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Amoeba.psd
1994-11-30 10:18 - 1994-11-30 10:18 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Bark.psd
1994-11-30 10:17 - 1994-11-30 10:17 - 0254759 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Blistered Paint.psd
1994-06-07 06:49 - 1994-06-07 06:49 - 0167215 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Bricks.psd
1994-11-30 10:17 - 1994-11-30 10:17 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Burlap.psd
1994-06-07 06:49 - 1994-06-07 06:49 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Canvas.psd
1994-06-07 06:49 - 1994-06-07 06:49 - 0258856 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Carpet.psd
1994-06-07 06:48 - 1994-06-07 06:48 - 0262462 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Caviar.psd
1994-11-30 10:17 - 1994-11-30 10:17 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Cinder Blocks.psd
1994-06-07 06:48 - 1994-06-07 06:48 - 0252357 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Clouds.psd
1994-06-07 06:42 - 1994-06-07 06:42 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Concrete.psd
1994-11-30 10:16 - 1994-11-30 10:16 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Confetti.psd
1994-05-31 07:38 - 1994-05-31 07:38 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Denim 1.psd
1994-05-31 07:34 - 1994-05-31 07:34 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Denim 2.psd
1994-06-08 06:19 - 1994-06-08 06:19 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Dragon Scales 1.psd
1994-06-08 06:32 - 1994-06-08 06:32 - 0262484 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Dragon Scales 2.psd
1994-11-30 10:19 - 1994-11-30 10:19 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Driven Snow.psd
1994-11-30 10:19 - 1994-11-30 10:19 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Feathers.psd
1994-11-30 10:19 - 1994-11-30 10:19 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Footprints.psd
1994-05-31 08:40 - 1994-05-31 08:40 - 0261861 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Frosted Glass.psd
1994-11-30 10:19 - 1994-11-30 10:19 - 0239672 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Frozen Rain.psd
1994-11-30 10:19 - 1994-11-30 10:19 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Gauze.psd
1994-11-30 10:22 - 1994-11-30 10:22 - 0222294 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Glass Block.psd
1994-05-31 07:27 - 1994-05-31 07:27 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Irish Short Hair.psd
1995-01-06 10:41 - 1995-01-06 10:41 - 0142360 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Knurl.psd
1994-11-30 10:22 - 1994-11-30 10:22 - 0173101 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Leather 1.psd
1994-11-30 10:21 - 1994-11-30 10:21 - 0260867 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Leather 2.psd
1994-11-30 10:21 - 1994-11-30 10:21 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Lichen.psd
1994-06-07 06:48 - 1994-06-07 06:48 - 0210701 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Lines.psd
1994-06-07 06:48 - 1994-06-07 06:48 - 0262462 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Loose Threads.psd
1994-06-07 06:47 - 1994-06-07 06:47 - 0253199 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Mountains 1.psd
1994-11-30 10:21 - 1994-11-30 10:21 - 0232138 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Mountains 2.psd
1995-01-04 04:48 - 1995-01-04 04:48 - 0259040 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Noise.psd
1994-05-31 07:34 - 1994-05-31 07:34 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper.psd
1994-11-30 10:23 - 1994-11-30 10:23 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Big Canvas.psd
1994-11-30 10:23 - 1994-11-30 10:23 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Fibrous.psd
1994-06-07 06:45 - 1994-06-07 06:45 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Fine.psd
1994-11-30 10:23 - 1994-11-30 10:23 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Regular.psd
1994-06-07 06:45 - 1994-06-07 06:45 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Rough.psd
1994-11-30 10:23 - 1994-11-30 10:23 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Rougher.psd
1994-11-30 10:22 - 1994-11-30 10:22 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-Watercolor.psd
1994-11-30 10:25 - 1994-11-30 10:25 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Paper-XRough.psd
1994-11-30 10:25 - 1994-11-30 10:25 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Pine Bark.psd
1994-11-30 10:25 - 1994-11-30 10:25 - 0150330 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Puzzle.psd
1994-06-07 06:44 - 1994-06-07 06:44 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Rosette.psd
1994-06-07 06:43 - 1994-06-07 06:43 - 0245885 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Rust Flakes.psd
1994-11-30 10:25 - 1994-11-30 10:25 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Screen Door.psd
1994-11-30 10:24 - 1994-11-30 10:24 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Shagg Rug.psd
1994-06-08 06:19 - 1994-06-08 06:19 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Shingles 1.psd
1994-06-07 06:44 - 1994-06-07 06:44 - 0096653 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Shingles 2.psd
1994-05-31 07:36 - 1994-05-31 07:36 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Shredded Plastic 1.psd
1994-06-07 06:43 - 1994-06-07 06:43 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Shredded Plastic 2.psd
1994-06-07 06:44 - 1994-06-07 06:44 - 0225771 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Snake Skin.psd
