Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-ups and hi-jacked right-click in Chrome


  • This topic is locked This topic is locked
8 replies to this topic

#1 GVOLTT

GVOLTT

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:43 PM

Posted 24 June 2016 - 11:56 AM

So, yesterday I started noticing I was getting malware site pop-ups, similar to a couple of other topics I've seen here in trying to research my problem.  These pop-ups hijack the link I'm trying to click, and I refresh the page to try and click the link I want. Examples of pop-up sites I'm seeing: xb11776.com, land.pckeeper.software, securitycorner.co, etc.  Every basic tutorial to fix this seems to come up null in the end, as I'm still getting these pop-ups. In addition, my right-click seems to be hi-jacked. I right-click, wanting to do a basic action, and it works the first time. However, the drop-down menu doesn't appear on subsequent attempts without completely refreshing the page I'm trying to use it on.  This seems to be confined to Chrome right now; currently typing this up using Firefox, and no issues with it.

 

Here is my FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2016 01
Ran by nevetse (administrator) on 5CD41114W2 (24-06-2016 12:37:32)
Running from C:\Users\nevetse\Desktop
Loaded Profiles: nevetse &  (Available Profiles: User & nevetse)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Hammer & Chisel, Inc.) C:\Users\nevetse\AppData\Local\Discord\app-0.0.291\Discord.exe
(Evaer Technology) C:\Program Files (x86)\Evaer\videochannel.exe
(Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe
(Flux Software LLC) C:\Users\nevetse\AppData\Local\FluxSoftware\Flux\flux.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hammer & Chisel, Inc.) C:\Users\nevetse\AppData\Local\Discord\app-0.0.291\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\nevetse\AppData\Local\Discord\app-0.0.291\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-13] (IvoSoft)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-12] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2014-05-07] (BitTorrent, Inc.)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2016-02-27] ()
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [Discord] => C:\Users\nevetse\AppData\Local\Discord\app-0.0.291\Discord.exe [57929912 2016-06-09] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1740776 2014-10-24] (Evaer Technology)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [969104 2014-05-07] (BitTorrent, Inc.)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2016-02-27] ()
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Discord] => C:\Users\nevetse\AppData\Local\Discord\app-0.0.291\Discord.exe [57929912 2016-06-09] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [avichannel] => C:\Program Files (x86)\Evaer\videochannel.exe [1740776 2014-10-24] (Evaer Technology)
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GalaxyClient] => [X]
IFEO\taskmgr.exe: [Debugger] "C:\USERS\NEVETSE\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-13] (IvoSoft)
Startup: C:\Users\nevetse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2014-05-06]
ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\DeskPins.exe (Elias Fotinis)
Startup: C:\Users\nevetse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\flux.exe.lnk [2016-01-09]
ShortcutTarget: flux.exe.lnk -> C:\Users\nevetse\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update Notification from HP 5.1.lnk [2016-01-29]
ShortcutTarget: Update Notification from HP 5.1.lnk -> C:\SWSetup\hpupdate\Update Notification from HP 5.1.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{14F908CF-766A-424D-B6A7-3DE94B623367}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{14F908CF-766A-424D-B6A7-3DE94B623367}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3326879936-3081261951-3617693335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3326879936-3081261951-3617693335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3326879936-3081261951-3617693335-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-13] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-11-13] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-13] (IvoSoft)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-28] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-28] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-11-13] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-11-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-11-13] (IvoSoft)
IE Session Restore: HKU\S-1-5-21-3326879936-3081261951-3617693335-1002 -> is enabled.
IE Session Restore: HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-12-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-12] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-12] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-3326879936-3081261951-3617693335-1002: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\nevetse\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\nevetse\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Speed Dial - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2015-09-23]
FF Extension: DownThemAll! - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-04-23]
FF Extension: Greasemonkey - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-05-28]
FF Extension: AutocardAnywhere - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\autocardanywhere@autocardanywhere.com.xpi [2015-06-18] [not signed]
FF Extension: Duplicate in Tab Context Menu - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\DuplicateInTabContext@schuzak.jp.xpi [2016-03-13]
FF Extension: Firebug - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\firebug@software.joehewitt.com.xpi [2016-04-23]
FF Extension: BetterTTV - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\firefox@betterttv.net.xpi [2015-10-29]
FF Extension: Imgur Uploader - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\giorgio@gilestro.tk.xpi [2015-05-30]
FF Extension: Magic Actions for YouTube™ - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2015-08-11]
FF Extension: Hide Fedora - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\jid1-tg9TKUYM47PZpg@jetpack.xpi [2016-04-23]
FF Extension: Enhanced Steam - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\jid1-YdiFiTEkQgInxA@jetpack.xpi [2015-02-14] [not signed]
FF Extension: Stylish - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2016-02-07]
FF Extension: TabRenamizer - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}.xpi [2016-05-24]
FF Extension: Search by Image for Google - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2016-05-24]
FF Extension: Adblock Plus - C:\Users\nevetse\AppData\Roaming\Mozilla\Firefox\Profiles\s6pn7l91.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-24]
FF HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.com.
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-02]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-06-04]
CHR Extension: (Hide Fedora) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\acjgabfifnnmmlckmnijdbijgbfpedde [2016-03-27]
CHR Extension: (BetterTTV) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-06-04]
CHR Extension: (Google Docs) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-02]
CHR Extension: (Google Drive) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-02]
CHR Extension: (Turn Off the Lights) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-06-23]
CHR Extension: (Auto Copy) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg [2016-02-02]
CHR Extension: (YouTube) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-02]
CHR Extension: (GeoGebra Math Apps) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-24]
CHR Extension: (It's Video Games) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpljcfihdpogcmgmpboahejajkffhnfo [2016-02-02]
CHR Extension: (Adblock Plus) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-04]
CHR Extension: (uBlock Origin) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-04]
CHR Extension: (Google Search) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-02]
CHR Extension: (Search by Image (by Google)) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-06-23]
CHR Extension: (Crispy2d) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddmegomphpmmebihohplngknbgdonfff [2016-02-02]
CHR Extension: (Tampermonkey) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-05-21]
CHR Extension: (SJW Substitutions) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmhgmcaloamaopidmfkihmkhhiiopkg [2016-02-02]
CHR Extension: (GameWeasel) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhdohhdhpcobeiikcekeioeonmedanp [2016-02-02]
CHR Extension: (AutocardAnywhere (MTG Hearthstone Netrunner)) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\eobkhgkgoejnjaiofdmphhkemmomfabg [2016-06-23]
CHR Extension: (FrankerFaceZ) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2016-02-26]
CHR Extension: (Google Sheets) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-02]
CHR Extension: (The Trumpweb) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjkehfaokpmcbigmbgdhmjblecgfkedg [2016-02-02]
CHR Extension: (Stylish) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-04-07]
CHR Extension: (GIF Scrubber) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbdacbnhlfdlllckelpdkgeklfjfgcmp [2016-02-02]
CHR Extension: (Don't track me Google) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbofhhdmcladcmmfjolgndfkpobecpg [2016-02-02]
CHR Extension: (Autocopy Original) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\geacnbbfmgiinbomobipalmnahbkimim [2016-02-02]
CHR Extension: (Google Docs Offline) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-04]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2016-02-02]
CHR Extension: (TweetDeck by Twitter) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2016-02-02]
CHR Extension: (Backspace means backspace!) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcicfpjmgbfalapmkdhfgldcnbamicnh [2016-02-02]
CHR Extension: (Mobile2Desktop - Wikipedia) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgdfjjhaahfdggnecdecjekkimepkpaf [2016-02-02]
CHR Extension: (Imgur Uploader) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmpmjpekinnebjgnakcahjikbomnmlb [2016-05-24]
CHR Extension: (Enable right click) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2016-02-02]
CHR Extension: (Greenhouse) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifomhmgandipmpnelclcmbefppopfklc [2016-03-20]
CHR Extension: (Crisp) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmdfbfomnaihfojfjpkodkofmjnhbi [2016-02-02]
CHR Extension: (Change Colors) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmkekhehjedonbhoikhhkmlapalklgn [2016-02-02]
CHR Extension: (Comfytube) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfnmbmeocgpjecjangcpjmchhhckpaf [2016-02-02]
CHR Extension: (Subscription Bar Remover For Youtube) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpajpedkdbbffnpjopibeolebkjdiikp [2016-02-02]
CHR Extension: (Speed Dial 2) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-04]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-03-20]
CHR Extension: (The Great Suspender) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-06-23]
CHR Extension: (BugMeNot Lite) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackfehpdclhclidcbbfcemcpolgdgnb [2016-02-02]
CHR Extension: (Salty Game Music Player) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\leooadmebmmjogbfhdcbfldndllfkhpg [2016-02-02]
CHR Extension: (Stop Autoplay for YouTube.) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgdfnbpkmkkdhgidgcpdkgpdlfjcgnnh [2016-02-02]
CHR Extension: (Manipulate DOM) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\madbcmnfeclcpenjkfghcfmnehdapapl [2016-02-02]
CHR Extension: (Spam Blocker for Google™ search) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmnbhiajmalgdjlojjamonklladcijim [2016-02-02]
CHR Extension: (Merge Windows) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmpokgfcmbkfdeibafoafkiijdbfblfg [2016-02-02]
CHR Extension: (F.B. Purity For Facebook) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-06-23]
CHR Extension: (Twitch Disable Whispers) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndlfmohmmelckblblpcgiieeghgkmclc [2016-04-19]
CHR Extension: (Incrementor) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjmplmapceaaeidfokodmogaegcflld [2016-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2016-02-02]
CHR Extension: (Reload Image) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpihcnkaimkkpjjbhalldknjcgkahjh [2016-02-02]
CHR Extension: (Last Tab Keeper) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogookjjcaobcijoblfjoneggmhdlppkc [2016-02-02]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2016-02-02]
CHR Extension: (Enhanced Steam) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2016-06-09]
CHR Extension: (Oddshot) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2016-06-23]