1994-05-31 07:08 - 1994-05-31 07:08 - 0118636 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Sparse Basic Noise.psd
1994-06-07 06:41 - 1994-06-07 06:41 - 0252335 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Sphere Grid.psd
1994-06-07 06:40 - 1994-06-07 06:40 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Strands 1.psd
1994-06-07 06:39 - 1994-06-07 06:39 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Strands 2.psd
1994-05-31 07:33 - 1994-05-31 07:33 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Stucco 1.psd
1994-11-30 10:26 - 1994-11-30 10:26 - 0248369 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Stucco 2.psd
1994-11-30 10:26 - 1994-11-30 10:26 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Stucco 3.psd
1994-06-26 19:08 - 1994-06-26 19:08 - 0247711 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Styrofoam Balls.psd
2005-02-16 12:19 - 2005-02-16 12:19 - 0000672 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Textures Read Me.html
1994-06-07 06:39 - 1994-06-07 06:39 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Thick Hair.psd
1994-05-31 07:15 - 1994-05-31 07:15 - 0245788 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Tiles - Bumpy.psd
1994-07-01 11:22 - 1994-07-01 11:22 - 0042722 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Tiles - Smooth.psd
1994-11-30 10:29 - 1994-11-30 10:29 - 0261942 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Towel.psd
1994-11-30 10:29 - 1994-11-30 10:29 - 0154264 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Tread.psd
1994-11-30 10:28 - 1994-11-30 10:28 - 0262456 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 1.psd
1994-11-30 10:28 - 1994-11-30 10:28 - 0259148 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 2.psd
1994-05-31 07:32 - 1994-05-31 07:32 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 3.psd
1994-05-31 07:39 - 1994-05-31 07:39 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 4.psd
1994-06-07 06:38 - 1994-06-07 06:38 - 0261883 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 5.psd
1994-06-07 06:38 - 1994-06-07 06:38 - 0262434 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 6.psd
1994-06-07 06:37 - 1994-06-07 06:37 - 0184906 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 7.psd
1994-06-07 06:38 - 1994-06-07 06:38 - 0258238 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Weave 8.psd
1994-11-30 10:28 - 1994-11-30 10:28 - 0244304 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Textures for Lighting Effects\Web.psd
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates
2005-02-16 14:51 - 2005-02-16 14:51 - 0000952 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\WPG Templates Read Me.html
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray
2003-09-16 09:59 - 2003-09-16 09:59 - 0000002 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000472 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000484 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0003376 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000342 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\images
2003-09-16 09:59 - 2003-09-16 09:59 - 0000182 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\images\nextimage.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000170 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\images\previmage.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000068 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Blue & Gray\images\rule.gif
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark
2003-09-16 09:59 - 2003-09-16 09:59 - 0000000 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000472 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000518 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0002090 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000323 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\images
2003-09-16 09:59 - 2003-09-16 09:59 - 0004900 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Dark\images\bannerimage.gif
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Frame
2003-09-16 09:59 - 2003-09-16 09:59 - 0000000 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Frame\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000464 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Frame\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000382 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Frame\IndexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0001148 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Frame\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000359 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Frame\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Light
2003-09-16 09:59 - 2003-09-16 09:59 - 0000000 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Light\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000472 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Light\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000512 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Light\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0002121 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Light\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000337 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Light\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned
2003-09-16 09:59 - 2003-09-16 09:59 - 0000000 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000475 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000543 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0002241 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000338 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\images
2003-09-16 09:59 - 2003-09-16 09:59 - 0002305 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\images\bkgnd.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000266 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\images\nextimage.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000283 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Horizontal Patterned\images\previmage.gif
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table
2003-09-16 09:59 - 2003-09-16 09:59 - 0000000 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0001252 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\IndexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0002075 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000298 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue
2003-09-16 09:59 - 2003-09-16 09:59 - 0000000 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0002002 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0002190 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000346 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\images
2003-09-16 09:59 - 2003-09-16 09:59 - 0005760 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\images\bannerimage.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000203 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\images\currentindex.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000184 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\images\nextimage.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000192 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\images\previmage.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000068 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table - Blue\images\rule.gif
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\images
2003-09-16 09:59 - 2003-09-16 09:59 - 0006729 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\images\background.jpg
2003-09-16 09:59 - 2003-09-16 09:59 - 0000691 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\images\home.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000683 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\images\next.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0000685 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Table\images\previous.gif
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Frame
2003-09-16 09:59 - 2003-09-16 09:59 - 0000433 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Frame\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000462 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Frame\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000466 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Frame\IndexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0001204 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Frame\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000200 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Frame\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 1
2003-09-16 09:59 - 2003-09-16 09:59 - 0000002 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 1\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000464 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 1\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000538 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 1\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0001510 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 1\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000359 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 1\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2
2003-09-16 09:59 - 2003-09-16 09:59 - 0000002 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\Caption.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000492 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\FrameSet.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000538 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\indexPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0001377 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\SubPage.htm
2003-09-16 09:59 - 2003-09-16 09:59 - 0000361 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\Thumbnail.htm
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\images
2003-09-16 09:59 - 2003-09-16 09:59 - 0000058 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\images\arrow.gif
2003-09-16 09:59 - 2003-09-16 09:59 - 0010417 _____ () C:\PhSp_CS2_UE_Ret\Goodies\Web Photo Gallery Templates\Vertical Slide Show 2\images\bkgnd.gif
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Help
2005-02-18 11:21 - 2005-02-18 11:21 - 17949745 _____ () C:\PhSp_CS2_UE_Ret\Help\Photoshop Help.pdf
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Technical Information
2016-05-14 20:28 - 2016-05-14 20:28 - 0000000 ____D () C:\PhSp_CS2_UE_Ret\Technical Information\Scripting Guide
2005-03-11 11:00 - 2005-03-11 11:00 - 1466555 _____ () C:\PhSp_CS2_UE_Ret\Technical Information\Scripting Guide\AppleScript Reference Guide.pdf
2005-03-11 11:02 - 2005-03-11 11:02 - 3518909 _____ () C:\PhSp_CS2_UE_Ret\Technical Information\Scripting Guide\JavaScript Reference Guide.pdf
2005-03-11 10:59 - 2005-03-11 10:59 - 0714623 _____ () C:\PhSp_CS2_UE_Ret\Technical Information\Scripting Guide\Photoshop Scripting Guide.pdf
2005-03-11 11:03 - 2005-03-11 11:03 - 1364766 _____ () C:\PhSp_CS2_UE_Ret\Technical Information\Scripting Guide\VisualBasic Reference Guide.pdf
 