CHR Extension: (Gmail) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [245312 2016-06-08] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-08] (GOG.com)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
R2 UnsignedThemes; C:\Windows\unsignedthemes.exe [13824 2013-09-23] (The Within Network, LLC) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)
R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-09] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-09] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-24] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-20] (Intel Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4733184 2015-10-14] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)
R2 uxstyle; C:\Windows\system32\Drivers\uxstyle.sys [31440 2013-09-23] (The Within Network, LLC)
R1 VBoxDrv; C:\Windows\system32\DRIVERS\VBoxDrv.sys [68288 2008-05-31] ()
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [53280 2008-05-31] (Sun Microsystems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-13] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-24 12:37 - 2016-06-24 12:38 - 00035029 _____ C:\Users\nevetse\Desktop\FRST.txt
2016-06-24 12:36 - 2016-06-24 12:37 - 00000000 ____D C:\FRST
2016-06-24 12:35 - 2016-06-24 12:35 - 02387456 _____ (Farbar) C:\Users\nevetse\Desktop\FRST64.exe
2016-06-24 11:13 - 2016-06-24 11:13 - 00000070 _____ C:\Windows\RAVTC.TMP
2016-06-23 23:31 - 2016-06-23 23:31 - 00000000 ____D C:\Users\nevetse\Downloads\backups
2016-06-23 23:27 - 2016-06-23 23:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\nevetse\Downloads\HijackThis.exe
2016-06-23 23:23 - 2016-06-24 11:12 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Panda Security
2016-06-23 23:22 - 2016-06-24 11:13 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-06-23 23:20 - 2016-06-24 11:13 - 00000000 ____D C:\ProgramData\Panda Security
2016-06-23 23:19 - 2016-06-23 23:19 - 02252720 _____ (Panda Security, S.L.) C:\Users\nevetse\Downloads\PANDAFREEAV.exe
2016-06-23 22:52 - 2016-06-23 22:58 - 00006936 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_22.52.40_log.txt
2016-06-23 22:45 - 2016-06-23 22:49 - 00231446 _____ C:\TDSSKiller.3.1.0.9_23.06.2016_22.45.11_log.txt
2016-06-23 22:45 - 2016-06-23 22:45 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\nevetse\Downloads\tdsskiller.exe
2016-06-23 22:42 - 2016-06-23 22:43 - 00000000 ____D C:\Users\nevetse\AppData\Local\CrashDumps
2016-06-23 22:40 - 2016-06-23 22:40 - 00174569 _____ C:\ProgramData\1466735875.bdinstall.bin
2016-06-23 22:40 - 2016-06-23 22:40 - 00002199 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk
2016-06-23 22:40 - 2016-06-23 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2016-06-23 22:39 - 2016-06-23 22:40 - 00000000 ____D C:\Program Files\Bitdefender
2016-06-23 22:39 - 2016-06-23 22:39 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-06-23 22:39 - 2013-04-17 13:59 - 00718840 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2016-06-23 22:39 - 2013-04-17 13:59 - 00593144 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2016-06-23 22:39 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2016-06-23 22:38 - 2013-05-28 11:12 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2016-06-23 22:38 - 2013-04-22 12:21 - 00148696 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2016-06-23 22:37 - 2016-06-23 22:37 - 10606640 _____ C:\Users\nevetse\Downloads\Antivirus_Free_Edition_x64.exe
2016-06-23 22:37 - 2016-06-23 22:37 - 00196944 _____ C:\Users\nevetse\Downloads\Antivirus_Free_Edition.exe
2016-06-23 22:37 - 2016-06-23 22:37 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\QuickScan
2016-06-23 22:34 - 2016-06-23 22:34 - 03411640 _____ (Symantec Corporation) C:\Users\nevetse\Downloads\NPE.exe
2016-06-23 22:34 - 2016-06-23 22:34 - 00000000 ____D C:\Users\nevetse\AppData\Local\NPE
2016-06-23 22:34 - 2016-06-23 22:34 - 00000000 ____D C:\ProgramData\Norton
2016-06-23 22:13 - 2016-06-23 22:13 - 00000000 ____D C:\Users\nevetse\AppData\Local\CrashRpt
2016-06-23 21:19 - 2016-06-24 02:09 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-23 16:08 - 2016-06-23 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2016-06-23 16:07 - 2016-06-23 16:07 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-06-23 15:26 - 2016-06-23 15:26 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\3909
2016-06-23 14:59 - 2016-06-24 02:09 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-23 14:57 - 2016-06-23 14:57 - 00002972 _____ C:\Users\nevetse\Desktop\JRT.txt
2016-06-23 13:20 - 2016-06-24 02:09 - 00000000 ____D C:\AdwCleaner
2016-06-23 13:18 - 2016-06-23 13:18 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-23 13:16 - 2016-06-24 02:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-23 13:16 - 2016-06-24 02:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-23 13:15 - 2016-06-24 02:09 - 00000000 ____D C:\Users\nevetse\Documents\backups
2016-06-23 00:21 - 2016-06-23 00:22 - 00000000 ____D C:\Users\nevetse\AppData\LocalLow\uTorrent
2016-06-17 16:49 - 2016-06-17 16:49 - 00000000 ____D C:\ProgramData\NbfcService
2016-06-16 10:07 - 2016-06-16 10:07 - 00110959 _____ C:\Users\nevetse\Documents\4-16-commitment-sheet_040416-update.xlsx
2016-06-16 10:07 - 2016-06-16 10:07 - 00090964 _____ C:\Users\nevetse\Documents\7-1-15-commitment-sheet.xlsx
2016-06-16 10:07 - 2016-06-16 10:07 - 00017916 _____ C:\Users\nevetse\Documents\2-19-16-friends-of-hrc-list_hfa16-giving-history.xlsx
2016-06-10 02:26 - 2016-06-10 02:27 - 28231889 _____ C:\Users\nevetse\Documents\st-v098d_windows.zip
2016-06-09 03:09 - 2015-06-04 09:28 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:28 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-06-09 03:09 - 2015-06-04 09:26 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-06-09 02:53 - 2016-06-09 02:53 - 00001038 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2016-06-09 02:53 - 2016-06-09 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-06-09 02:53 - 2016-06-09 02:53 - 00000000 ____D C:\ProgramData\GOG.com
2016-06-09 00:52 - 2014-02-22 11:44 - 00311640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-06-09 00:52 - 2014-02-22 08:15 - 04192768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-09 00:52 - 2014-02-22 08:08 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2016-06-09 00:52 - 2014-02-22 07:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2016-06-09 00:52 - 2014-02-07 21:08 - 00139600 _____ C:\Windows\system32\systemsf.ebd
2016-06-09 00:51 - 2014-02-22 12:59 - 01290688 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-06-09 00:51 - 2014-02-22 12:59 - 00526304 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-06-09 00:51 - 2014-02-22 12:59 - 00461176 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2016-06-09 00:51 - 2014-02-22 12:59 - 00407536 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-06-09 00:51 - 2014-02-22 12:15 - 01929608 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-09 00:51 - 2014-02-22 11:55 - 01435304 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-06-09 00:51 - 2014-02-22 11:53 - 03394384 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-06-09 00:51 - 2014-02-22 11:50 - 02588168 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2016-06-09 00:51 - 2014-02-22 11:48 - 02574240 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-06-09 00:51 - 2014-02-22 11:46 - 01927600 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-06-09 00:51 - 2014-02-22 11:46 - 01445616 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2016-06-09 00:51 - 2014-02-22 11:46 - 01000424 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-06-09 00:51 - 2014-02-22 11:44 - 00539992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-06-09 00:51 - 2014-02-22 11:43 - 01727760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-09 00:51 - 2014-02-22 11:43 - 01659056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-09 00:51 - 2014-02-22 11:43 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-06-09 00:51 - 2014-02-22 11:43 - 01487520 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-06-09 00:51 - 2014-02-22 11:43 - 01356360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-06-09 00:51 - 2014-02-22 11:41 - 02142976 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-06-09 00:51 - 2014-02-22 11:41 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-06-09 00:51 - 2014-02-22 11:41 - 01215832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-06-09 00:51 - 2014-02-22 11:41 - 00881616 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-06-09 00:51 - 2014-02-22 11:41 - 00800552 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-06-09 00:51 - 2014-02-22 11:41 - 00609456 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-06-09 00:51 - 2014-02-22 11:40 - 01118552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-06-09 00:51 - 2014-02-22 10:42 - 01017936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-06-09 00:51 - 2014-02-22 10:42 - 00410568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2016-06-09 00:51 - 2014-02-22 10:42 - 00369288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2016-06-09 00:51 - 2014-02-22 10:38 - 01374384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-06-09 00:51 - 2014-02-22 10:38 - 01077944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2016-06-09 00:51 - 2014-02-22 10:25 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-06-09 00:51 - 2014-02-22 10:08 - 01474104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-09 00:51 - 2014-02-22 10:04 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-06-09 00:51 - 2014-02-22 10:04 - 01206000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-06-09 00:51 - 2014-02-22 10:04 - 01011280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-06-09 00:51 - 2014-02-22 10:04 - 00707048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-06-09 00:51 - 2014-02-22 08:24 - 02825216 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-09 00:51 - 2014-02-22 07:44 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-09 00:51 - 2014-02-22 07:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2016-06-09 00:51 - 2014-02-22 07:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-06-09 00:51 - 2014-02-22 07:00 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-09 00:51 - 2014-02-22 06:44 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-09 00:51 - 2014-02-22 06:40 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2016-06-09 00:51 - 2014-02-22 06:38 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\DfpCommon.dll
2016-06-09 00:51 - 2014-02-22 06:36 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-09 00:51 - 2014-02-22 06:34 - 11742720 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-09 00:51 - 2014-02-22 06:18 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-06-09 00:51 - 2014-02-22 06:08 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2016-06-09 00:51 - 2014-02-22 06:06 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-06-09 00:51 - 2014-02-22 06:02 - 08946688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-09 00:51 - 2014-02-22 06:01 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2016-06-09 00:51 - 2014-02-22 05:53 - 00825344 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-06-09 00:51 - 2014-02-22 05:52 - 01132032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-06-09 00:51 - 2014-02-22 05:47 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-06-09 00:51 - 2014-02-22 05:39 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-09 00:51 - 2014-02-22 05:38 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-06-09 00:51 - 2014-02-22 05:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
2016-06-09 00:51 - 2014-02-22 05:33 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-09 00:51 - 2014-02-22 05:28 - 02643456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-06-09 00:51 - 2014-02-22 05:26 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-06-09 00:51 - 2014-02-22 05:23 - 03494912 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-06-09 00:51 - 2014-02-22 05:23 - 02843136 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-06-09 00:51 - 2014-02-22 05:23 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-06-09 00:51 - 2014-02-22 05:23 - 00628224 _____ (Microsoft Corporation) C:\Windows\system32\msTextPrediction.dll