====== End of Folder: ======
 
EmptyTemp: => 898.3 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 19:26:36 ====


#10 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 29 May 2016 - 08:00 PM

Also to add there are multiple svchost processes which is atypical for this machine, there are two csrss.exe processes and a dllhost process running.

#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 29 May 2016 - 08:08 PM

Boot Mode: Safe Mode (minimal)
Unless I instruct you to do so, please follow my instructions under a normal boot, and not Safe Mode, alright? :)
 

The Google app was just called chrome. I uninstalled chrome beforehand yet there was a registry with terms like "partner", a file with Google toolbar and chrome was discovered in C:\Users\Paul\appdata\local even after uninstalling. It was more likely to be malware since it had filed with nonspecific extensions.


Google Chrome is a legitimate program, so is Google Toolbar for Internet Explorer. Also, Google have a folder in AppData\Local, and you have Google programs installed on your system.
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
So the presence of Google-based programs on your system isn't unusual if you ask me. So far, to me it looks like these entries/files were all legitimate.
 

At one time when networking was enabled, I found I couldn't access any desktop files or any real hard drive files due to an error involving location on the disk(it hasn't happened since).


It happens sometimes. Usually, killing and restarting the explorer.exe process, or restarting the computer does the trick. I see it happen when the hard drive is heavily used, and therefore Windows cannot allocate resources to browse the disk normally.
 

When I tried to end an Internet browser process,Process Hacker2 or tried to terminate a Conhost.exe that had never given me issues prior. There was a point were this freezing caused a time-out for the loading of Task Manager or other Ctrl Alt Delete options.


If that process called out conhost.exe afterward, it's normal that it would try to terminate it as well (when you terminate a parent process, all the child processes are terminated as well).
 

Reimage was a program that was supposed to fix the registry and was removed due to it conflicting with other anti-malware programs it seems to be part of an adware scam but is removed "windows\system32\reimage.rep=> removed successfully "


Reimage Repair is a PUP program that should be avoided, so are Registry Cleaners. None of them will ever solve your problems, I can guarantee you that.

It seems like the FRST fix didn't went through properly, mostly because the formatting got messed up. Follow the instructions below please.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Open Notepad, click on the Format menu, and make sure that the Word Wrap function isn't enabled (checked), then close it;
  • Right-click on your Desktop, select New and click on Text Document. Name it fixlist (make sure it's a .txt file) and press on Enter;
  • Open the file you just created and copy/paste the content below in it, then save it (Ctrl + S);
    CreateRestorePoint:
    CloseProcesses:
    
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    
    Task: {5AD21B14-538A-49E1-A126-D90B4D4217C2} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
    Task: {24671B09-7E8B-4B42-8FDE-BDA1D5A4E49F} - \DistromaticSearchProtect-hourly -> No File <==== ATTENTION
    Task: {C7B3C08D-1E00-4401-BCE0-1257A65D8BB1} - \DistromaticUpdater-logon -> No File <==== ATTENTION
    Task: {D124D781-F7E8-420E-9727-9A645595A7D3} - \DistromaticSearchProtect-logon -> No File <==== ATTENTION
    Task: {F9A8611E-34AA-4944-BF62-ACFC4E887836} - \DistromaticUpdater-periodic -> No File <==== ATTENTION
    
    FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
    
    C:\Program Files\Reimage
    C:\ProgramData\SMRResults501.dat
    C:\windows\Reimage.ini
    C:\windows\system32\reimage.rep
    
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;
Your next reply(ies) should include:
  • Copy/pasted content of the FRST fixlog;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 29 May 2016 - 08:56 PM

Ok I have booted in safemode just in case since the progression of problems

here is the fixlog that notes something in the cache having access to a key in the registry

 

ix result of Farbar Recovery Scan Tool (x64) Version:25-05-2016 01
Ran by Paul (2016-05-29 20:47:00) Run:2
Running from C:\Users\Paul\Downloads
Loaded Profiles: Paul (Available Profiles: Paul)
Boot Mode: Safe Mode (minimal)
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
 