2016-06-09 00:51 - 2014-02-22 05:21 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-06-09 00:51 - 2014-02-22 05:16 - 11776000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-06-09 00:51 - 2014-02-22 05:14 - 00584704 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-09 00:51 - 2014-02-22 05:13 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2016-06-09 00:51 - 2014-02-22 05:11 - 02262016 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-09 00:51 - 2014-02-22 05:11 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-06-09 00:51 - 2014-02-22 05:07 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2016-06-09 00:51 - 2014-02-22 05:04 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-06-09 00:51 - 2014-02-22 05:01 - 13933568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-06-09 00:51 - 2014-02-22 05:00 - 01341440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2016-06-09 00:51 - 2014-02-22 04:59 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2016-06-09 00:51 - 2014-02-22 04:59 - 00791552 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-06-09 00:51 - 2014-02-22 04:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-06-09 00:51 - 2014-02-22 04:54 - 00647168 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-06-09 00:51 - 2014-02-22 04:53 - 12027904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-09 00:51 - 2014-02-22 04:49 - 08874496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-09 00:51 - 2014-02-22 04:49 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-09 00:51 - 2014-02-22 04:47 - 00517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-06-09 00:51 - 2014-02-22 04:44 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-06-09 00:51 - 2014-02-22 04:42 - 03408384 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-09 00:51 - 2014-02-22 04:40 - 02368512 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-06-09 00:51 - 2014-02-22 04:37 - 01716736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-06-09 00:51 - 2014-02-22 04:34 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-06-09 00:51 - 2014-02-22 04:32 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-09 00:51 - 2014-02-22 04:22 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-06-09 00:51 - 2014-02-22 04:06 - 01640960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-09 00:51 - 2014-02-22 04:04 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-06-09 00:51 - 2014-02-22 04:03 - 01496576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-09 00:51 - 2014-02-22 04:01 - 00978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-06-09 00:51 - 2014-02-22 04:01 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-09 00:50 - 2014-02-22 12:59 - 01519520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-06-09 00:50 - 2014-02-22 12:59 - 00289752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-06-09 00:50 - 2014-02-22 12:59 - 00209160 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2016-06-09 00:50 - 2014-02-22 12:59 - 00139464 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-06-09 00:50 - 2014-02-22 12:59 - 00123448 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-06-09 00:50 - 2014-02-22 12:58 - 00036200 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2016-06-09 00:50 - 2014-02-22 12:15 - 01206000 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2016-06-09 00:50 - 2014-02-22 12:15 - 00531128 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-06-09 00:50 - 2014-02-22 12:15 - 00275312 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2016-06-09 00:50 - 2014-02-22 12:15 - 00188464 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2016-06-09 00:50 - 2014-02-22 12:15 - 00071888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-06-09 00:50 - 2014-02-22 12:02 - 00170952 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-06-09 00:50 - 2014-02-22 12:02 - 00083120 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-06-09 00:50 - 2014-02-22 12:02 - 00080048 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2016-06-09 00:50 - 2014-02-22 12:00 - 00590168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-06-09 00:50 - 2014-02-22 12:00 - 00249688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2016-06-09 00:50 - 2014-02-22 12:00 - 00236888 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-06-09 00:50 - 2014-02-22 12:00 - 00151384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-06-09 00:50 - 2014-02-22 12:00 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2016-06-09 00:50 - 2014-02-22 11:59 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2016-06-09 00:50 - 2014-02-22 11:59 - 00027480 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2016-06-09 00:50 - 2014-02-22 11:55 - 00388408 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-09 00:50 - 2014-02-22 11:55 - 00244848 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-06-09 00:50 - 2014-02-22 11:55 - 00162176 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-06-09 00:50 - 2014-02-22 11:55 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-06-09 00:50 - 2014-02-22 11:55 - 00131168 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2016-06-09 00:50 - 2014-02-22 11:55 - 00105864 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-09 00:50 - 2014-02-22 11:53 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-09 00:50 - 2014-02-22 11:50 - 00761792 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2016-06-09 00:50 - 2014-02-22 11:50 - 00645104 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-06-09 00:50 - 2014-02-22 11:50 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2016-06-09 00:50 - 2014-02-22 11:50 - 00258784 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-06-09 00:50 - 2014-02-22 11:50 - 00101216 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-06-09 00:50 - 2014-02-22 11:50 - 00054816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wpcfltr.sys
2016-06-09 00:50 - 2014-02-22 11:50 - 00043408 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2016-06-09 00:50 - 2014-02-22 11:50 - 00032544 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-06-09 00:50 - 2014-02-22 11:49 - 00384856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-06-09 00:50 - 2014-02-22 11:49 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-06-09 00:50 - 2014-02-22 11:49 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-06-09 00:50 - 2014-02-22 11:49 - 00280920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-09 00:50 - 2014-02-22 11:49 - 00189784 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2016-06-09 00:50 - 2014-02-22 11:49 - 00148824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-06-09 00:50 - 2014-02-22 11:49 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2016-06-09 00:50 - 2014-02-22 11:49 - 00079192 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdstor.sys
2016-06-09 00:50 - 2014-02-22 11:48 - 01791752 ____C (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-06-09 00:50 - 2014-02-22 11:48 - 00210736 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2016-06-09 00:50 - 2014-02-22 11:46 - 00669896 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-09 00:50 - 2014-02-22 11:44 - 00924504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-06-09 00:50 - 2014-02-22 11:44 - 00424280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-09 00:50 - 2014-02-22 11:44 - 00360792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2016-06-09 00:50 - 2014-02-22 11:43 - 00142576 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-06-09 00:50 - 2014-02-22 11:43 - 00094560 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2016-06-09 00:50 - 2014-02-22 11:41 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-06-09 00:50 - 2014-02-22 11:41 - 00391008 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2016-06-09 00:50 - 2014-02-22 11:41 - 00372360 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-06-09 00:50 - 2014-02-22 11:41 - 00324896 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-06-09 00:50 - 2014-02-22 11:41 - 00028416 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-06-09 00:50 - 2014-02-22 10:52 - 01767440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-09 00:50 - 2014-02-22 10:52 - 00251504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powrprof.dll
2016-06-09 00:50 - 2014-02-22 10:51 - 01063976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2016-06-09 00:50 - 2014-02-22 10:51 - 00140456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-06-09 00:50 - 2014-02-22 10:42 - 00422968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-06-09 00:50 - 2014-02-22 10:42 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-06-09 00:50 - 2014-02-22 10:42 - 00137344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-06-09 00:50 - 2014-02-22 10:42 - 00098072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-06-09 00:50 - 2014-02-22 10:41 - 00033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2016-06-09 00:50 - 2014-02-22 10:38 - 00506120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-06-09 00:50 - 2014-02-22 10:38 - 00336232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-09 00:50 - 2014-02-22 10:38 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-09 00:50 - 2014-02-22 10:25 - 00180240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2016-06-09 00:50 - 2014-02-22 10:18 - 00477744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-06-09 00:50 - 2014-02-22 10:18 - 00419928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2016-06-09 00:50 - 2014-02-22 10:18 - 00089848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-06-09 00:50 - 2014-02-22 10:18 - 00041320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2016-06-09 00:50 - 2014-02-22 10:18 - 00029912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-06-09 00:50 - 2014-02-22 10:11 - 00490136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-09 00:50 - 2014-02-22 10:08 - 00079496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2016-06-09 00:50 - 2014-02-22 10:04 - 00650736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-06-09 00:50 - 2014-02-22 10:04 - 00518552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-06-09 00:50 - 2014-02-22 10:04 - 00317584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-06-09 00:50 - 2014-02-22 10:04 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2016-06-09 00:50 - 2014-02-22 10:04 - 00285144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-06-09 00:50 - 2014-02-22 08:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2016-06-09 00:50 - 2014-02-22 08:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-06-09 00:50 - 2014-02-22 08:20 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-power-events.dll
2016-06-09 00:50 - 2014-02-22 08:17 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2016-06-09 00:50 - 2014-02-22 08:17 - 00890880 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2016-06-09 00:50 - 2014-02-22 08:17 - 00874496 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2016-06-09 00:50 - 2014-02-22 08:17 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2016-06-09 00:50 - 2014-02-22 08:17 - 00008192 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2016-06-09 00:50 - 2014-02-22 08:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
2016-06-09 00:50 - 2014-02-22 08:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2016-06-09 00:50 - 2014-02-22 08:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2016-06-09 00:50 - 2014-02-22 08:14 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2016-06-09 00:50 - 2014-02-22 08:14 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2016-06-09 00:50 - 2014-02-22 08:14 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2016-06-09 00:50 - 2014-02-22 08:14 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2016-06-09 00:50 - 2014-02-22 08:11 - 00272896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-06-09 00:50 - 2014-02-22 08:09 - 00663040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-06-09 00:50 - 2014-02-22 08:08 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2016-06-09 00:50 - 2014-02-22 08:08 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2016-06-09 00:50 - 2014-02-22 08:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-06-09 00:50 - 2014-02-22 08:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-06-09 00:50 - 2014-02-22 08:08 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-06-09 00:50 - 2014-02-22 08:07 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-06-09 00:50 - 2014-02-22 08:07 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-06-09 00:50 - 2014-02-22 08:07 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\WofUtil.dll
2016-06-09 00:50 - 2014-02-22 08:07 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\clrhost.dll
2016-06-09 00:50 - 2014-02-22 08:06 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-09 00:50 - 2014-02-22 08:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-06-09 00:50 - 2014-02-22 08:03 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-06-09 00:50 - 2014-02-22 08:03 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2016-06-09 00:50 - 2014-02-22 08:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-06-09 00:50 - 2014-02-22 08:01 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\spcompat.dll
2016-06-09 00:50 - 2014-02-22 08:00 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-06-09 00:50 - 2014-02-22 08:00 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2016-06-09 00:50 - 2014-02-22 08:00 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2016-06-09 00:50 - 2014-02-22 07:59 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2016-06-09 00:50 - 2014-02-22 07:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2016-06-09 00:50 - 2014-02-22 07:57 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2016-06-09 00:50 - 2014-02-22 07:54 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2016-06-09 00:50 - 2014-02-22 07:50 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-06-09 00:50 - 2014-02-22 07:50 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2016-06-09 00:50 - 2014-02-22 07:48 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2016-06-09 00:50 - 2014-02-22 07:47 - 00589312 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2016-06-09 00:50 - 2014-02-22 07:47 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2016-06-09 00:50 - 2014-02-22 07:47 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2016-06-09 00:50 - 2014-02-22 07:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-09 00:50 - 2014-02-22 07:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-06-09 00:50 - 2014-02-22 07:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2016-06-09 00:50 - 2014-02-22 07:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\fhevents.dll
2016-06-09 00:50 - 2014-02-22 07:42 - 00038680 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2016-06-09 00:50 - 2014-02-22 07:41 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2016-06-09 00:50 - 2014-02-22 07:39 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\fhsvcctl.dll
2016-06-09 00:50 - 2014-02-22 07:37 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2016-06-09 00:50 - 2014-02-22 07:34 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\dmdskmgr.dll
2016-06-09 00:50 - 2014-02-22 07:32 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2016-06-09 00:50 - 2014-02-22 07:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-09 00:50 - 2014-02-22 07:29 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2016-06-09 00:50 - 2014-02-22 07:28 - 02428928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-09 00:50 - 2014-02-22 07:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll
2016-06-09 00:50 - 2014-02-22 07:25 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2016-06-09 00:50 - 2014-02-22 07:25 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2016-06-09 00:50 - 2014-02-22 07:25 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2016-06-09 00:50 - 2014-02-22 07:25 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\f3ahvoas.dll
2016-06-09 00:50 - 2014-02-22 07:25 - 00008192 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-1.dll
2016-06-09 00:50 - 2014-02-22 07:25 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-ntuser-private-l1-1-0.dll
2016-06-09 00:50 - 2014-02-22 07:24 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2016-06-09 00:50 - 2014-02-22 07:24 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2016-06-09 00:50 - 2014-02-22 07:24 - 00780288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2016-06-09 00:50 - 2014-02-22 07:24 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SSShim.dll
2016-06-09 00:50 - 2014-02-22 07:24 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-session-winsta-l1-1-0.dll
2016-06-09 00:50 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-networking-wcmapi-l1-1-0.dll
2016-06-09 00:50 - 2014-02-22 07:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\ext-ms-win-kernel32-package-l1-1-1.dll
2016-06-09 00:50 - 2014-02-22 07:22 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-06-09 00:50 - 2014-02-22 07:22 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-06-09 00:50 - 2014-02-22 07:17 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-09 00:50 - 2014-02-22 07:17 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll
2016-06-09 00:50 - 2014-02-22 07:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2016-06-09 00:50 - 2014-02-22 07:16 - 00617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-06-09 00:50 - 2014-02-22 07:16 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-09 00:50 - 2014-02-22 07:16 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-06-09 00:50 - 2014-02-22 07:16 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-06-09 00:50 - 2014-02-22 07:16 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-06-09 00:50 - 2014-02-22 07:16 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clrhost.dll
2016-06-09 00:50 - 2014-02-22 07:15 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2016-06-09 00:50 - 2014-02-22 07:14 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\cleanmgr.exe
2016-06-09 00:50 - 2014-02-22 07:13 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-06-09 00:50 - 2014-02-22 07:11 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2016-06-09 00:50 - 2014-02-22 07:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-06-09 00:50 - 2014-02-22 07:09 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2016-06-09 00:50 - 2014-02-22 07:08 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-06-09 00:50 - 2014-02-22 07:08 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2016-06-09 00:50 - 2014-02-22 07:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-06-09 00:50 - 2014-02-22 07:07 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2016-06-09 00:50 - 2014-02-22 07:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2016-06-09 00:50 - 2014-02-22 07:06 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2016-06-09 00:50 - 2014-02-22 07:05 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\RASMM.dll
2016-06-09 00:50 - 2014-02-22 07:05 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2016-06-09 00:50 - 2014-02-22 07:05 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2016-06-09 00:50 - 2014-02-22 07:05 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentHost.dll
2016-06-09 00:50 - 2014-02-22 07:04 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2016-06-09 00:50 - 2014-02-22 07:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-06-09 00:50 - 2014-02-22 07:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContent.dll
2016-06-09 00:50 - 2014-02-22 07:02 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2016-06-09 00:50 - 2014-02-22 07:01 - 00112640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2016-06-09 00:50 - 2014-02-22 07:00 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-09 00:50 - 2014-02-22 06:59 - 01283584 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2016-06-09 00:50 - 2014-02-22 06:59 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-06-09 00:50 - 2014-02-22 06:59 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2016-06-09 00:50 - 2014-02-22 06:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-09 00:50 - 2014-02-22 06:58 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-06-09 00:50 - 2014-02-22 06:58 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-09 00:50 - 2014-02-22 06:58 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\DAConn.dll
2016-06-09 00:50 - 2014-02-22 06:57 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2016-06-09 00:50 - 2014-02-22 06:57 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-06-09 00:50 - 2014-02-22 06:56 - 02862592 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2016-06-09 00:50 - 2014-02-22 06:56 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-06-09 00:50 - 2014-02-22 06:56 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2016-06-09 00:50 - 2014-02-22 06:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2016-06-09 00:50 - 2014-02-22 06:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2016-06-09 00:50 - 2014-02-22 06:55 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2016-06-09 00:50 - 2014-02-22 06:54 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-09 00:50 - 2014-02-22 06:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2016-06-09 00:50 - 2014-02-22 06:52 - 02288640 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-06-09 00:50 - 2014-02-22 06:52 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-09 00:50 - 2014-02-22 06:51 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2016-06-09 00:50 - 2014-02-22 06:50 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2016-06-09 00:50 - 2014-02-22 06:47 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmdskmgr.dll
2016-06-09 00:50 - 2014-02-22 06:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2016-06-09 00:50 - 2014-02-22 06:47 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2016-06-09 00:50 - 2014-02-22 06:47 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-09 00:50 - 2014-02-22 06:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\dfp.exe
2016-06-09 00:50 - 2014-02-22 06:46 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2016-06-09 00:50 - 2014-02-22 06:41 - 02566656 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-06-09 00:50 - 2014-02-22 06:41 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-06-09 00:50 - 2014-02-22 06:41 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-06-09 00:50 - 2014-02-22 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2016-06-09 00:50 - 2014-02-22 06:40 - 00304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2016-06-09 00:50 - 2014-02-22 06:39 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-06-09 00:50 - 2014-02-22 06:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2016-06-09 00:50 - 2014-02-22 06:37 - 00912384 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2016-06-09 00:50 - 2014-02-22 06:36 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-06-09 00:50 - 2014-02-22 06:36 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-09 00:50 - 2014-02-22 06:36 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-09 00:50 - 2014-02-22 06:35 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-06-09 00:50 - 2014-02-22 06:35 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2016-06-09 00:50 - 2014-02-22 06:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2016-06-09 00:50 - 2014-02-22 06:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-09 00:50 - 2014-02-22 06:33 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-06-09 00:50 - 2014-02-22 06:32 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-06-09 00:50 - 2014-02-22 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-09 00:50 - 2014-02-22 06:30 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cleanmgr.exe
2016-06-09 00:50 - 2014-02-22 06:29 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-06-09 00:50 - 2014-02-22 06:28 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-09 00:50 - 2014-02-22 06:27 - 00397824 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-06-09 00:50 - 2014-02-22 06:27 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-09 00:50 - 2014-02-22 06:25 - 01428480 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2016-06-09 00:50 - 2014-02-22 06:25 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2016-06-09 00:50 - 2014-02-22 06:22 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-06-09 00:50 - 2014-02-22 06:21 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2016-06-09 00:50 - 2014-02-22 06:21 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-06-09 00:50 - 2014-02-22 06:21 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2016-06-09 00:50 - 2014-02-22 06:20 - 01152512 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2016-06-09 00:50 - 2014-02-22 06:18 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-06-09 00:50 - 2014-02-22 06:18 - 00722432 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-06-09 00:50 - 2014-02-22 06:17 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2016-06-09 00:50 - 2014-02-22 06:17 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-09 00:50 - 2014-02-22 06:17 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-06-09 00:50 - 2014-02-22 06:16 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-06-09 00:50 - 2014-02-22 06:16 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2016-06-09 00:50 - 2014-02-22 06:16 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2016-06-09 00:50 - 2014-02-22 06:15 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-06-09 00:50 - 2014-02-22 06:14 - 02811392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2016-06-09 00:50 - 2014-02-22 06:14 - 02165760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2016-06-09 00:50 - 2014-02-22 06:14 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-06-09 00:50 - 2014-02-22 06:13 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2016-06-09 00:50 - 2014-02-22 06:13 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2016-06-09 00:50 - 2014-02-22 06:13 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-09 00:50 - 2014-02-22 06:12 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\PurchaseWindowsLicense.dll
2016-06-09 00:50 - 2014-02-22 06:12 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2016-06-09 00:50 - 2014-02-22 06:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-06-09 00:50 - 2014-02-22 06:09 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2016-06-09 00:50 - 2014-02-22 06:09 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-09 00:50 - 2014-02-22 06:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2016-06-09 00:50 - 2014-02-22 06:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-09 00:50 - 2014-02-22 06:05 - 01757184 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-06-09 00:50 - 2014-02-22 06:04 - 00935424 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2016-06-09 00:50 - 2014-02-22 06:04 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll
2016-06-09 00:50 - 2014-02-22 06:04 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2016-06-09 00:50 - 2014-02-22 06:03 - 02544128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-06-09 00:50 - 2014-02-22 06:03 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-06-09 00:50 - 2014-02-22 06:02 - 00258560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-06-09 00:50 - 2014-02-22 06:01 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-06-09 00:50 - 2014-02-22 06:01 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2016-06-09 00:50 - 2014-02-22 06:01 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-06-09 00:50 - 2014-02-22 06:00 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-09 00:50 - 2014-02-22 06:00 - 00217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-06-09 00:50 - 2014-02-22 05:59 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-09 00:50 - 2014-02-22 05:59 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-06-09 00:50 - 2014-02-22 05:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-09 00:50 - 2014-02-22 05:57 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-06-09 00:50 - 2014-02-22 05:56 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-06-09 00:50 - 2014-02-22 05:55 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-09 00:50 - 2014-02-22 05:54 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-06-09 00:50 - 2014-02-22 05:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2016-06-09 00:50 - 2014-02-22 05:54 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-09 00:50 - 2014-02-22 05:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\deviceassociation.dll
2016-06-09 00:50 - 2014-02-22 05:53 - 00545280 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2016-06-09 00:50 - 2014-02-22 05:53 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-09 00:50 - 2014-02-22 05:52 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2016-06-09 00:50 - 2014-02-22 05:51 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2016-06-09 00:50 - 2014-02-22 05:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\winbrand.dll
2016-06-09 00:50 - 2014-02-22 05:49 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2016-06-09 00:50 - 2014-02-22 05:48 - 01136128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2016-06-09 00:50 - 2014-02-22 05:48 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-09 00:50 - 2014-02-22 05:48 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2016-06-09 00:50 - 2014-02-22 05:48 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-06-09 00:50 - 2014-02-22 05:46 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-06-09 00:50 - 2014-02-22 05:46 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2016-06-09 00:50 - 2014-02-22 05:45 - 00562176 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-09 00:50 - 2014-02-22 05:45 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2016-06-09 00:50 - 2014-02-22 05:45 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2016-06-09 00:50 - 2014-02-22 05:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-06-09 00:50 - 2014-02-22 05:45 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-06-09 00:50 - 2014-02-22 05:44 - 00675328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-06-09 00:50 - 2014-02-22 05:44 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-06-09 00:50 - 2014-02-22 05:44 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2016-06-09 00:50 - 2014-02-22 05:43 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2016-06-09 00:50 - 2014-02-22 05:43 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2016-06-09 00:50 - 2014-02-22 05:41 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2016-06-09 00:50 - 2014-02-22 05:40 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-06-09 00:50 - 2014-02-22 05:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-09 00:50 - 2014-02-22 05:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dasHost.exe
2016-06-09 00:50 - 2014-02-22 05:37 - 02220032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-06-09 00:50 - 2014-02-22 05:37 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2016-06-09 00:50 - 2014-02-22 05:36 - 01392640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-06-09 00:50 - 2014-02-22 05:36 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2016-06-09 00:50 - 2014-02-22 05:36 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll
2016-06-09 00:50 - 2014-02-22 05:36 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2016-06-09 00:50 - 2014-02-22 05:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-06-09 00:50 - 2014-02-22 05:34 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2016-06-09 00:50 - 2014-02-22 05:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2016-06-09 00:50 - 2014-02-22 05:33 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-09 00:50 - 2014-02-22 05:33 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2016-06-09 00:50 - 2014-02-22 05:32 - 01162752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-06-09 00:50 - 2014-02-22 05:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-09 00:50 - 2014-02-22 05:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-06-09 00:50 - 2014-02-22 05:29 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2016-06-09 00:50 - 2014-02-22 05:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-06-09 00:50 - 2014-02-22 05:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2016-06-09 00:50 - 2014-02-22 05:28 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceassociation.dll
2016-06-09 00:50 - 2014-02-22 05:27 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2016-06-09 00:50 - 2014-02-22 05:27 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-06-09 00:50 - 2014-02-22 05:26 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-06-09 00:50 - 2014-02-22 05:26 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-06-09 00:50 - 2014-02-22 05:26 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2016-06-09 00:50 - 2014-02-22 05:25 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-06-09 00:50 - 2014-02-22 05:25 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2016-06-09 00:50 - 2014-02-22 05:25 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\das.dll
2016-06-09 00:50 - 2014-02-22 05:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-09 00:50 - 2014-02-22 05:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-06-09 00:50 - 2014-02-22 05:25 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2016-06-09 00:50 - 2014-02-22 05:25 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbrand.dll
2016-06-09 00:50 - 2014-02-22 05:24 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2016-06-09 00:50 - 2014-02-22 05:23 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-09 00:50 - 2014-02-22 05:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-06-09 00:50 - 2014-02-22 05:23 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2016-06-09 00:50 - 2014-02-22 05:22 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2016-06-09 00:50 - 2014-02-22 05:22 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2016-06-09 00:50 - 2014-02-22 05:19 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\korwbrkr.dll
2016-06-09 00:50 - 2014-02-22 05:19 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-06-09 00:50 - 2014-02-22 05:19 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Sockets.PushEnabledApplication.dll
2016-06-09 00:50 - 2014-02-22 05:18 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2016-06-09 00:50 - 2014-02-22 05:16 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxshared.dll
2016-06-09 00:50 - 2014-02-22 05:15 - 00211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2016-06-09 00:50 - 2014-02-22 05:14 - 00752640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-06-09 00:50 - 2014-02-22 05:12 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2016-06-09 00:50 - 2014-02-22 05:11 - 02395136 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-06-09 00:50 - 2014-02-22 05:10 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2016-06-09 00:50 - 2014-02-22 05:10 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-06-09 00:50 - 2014-02-22 05:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-06-09 00:50 - 2014-02-22 05:09 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2016-06-09 00:50 - 2014-02-22 05:08 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-06-09 00:50 - 2014-02-22 05:07 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2016-06-09 00:50 - 2014-02-22 05:07 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2016-06-09 00:50 - 2014-02-22 05:06 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-06-09 00:50 - 2014-02-22 05:06 - 00251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2016-06-09 00:50 - 2014-02-22 05:04 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-06-09 00:50 - 2014-02-22 05:04 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\slpts.dll
2016-06-09 00:50 - 2014-02-22 05:02 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2016-06-09 00:50 - 2014-02-22 05:02 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2016-06-09 00:50 - 2014-02-22 05:02 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-06-09 00:50 - 2014-02-22 05:00 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-09 00:50 - 2014-02-22 04:59 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-06-09 00:50 - 2014-02-22 04:59 - 01403392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-06-09 00:50 - 2014-02-22 04:58 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2016-06-09 00:50 - 2014-02-22 04:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2016-06-09 00:50 - 2014-02-22 04:57 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-06-09 00:50 - 2014-02-22 04:55 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\ConfigureExpandedStorage.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\energytask.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slpts.dll
2016-06-09 00:50 - 2014-02-22 04:55 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2016-06-09 00:50 - 2014-02-22 04:54 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
2016-06-09 00:50 - 2014-02-22 04:54 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\wlidcredprov.dll
2016-06-09 00:50 - 2014-02-22 04:54 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-06-09 00:50 - 2014-02-22 04:54 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2016-06-09 00:50 - 2014-02-22 04:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\AepRoam.dll
2016-06-09 00:50 - 2014-02-22 04:53 - 00876544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2016-06-09 00:50 - 2014-02-22 04:52 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2016-06-09 00:50 - 2014-02-22 04:52 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-09 00:50 - 2014-02-22 04:51 - 01258496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2016-06-09 00:50 - 2014-02-22 04:51 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-06-09 00:50 - 2014-02-22 04:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-06-09 00:50 - 2014-02-22 04:51 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2016-06-09 00:50 - 2014-02-22 04:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-06-09 00:50 - 2014-02-22 04:49 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2016-06-09 00:50 - 2014-02-22 04:49 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2016-06-09 00:50 - 2014-02-22 04:49 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-06-09 00:50 - 2014-02-22 04:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-06-09 00:50 - 2014-02-22 04:48 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dataclen.dll
2016-06-09 00:50 - 2014-02-22 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2016-06-09 00:50 - 2014-02-22 04:47 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\WlanMM.dll
2016-06-09 00:50 - 2014-02-22 04:47 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2016-06-09 00:50 - 2014-02-22 04:47 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcredprov.dll
2016-06-09 00:50 - 2014-02-22 04:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\AltTab.dll
2016-06-09 00:50 - 2014-02-22 04:46 - 03312128 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll
2016-06-09 00:50 - 2014-02-22 04:46 - 00824832 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-06-09 00:50 - 2014-02-22 04:45 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-06-09 00:50 - 2014-02-22 04:45 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-06-09 00:50 - 2014-02-22 04:45 - 00169472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2016-06-09 00:50 - 2014-02-22 04:45 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-06-09 00:50 - 2014-02-22 04:44 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-06-09 00:50 - 2014-02-22 04:44 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2016-06-09 00:50 - 2014-02-22 04:44 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2016-06-09 00:50 - 2014-02-22 04:44 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2016-06-09 00:50 - 2014-02-22 04:43 - 00644608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-06-09 00:50 - 2014-02-22 04:43 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2016-06-09 00:50 - 2014-02-22 04:43 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2016-06-09 00:50 - 2014-02-22 04:43 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2016-06-09 00:50 - 2014-02-22 04:43 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2016-06-09 00:50 - 2014-02-22 04:43 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-06-09 00:50 - 2014-02-22 04:43 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Renewal.dll
2016-06-09 00:50 - 2014-02-22 04:42 - 00943104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WlanMM.dll
2016-06-09 00:50 - 2014-02-22 04:42 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2016-06-09 00:50 - 2014-02-22 04:42 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2016-06-09 00:50 - 2014-02-22 04:41 - 00662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-06-09 00:50 - 2014-02-22 04:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-06-09 00:50 - 2014-02-22 04:40 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-06-09 00:50 - 2014-02-22 04:40 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-06-09 00:50 - 2014-02-22 04:39 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-06-09 00:50 - 2014-02-22 04:39 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2016-06-09 00:50 - 2014-02-22 04:39 - 00321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2016-06-09 00:50 - 2014-02-22 04:39 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2016-06-09 00:50 - 2014-02-22 04:38 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-09 00:50 - 2014-02-22 04:38 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2016-06-09 00:50 - 2014-02-22 04:38 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2016-06-09 00:50 - 2014-02-22 04:37 - 00658432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-06-09 00:50 - 2014-02-22 04:36 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2016-06-09 00:50 - 2014-02-22 04:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-09 00:50 - 2014-02-22 04:35 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-06-09 00:50 - 2014-02-22 04:34 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-06-09 00:50 - 2014-02-22 04:33 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-06-09 00:50 - 2014-02-22 04:33 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-06-09 00:50 - 2014-02-22 04:31 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-06-09 00:50 - 2014-02-22 04:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-06-09 00:50 - 2014-02-22 04:30 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2016-06-09 00:50 - 2014-02-22 04:29 - 00191488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2016-06-09 00:50 - 2014-02-22 04:27 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-09 00:50 - 2014-02-22 04:24 - 02760704 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-06-09 00:50 - 2014-02-22 04:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2016-06-09 00:50 - 2014-02-22 04:24 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IdCtrls.dll
2016-06-09 00:50 - 2014-02-22 04:22 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2016-06-09 00:50 - 2014-02-22 04:22 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncPolicy.dll
2016-06-09 00:50 - 2014-02-22 04:21 - 00854528 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2016-06-09 00:50 - 2014-02-22 04:21 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-06-09 00:50 - 2014-02-22 04:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2016-06-09 00:50 - 2014-02-22 04:20 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-06-09 00:50 - 2014-02-22 04:20 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncPolicy.dll
2016-06-09 00:50 - 2014-02-22 04:19 - 00698880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2016-06-09 00:50 - 2014-02-22 04:19 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-06-09 00:50 - 2014-02-22 04:18 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-09 00:50 - 2014-02-22 04:17 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-09 00:50 - 2014-02-22 04:17 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\CloudStorageWizard.exe
2016-06-09 00:50 - 2014-02-22 04:17 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudStorageWizard.exe
2016-06-09 00:50 - 2014-02-22 04:00 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-09 00:50 - 2014-02-22 03:54 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2016-06-09 00:50 - 2014-02-22 00:43 - 00002440 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2016-06-09 00:50 - 2014-02-22 00:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-06-09 00:50 - 2014-02-22 00:37 - 00000369 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-06-09 00:50 - 2014-02-22 00:37 - 00000369 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-06-09 00:50 - 2014-02-22 00:37 - 00000369 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-06-09 00:50 - 2014-02-22 00:33 - 00262335 _____ C:\Windows\system32\dfpinc.dat
2016-06-09 00:50 - 2014-02-07 21:08 - 00100197 _____ C:\Windows\SysWOW64\RacRules.xml
2016-06-09 00:50 - 2014-02-07 21:08 - 00100197 _____ C:\Windows\system32\RacRules.xml
2016-06-09 00:50 - 2014-02-02 10:48 - 00307304 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-06-09 00:50 - 2014-02-02 09:33 - 00230808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-06-09 00:50 - 2014-02-01 02:00 - 00011109 _____ C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2016-06-09 00:50 - 2014-02-01 02:00 - 00011109 _____ C:\Windows\system32\connectedsearch-results.searchconnector-ms
2016-06-09 00:50 - 2014-02-01 02:00 - 00007762 _____ C:\Windows\SysWOW64\connectedsearch-suggestions.searchconnector-ms
2016-06-09 00:50 - 2014-02-01 02:00 - 00007762 _____ C:\Windows\system32\connectedsearch-suggestions.searchconnector-ms
2016-06-09 00:50 - 2014-02-01 02:00 - 00007130 _____ C:\Windows\SysWOW64\connectedsearch-zeroinput.searchconnector-ms
2016-06-09 00:50 - 2014-02-01 02:00 - 00007130 _____ C:\Windows\system32\connectedsearch-zeroinput.searchconnector-ms
2016-06-09 00:50 - 2014-02-01 02:00 - 00002255 _____ C:\Windows\SysWOW64\WimBootCompress.ini
2016-06-09 00:50 - 2014-02-01 02:00 - 00002255 _____ C:\Windows\system32\WimBootCompress.ini
2016-06-09 00:50 - 2014-01-31 07:59 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-09 00:50 - 2014-01-31 07:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-09 00:50 - 2014-01-31 05:55 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-06-09 00:50 - 2014-01-31 05:35 - 03085824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-06-09 00:50 - 2014-01-31 05:19 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-06-09 00:50 - 2014-01-31 05:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-06-09 00:50 - 2014-01-31 05:10 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-06-09 00:50 - 2014-01-31 05:08 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-06-09 00:50 - 2014-01-31 05:04 - 00409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-06-09 00:50 - 2014-01-31 04:24 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2016-06-09 00:50 - 2014-01-31 04:18 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2016-06-09 00:50 - 2014-01-29 04:53 - 01653352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-09 00:50 - 2014-01-29 04:52 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-06-09 00:50 - 2014-01-29 04:40 - 00994136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-06-09 00:50 - 2014-01-29 03:44 - 01369736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-09 00:50 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-06-09 00:50 - 2014-01-28 20:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-06-09 00:50 - 2014-01-28 20:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2016-06-09 00:50 - 2014-01-27 15:53 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-06-09 00:50 - 2014-01-27 13:54 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-06-09 00:50 - 2014-01-27 13:04 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-09 00:50 - 2014-01-27 11:38 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-09 00:50 - 2014-01-27 07:45 - 00050053 _____ C:\Windows\system32\srms.dat
2016-06-09 00:50 - 2014-01-22 02:21 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-06-09 00:50 - 2014-01-22 01:50 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-06-09 00:50 - 2014-01-17 13:24 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll
2016-06-09 00:50 - 2014-01-17 13:04 - 00292864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll
2016-06-09 00:50 - 2014-01-07 21:30 - 00745328 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-06-09 00:50 - 2014-01-07 20:33 - 00552632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-06-09 00:50 - 2013-12-10 03:35 - 00530944 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2016-06-09 00:50 - 2013-12-04 11:54 - 00660480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-06-09 00:50 - 2013-12-04 11:16 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-09 00:50 - 2013-12-04 10:19 - 00439808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-06-09 00:50 - 2013-12-04 09:53 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-09 00:50 - 2013-11-27 05:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2016-06-09 00:50 - 2013-11-27 05:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\finger.exe
2016-06-09 00:50 - 2013-11-27 05:10 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2016-06-09 00:50 - 2013-11-27 04:56 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2016-06-09 00:50 - 2013-11-10 19:41 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-06-09 00:50 - 2013-11-08 00:04 - 00488960 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-06-09 00:50 - 2013-11-07 23:47 - 00370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-06-09 00:47 - 2014-03-20 00:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-06-09 00:47 - 2014-03-19 23:48 - 21232792 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-09 00:47 - 2014-03-19 23:41 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-06-09 00:47 - 2014-03-19 23:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-06-09 00:47 - 2014-03-19 23:40 - 01112536 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-09 00:47 - 2014-03-19 21:29 - 04268544 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2016-06-09 00:47 - 2014-03-19 21:20 - 18679216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-09 00:47 - 2014-03-19 20:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-06-09 00:47 - 2014-03-19 20:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2016-06-09 00:47 - 2014-03-19 19:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-06-09 00:47 - 2014-03-19 19:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-06-09 00:47 - 2014-03-19 19:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2016-06-09 00:47 - 2014-03-19 03:13 - 00836096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-09 00:47 - 2014-03-19 01:57 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2016-06-09 00:47 - 2014-03-19 01:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2016-06-09 00:47 - 2014-03-19 01:31 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-06-09 00:47 - 2014-03-19 01:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2016-06-09 00:47 - 2014-03-19 01:08 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-06-09 00:47 - 2014-03-19 00:41 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2016-06-09 00:47 - 2014-03-19 00:17 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2016-06-09 00:47 - 2014-03-15 00:56 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-06-09 00:47 - 2014-03-15 00:44 - 01705984 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-06-09 00:47 - 2014-03-13 08:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2016-06-09 00:47 - 2014-03-11 11:18 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2016-06-09 00:47 - 2014-03-11 10:28 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2016-06-09 00:47 - 2014-03-11 10:25 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-06-09 00:47 - 2014-03-11 10:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-06-09 00:47 - 2014-03-11 10:03 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-06-09 00:47 - 2014-03-11 10:00 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-06-09 00:47 - 2014-03-11 09:21 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2016-06-09 00:47 - 2014-03-11 09:02 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2016-06-09 00:47 - 2014-03-11 08:42 - 02641920 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-09 00:47 - 2014-03-11 08:35 