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
 
Task: {5AD21B14-538A-49E1-A126-D90B4D4217C2} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
Task: {24671B09-7E8B-4B42-8FDE-BDA1D5A4E49F} - \DistromaticSearchProtect-hourly -> No File <==== ATTENTION
Task: {C7B3C08D-1E00-4401-BCE0-1257A65D8BB1} - \DistromaticUpdater-logon -> No File <==== ATTENTION
Task: {D124D781-F7E8-420E-9727-9A645595A7D3} - \DistromaticSearchProtect-logon -> No File <==== ATTENTION
Task: {F9A8611E-34AA-4944-BF62-ACFC4E887836} - \DistromaticUpdater-periodic -> No File <==== ATTENTION
 
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
 
C:\Program Files\Reimage


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,630 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 30 May 2016 - 09:08 AM

Ok I have booted in safemode just in case since the progression of problems


I just instructed you not to boot in Safe Mode unless I tell you to do so. Now, please restart your computer under a normal boot (not Safe Mode), and copy/paste the full content of the fixlog.txt file, since it looks like you only copy/pasted half of it.
 

here is the fixlog that notes something in the cache having access to a key in the registry


There's no such thing in the log you posted, what are you referring to?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 30 May 2016 - 11:50 AM

Sorry, something about the keys was brought up, I misread about the safe mode my mistake but I did copy the whole text for the fixlog

#15 PaulFrog

PaulFrog
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:31 AM

Posted 30 May 2016 - 12:07 PM

I'm sorry about not following the last post but Here I have the fixlog.txt running in normal mode with networking and internet access. Issues currently with freezing are seen in sluggish response to right-clicks on files or just about anywhere slow start-ups. Opening a browser also is slow and seems to only respond after a few minutes.

here is fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
Ran by Paul (2016-05-30 11:59:43) Run:3
Running from C:\Users\Paul\Downloads
Loaded Profiles: Paul (Available Profiles: Paul)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Open the file you just created and copy/paste the content below in it, then save it (Ctrl + S);
CreateRestorePoint:
CloseProcesses:

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

Task: {5AD21B14-538A-49E1-A126-D90B4D4217C2} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19] (Reimage®) <==== ATTENTION
Task: {24671B09-7E8B-4B42-8FDE-BDA1D5A4E49F} - \DistromaticSearchProtect-hourly -> No File <==== ATTENTION
Task: {C7B3C08D-1E00-4401-BCE0-1257A65D8BB1} - \DistromaticUpdater-logon -> No File <==== ATTENTION
Task: {D124D781-F7E8-420E-9727-9A645595A7D3} - \DistromaticSearchProtect-logon -> No File <==== ATTENTION
Task: {F9A8611E-34AA-4944-BF62-ACFC4E887836} - \DistromaticUpdater-periodic -> No File <==== ATTENTION

FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]

C:\Program Files\Reimage
C:\ProgramData\SMRResults501.dat
C:\windows\Reimage.ini
C:\windows\system32\reimage.rep
*****************

Open the file you just created and copy/paste the content below in it, then save it (Ctrl + S); => Error: No automatic fix found for this entry.
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AD21B14-538A-49E1-A126-D90B4D4217C2} => key not found.
C:\windows\System32\Tasks\ReimageUpdater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24671B09-7E8B-4B42-8FDE-BDA1D5A4E49F} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticSearchProtect-hourly => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B3C08D-1E00-4401-BCE0-1257A65D8BB1} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticUpdater-logon => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D124D781-F7E8-420E-9727-9A645595A7D3} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticSearchProtect-logon => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9A8611E-34AA-4944-BF62-ACFC4E887836} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DistromaticUpdater-periodic => key not found.
HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0 => key not found.
"C:\Program Files\Reimage" => not found.
"C:\ProgramData\SMRResults501.dat" => not found.
"C:\windows\Reimage.ini" => not found.
"C:\windows\system32\reimage.rep" => not found.


The system needed a reboot.

==== End of Fixlog 12:00:14 ====






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users