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-09 00:47 - 2014-03-08 16:47 - 00565536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-09 00:47 - 2014-03-08 16:47 - 00180056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-09 00:47 - 2014-03-08 16:40 - 00136024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2016-06-09 00:47 - 2014-03-08 16:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-09 00:47 - 2014-03-08 16:35 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-06-09 00:47 - 2014-03-08 16:35 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-06-09 00:47 - 2014-03-08 11:29 - 01339240 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-09 00:47 - 2014-03-08 11:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2016-06-09 00:47 - 2014-03-08 07:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-09 00:47 - 2014-03-08 05:34 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-09 00:47 - 2014-03-08 04:44 - 00731648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-09 00:47 - 2014-03-08 04:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2016-06-09 00:47 - 2014-03-08 03:53 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-06-09 00:47 - 2014-03-08 03:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2016-06-09 00:47 - 2014-03-08 03:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2016-06-09 00:47 - 2014-03-08 03:12 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2016-06-09 00:47 - 2014-03-08 03:09 - 01411584 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-09 00:47 - 2014-03-08 03:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-06-09 00:47 - 2014-03-08 03:03 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-09 00:47 - 2014-03-08 03:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-06-09 00:47 - 2014-03-08 02:50 - 01066496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-09 00:47 - 2014-03-08 02:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-06-09 00:47 - 2014-03-08 02:46 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-06-09 00:47 - 2014-03-08 02:41 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-06-09 00:47 - 2014-03-08 02:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-06-09 00:47 - 2014-03-08 02:37 - 00755712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-09 00:47 - 2014-03-08 02:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2016-06-09 00:47 - 2014-03-08 02:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-06-09 00:47 - 2014-03-08 02:25 - 00264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-06-09 00:47 - 2014-03-08 02:09 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-09 00:47 - 2014-03-08 02:02 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-09 00:47 - 2014-03-08 01:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-09 00:47 - 2014-03-08 01:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-09 00:47 - 2014-03-06 10:35 - 01466864 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-06-09 00:47 - 2014-03-06 10:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-06-09 00:47 - 2014-03-06 10:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-06-09 00:47 - 2014-03-06 08:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-06-09 00:47 - 2014-03-06 08:53 - 00518552 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-09 00:47 - 2014-03-06 08:51 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-09 00:47 - 2014-03-06 08:51 - 00488280 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-06-09 00:47 - 2014-03-06 08:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-06-09 00:47 - 2014-03-06 08:42 - 07425368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-09 00:47 - 2014-03-06 08:40 - 00492256 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-06-09 00:47 - 2014-03-06 08:40 - 00467504 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-06-09 00:47 - 2014-03-06 08:40 - 00463264 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-06-09 00:47 - 2014-03-06 08:40 - 00364640 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-06-09 00:47 - 2014-03-06 08:40 - 00244888 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-06-09 00:47 - 2014-03-06 08:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-09 00:47 - 2014-03-06 07:20 - 01200296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-06-09 00:47 - 2014-03-06 07:19 - 00390488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-06-09 00:47 - 2014-03-06 07:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-06-09 00:47 - 2014-03-06 07:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-06-09 00:47 - 2014-03-06 07:13 - 00406912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-09 00:47 - 2014-03-06 06:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-06-09 00:47 - 2014-03-06 06:35 - 00406512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-06-09 00:47 - 2014-03-06 06:35 - 00388408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-06-09 00:47 - 2014-03-06 06:35 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-06-09 00:47 - 2014-03-06 06:35 - 00305768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-06-09 00:47 - 2014-03-06 05:24 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-09 00:47 - 2014-03-06 05:24 - 00033280 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-06-09 00:47 - 2014-03-06 05:22 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-09 00:47 - 2014-03-06 05:22 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-06-09 00:47 - 2014-03-06 05:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-06-09 00:47 - 2014-03-06 05:20 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-06-09 00:47 - 2014-03-06 05:20 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-09 00:47 - 2014-03-06 05:20 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-09 00:47 - 2014-03-06 05:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-06-09 00:47 - 2014-03-06 05:19 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2016-06-09 00:47 - 2014-03-06 05:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-06-09 00:47 - 2014-03-06 05:19 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-06-09 00:47 - 2014-03-06 05:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2016-06-09 00:47 - 2014-03-06 04:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-06-09 00:47 - 2014-03-06 04:37 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-06-09 00:47 - 2014-03-06 04:20 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-06-09 00:47 - 2014-03-06 04:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2016-06-09 00:47 - 2014-03-06 04:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2016-06-09 00:47 - 2014-03-06 03:47 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-06-09 00:47 - 2014-03-06 03:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-06-09 00:47 - 2014-03-06 03:22 - 16875520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-06-09 00:47 - 2014-03-06 03:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2016-06-09 00:47 - 2014-03-06 03:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-06-09 00:47 - 2014-03-06 03:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-06-09 00:47 - 2014-03-06 02:59 - 12732416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-06-09 00:47 - 2014-03-06 02:51 - 02900992 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-06-09 00:47 - 2014-03-06 02:39 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-06-09 00:47 - 2014-03-06 02:34 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-06-09 00:47 - 2014-03-06 02:33 - 13286400 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-09 00:47 - 2014-03-06 02:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-06-09 00:47 - 2014-03-06 02:31 - 02479616 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-06-09 00:47 - 2014-03-06 02:29 - 11791360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-09 00:47 - 2014-03-06 02:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-06-09 00:47 - 2014-03-06 02:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2016-06-09 00:47 - 2014-03-06 02:23 - 02270208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-06-09 00:47 - 2014-03-06 02:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2016-06-09 00:47 - 2014-03-06 02:21 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-06-09 00:47 - 2014-03-06 02:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-06-09 00:47 - 2014-03-06 02:16 - 01527296 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-06-09 00:47 - 2014-03-06 02:16 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-06-09 00:47 - 2014-03-06 02:13 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2016-06-09 00:47 - 2014-03-06 02:13 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2016-06-09 00:47 - 2014-03-06 02:11 - 02030080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-06-09 00:47 - 2014-03-06 02:09 - 01764864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-06-09 00:47 - 2014-03-06 02:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2016-06-09 00:47 - 2014-03-06 02:05 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-06-09 00:47 - 2014-03-06 02:04 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2016-06-09 00:47 - 2014-03-06 02:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-06-09 00:47 - 2014-03-06 02:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-06-09 00:47 - 2014-03-06 01:54 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-06-09 00:47 - 2014-03-06 01:54 - 00888320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-06-09 00:47 - 2014-03-06 01:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-06-09 00:47 - 2014-03-06 01:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-06-09 00:47 - 2014-03-06 01:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-06-09 00:47 - 2014-03-06 01:35 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-06-09 00:47 - 2014-03-06 01:33 - 00839168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-06-09 00:47 - 2014-03-06 01:32 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-06-09 00:47 - 2014-03-06 01:28 - 08653824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-06-09 00:47 - 2014-03-06 01:27 - 05833728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-06-09 00:47 - 2014-03-06 01:21 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-06-09 00:47 - 2014-03-06 01:20 - 06641152 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-06-09 00:47 - 2014-03-04 08:25 - 02373784 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-09 00:47 - 2014-03-04 08:15 - 02519384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-09 00:47 - 2014-03-04 08:15 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-09 00:47 - 2014-03-04 08:14 - 00360512 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2016-06-09 00:47 - 2014-03-04 07:16 - 02088160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-09 00:47 - 2014-03-04 07:10 - 00355832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2016-06-09 00:47 - 2014-03-04 03:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-06-09 00:47 - 2014-03-04 03:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-06-09 00:47 - 2014-03-04 03:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-06-09 00:47 - 2014-03-04 03:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2016-06-09 00:47 - 2014-03-04 02:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2016-06-09 00:47 - 2014-03-04 02:50 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-06-09 00:47 - 2014-03-04 02:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-06-09 00:47 - 2014-03-04 02:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-06-09 00:47 - 2014-03-04 02:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2016-06-09 00:47 - 2014-03-04 02:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2016-06-09 00:47 - 2014-03-04 02:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2016-06-09 00:47 - 2014-03-04 02:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-06-09 00:47 - 2014-03-04 02:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2016-06-09 00:47 - 2014-03-04 01:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2016-06-09 00:47 - 2014-03-04 01:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-06-09 00:47 - 2014-02-06 18:59 - 00425984 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2016-06-09 00:47 - 2013-12-23 19:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-06-09 00:46 - 2014-03-12 09:45 - 00387210 _____ C:\Windows\system32\ApnDatabase.xml
2016-06-09 00:46 - 2014-03-11 11:45 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-06-09 00:46 - 2014-03-11 11:02 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-06-09 00:46 - 2014-03-08 05:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2016-06-09 00:46 - 2014-03-08 04:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2016-06-09 00:46 - 2014-03-08 04:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2016-06-09 00:46 - 2014-03-08 02:04 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-06-09 00:46 - 2014-03-08 01:58 - 00567296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-06-09 00:46 - 2014-03-06 05:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2016-06-09 00:46 - 2014-03-06 05:24 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-06-09 00:46 - 2014-03-06 05:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-09 00:46 - 2014-03-06 05:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2016-06-09 00:46 - 2014-03-06 04:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2016-06-09 00:46 - 2014-03-06 04:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2016-06-09 00:46 - 2014-03-06 04:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2016-06-09 00:46 - 2014-03-06 03:44 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-06-09 00:46 - 2014-03-06 02:57 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-06-09 00:46 - 2014-03-06 02:27 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-06-09 00:46 - 2014-03-06 01:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-06-09 00:46 - 2014-03-02 06:20 - 23549952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-09 00:46 - 2014-03-02 05:33 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-09 00:46 - 2014-02-06 17:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2016-06-09 00:46 - 2013-12-23 19:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-06-09 00:45 - 2014-02-26 02:29 - 02678784 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-06-09 00:20 - 2016-06-09 00:21 - 141885896 _____ (GOG.com ) C:\Users\nevetse\Documents\setup_galaxy_1.1.11.53.exe
2016-06-07 21:36 - 2016-06-07 21:36 - 00001497 _____ C:\Users\nevetse\Desktop\Audiograbber.lnk
2016-06-07 04:33 - 2016-06-21 15:35 - 00000000 ____D C:\Music videos
2016-06-07 02:07 - 2016-06-07 02:07 - 00000859 _____ C:\Users\nevetse\AppData\Roaming\Microsoft\Windows\Start Menu\ApexDC++.lnk
2016-06-07 01:35 - 2016-06-21 15:35 - 00000000 ____D C:\Users\nevetse\Downloads\ApexDC++
2016-06-07 01:34 - 2016-06-23 00:11 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\ApexDC++
2016-06-07 01:34 - 2016-06-07 04:50 - 00000000 ____D C:\Users\nevetse\AppData\Local\ApexDC++
2016-06-07 01:34 - 2016-06-07 01:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ApexDC++
2016-06-07 01:34 - 2016-06-07 01:34 - 00000000 ____D C:\Program Files\ApexDC++
2016-06-07 01:32 - 2016-06-07 01:33 - 24153809 _____ (ApexDC++ Development Team ) C:\Users\nevetse\Documents\ApexDC++_1.6.2_x64_setup.exe
2016-05-30 01:04 - 2016-05-30 01:09 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\com.onemrbean.soundodgerplus
2016-05-30 01:04 - 2016-05-30 01:05 - 00000000 ____D C:\Users\nevetse\Documents\soundodger
2016-05-29 22:10 - 2016-05-29 22:10 - 00000000 ____D C:\Users\nevetse\Documents\Evaer
2016-05-29 22:10 - 2016-05-29 22:10 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Evaer
2016-05-29 22:07 - 2016-05-29 22:08 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Evaer
2016-05-29 22:07 - 2016-05-29 22:08 - 00000000 ____D C:\Program Files (x86)\Evaer
2016-05-29 22:07 - 2016-05-29 22:07 - 00000928 _____ C:\Users\nevetse\Desktop\Evaer.lnk
2016-05-29 01:29 - 2016-05-29 01:29 - 00000000 ____D C:\Users\nevetse\AppData\LocalLow\Dinosaur Polo Club

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-24 12:37 - 2016-01-15 22:43 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\uTorrent
2016-06-24 12:36 - 2016-02-02 21:21 - 00000000 ____D C:\Users\nevetse
2016-06-24 12:30 - 2016-01-15 16:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-24 12:28 - 2016-02-02 22:15 - 00000000 ____D C:\Users\nevetse\AppData\Local\ClassicShell
2016-06-24 12:22 - 2016-02-02 21:27 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3326879936-3081261951-3617693335-1002
2016-06-24 12:18 - 2016-02-08 12:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-24 12:17 - 2016-02-08 12:48 - 00001085 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-24 12:17 - 2016-02-08 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-24 12:17 - 2016-01-15 16:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-24 12:16 - 2016-01-15 04:21 - 00000000 ____D C:\Users\nevetse\Desktop\HS
2016-06-24 11:39 - 2016-02-02 21:29 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-24 11:18 - 2016-02-09 05:07 - 00000000 ____D C:\Program Files (x86)\NirSoft
2016-06-24 11:12 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\Inf
2016-06-24 10:48 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-24 05:07 - 2016-01-15 07:57 - 01242278 _____ C:\Users\nevetse\Downloads\KillSkypeHome.exe
2016-06-24 03:42 - 2016-02-02 21:34 - 00002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-24 03:42 - 2016-02-02 21:34 - 00002170 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-24 02:09 - 2016-02-27 22:38 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\puush
2016-06-24 02:09 - 2016-02-05 05:30 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-06-24 02:09 - 2016-02-02 21:29 - 00000000 ____D C:\ProgramData\ClassicShell
2016-06-24 02:09 - 2016-01-15 22:43 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\vlc
2016-06-24 02:09 - 2016-01-15 22:42 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\mIRC
2016-06-24 02:09 - 2016-01-15 22:41 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Battle.net
2016-06-24 02:09 - 2016-01-15 20:24 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-06-24 02:09 - 2016-01-15 16:46 - 00000000 ____D C:\Program Files (x86)\SlimDrivers
2016-06-24 02:09 - 2016-01-15 16:45 - 00000000 ____D C:\Program Files (x86)\NoteBook FanControl
2016-06-24 02:09 - 2016-01-15 16:45 - 00000000 ____D C:\Program Files (x86)\MiPony
2016-06-24 02:07 - 2013-08-22 11:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-24 02:01 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\registration
2016-06-24 02:00 - 2016-01-28 19:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-24 02:00 - 2016-01-15 22:28 - 00000000 ____D C:\Users\nevetse\AppData\Local\SlimWare Utilities Inc
2016-06-24 02:00 - 2016-01-15 22:26 - 00000000 ____D C:\Users\nevetse\AppData\Local\Mozilla
2016-06-23 23:00 - 2016-01-15 22:43 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Skype
2016-06-23 22:58 - 2013-08-26 02:09 - 00958356 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-23 22:55 - 2016-02-02 21:23 - 00000000 ____D C:\Users\nevetse\Documents\Youcam
2016-06-23 22:53 - 2016-02-11 13:33 - 00003754 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-23 22:53 - 2016-01-15 16:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-23 22:52 - 2016-02-02 21:29 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-23 22:52 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-23 22:50 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-23 22:19 - 2016-02-07 21:41 - 00000000 ____D C:\Program Files (x86)\Everything
2016-06-23 22:10 - 2016-02-09 07:03 - 00498816 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-23 21:10 - 2016-02-09 05:44 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\DAEMON Tools Lite
2016-06-23 13:57 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\tracing
2016-06-22 19:25 - 2016-01-15 22:17 - 00000000 ____D C:\Users\nevetse\AppData\Local\Battle.net
2016-06-21 17:43 - 2016-05-01 21:37 - 00000414 _____ C:\Users\nevetse\Desktop\New Text Document (2).txt
2016-06-21 15:06 - 2016-01-15 02:52 - 00000000 ____D C:\bz2k
2016-06-16 14:54 - 2016-02-02 21:26 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1226D55A-AEDC-4363-ACD9-1D51F94AFC48}
2016-06-16 10:18 - 2016-01-28 19:28 - 00000000 ____D C:\ProgramData\Temp
2016-06-11 23:25 - 2016-03-21 09:04 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Notepad++
2016-06-10 16:18 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2016-06-09 03:09 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-09 02:53 - 2016-01-15 16:40 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-06-09 02:47 - 2016-05-24 01:33 - 00000000 ____D C:\Users\nevetse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-06-09 02:47 - 2016-05-24 01:32 - 00000000 ____D C:\Users\nevetse\AppData\Local\Discord
2016-06-09 02:47 - 2016-01-15 22:29 - 00000000 ____D C:\Users\nevetse\AppData\Local\SquirrelTemp
2016-06-09 02:47 - 2016-01-15 04:21 - 00002189 _____ C:\Users\nevetse\Desktop\Discord.lnk
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\WinStore
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\setup
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\migwiz
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\lv-LV
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\lt-LT
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\inetsrv
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\et-EE
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\en-GB
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\MediaViewer
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-06-09 02:35 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-06-09 02:35 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-06-09 02:35 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-06-09 02:35 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-06-09 02:35 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\oobe
2016-06-09 02:35 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\system32\Dism
2016-06-09 02:35 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\servicing
2016-06-09 02:34 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\FileManager
2016-06-09 02:34 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Camera
2016-06-09 01:15 - 2016-02-09 08:06 - 00000000 ____D C:\Windows\system32\MRT
2016-06-09 00:53 - 2016-02-09 08:06 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-09 00:39 - 2013-12-05 21:24 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-06-07 03:04 - 2016-01-15 07:59 - 00000000 ____D C:\Users\nevetse\Downloads\GrabIt Downloads
2016-06-01 13:15 - 2016-02-05 05:32 - 00000000 ____D C:\Program Files (x86)\Hearthstone

==================== Files in the root of some directories =======

2016-01-15 22:31 - 2015-12-15 02:50 - 0000034 _____ () C:\Users\nevetse\AppData\Roaming\AdobeWLCMCache.dat
2016-01-15 22:31 - 2015-01-07 22:52 - 0000028 _____ () C:\Users\nevetse\AppData\Roaming\iRotate.INI
2016-01-15 22:16 - 2015-12-15 03:01 - 0001456 _____ () C:\Users\nevetse\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-01-15 22:16 - 2012-05-03 07:12 - 0000532 _____ () C:\Users\nevetse\AppData\Local\datos.txt
2016-01-15 22:16 - 2014-02-05 16:08 - 0193744 _____ () C:\Users\nevetse\AppData\Local\lateral1.bmp
2016-01-15 22:16 - 2010-11-12 05:10 - 0193744 _____ () C:\Users\nevetse\AppData\Local\lateral2.bmp
2016-01-15 22:16 - 2014-02-05 16:10 - 0195108 _____ () C:\Users\nevetse\AppData\Local\lateral3.bmp
2016-01-15 22:16 - 2014-02-05 17:50 - 0043976 _____ () C:\Users\nevetse\AppData\Local\save_en.bmp
2016-01-15 22:16 - 2014-02-05 17:49 - 0043976 _____ () C:\Users\nevetse\AppData\Local\save_es.bmp
2016-06-23 22:40 - 2016-06-23 22:40 - 0174569 _____ () C:\ProgramData\1466735875.bdinstall.bin

Files to move or delete:
====================
C:\Users\nevetse\ArenaValue.exe
C:\Users\nevetse\aspi_471a2.exe
C:\Users\nevetse\audacity-win-2.1.1.exe
C:\Users\nevetse\BEncode Editor.exe
C:\Users\nevetse\Better DS3.exe
C:\Users\nevetse\BlueStacks-ThinInstaller.exe
C:\Users\nevetse\ccsetup509.exe
C:\Users\nevetse\cdbxp_setup_4.5.6.5931_x64_minimal.exe
C:\Users\nevetse\ChromeSetup.exe
C:\Users\nevetse\ClementineSetup-1.2.3-1072-g6ecd470.exe
C:\Users\nevetse\ClementineSetup-1.2.3.exe
C:\Users\nevetse\Core-Temp-installer.exe
C:\Users\nevetse\DiscordSetup.exe
C:\Users\nevetse\DoomExplorer110en_Setup.exe
C:\Users\nevetse\eac-1.0beta3.exe
C:\Users\nevetse\eMule0.50a-Installer.exe
C:\Users\nevetse\Everything-1.3.4.686.x64-Setup.exe
C:\Users\nevetse\GoogleVoiceAndVideoSetup.exe
C:\Users\nevetse\GrabIt173b.exe
C:\Users\nevetse\HearthArena-OverwolfInstaller.exe
C:\Users\nevetse\HPSupportSolutionsFramework-12.0.30.81.exe
C:\Users\nevetse\hwmonitor_1.26.exe
C:\Users\nevetse\i2pinstall_0.9.20_windows.exe
C:\Users\nevetse\janetter4302_setup.exe
C:\Users\nevetse\Lame_v3.99.3_for_Windows.exe
C:\Users\nevetse\livestreamer-v1.10.2-win32-setup.exe
C:\Users\nevetse\mame0151b.exe
C:\Users\nevetse\mbam-setup-2.1.6.1022.exe
C:\Users\nevetse\md64-win-mp620-1_04-ej.exe
C:\Users\nevetse\MegaManEffect.exe
C:\Users\nevetse\MotioninJoy_071001_signed.exe
C:\Users\nevetse\mp3DC220.exe
C:\Users\nevetse\Mp3Merger_Setup.exe
C:\Users\nevetse\MPC-HC.1.7.8.x64.exe
C:\Users\nevetse\mpnx_2_0-win-2_05-ea23_2.exe
C:\Users\nevetse\NoteBook FanControl 1.1.1.19 - Setup.exe
C:\Users\nevetse\NoteBookFanControl.1.3.4.setup.exe
C:\Users\nevetse\nquake28_installer.exe
C:\Users\nevetse\PANDAFREEAV.exe
C:\Users\nevetse\PeerBlock-Setup_v1.2_r693.exe
C:\Users\nevetse\picard-setup-1.2.exe
C:\Users\nevetse\proofingtools_en-us-x64.exe
C:\Users\nevetse\proofingtools_it-it-x64.exe
C:\Users\nevetse\ptreplicator-setup.exe
C:\Users\nevetse\rc_3_7_1.exe
C:\Users\nevetse\screamer044.exe
C:\Users\nevetse\setup-x86.exe
C:\Users\nevetse\setup_galaxy_1.0.0.871.exe
C:\Users\nevetse\Setup_MagicISO.exe
C:\Users\nevetse\sp48676.exe
C:\Users\nevetse\StreamRipper32_2_6.exe
C:\Users\nevetse\Streams8full.reg
C:\Users\nevetse\TeamViewer_Setup_en.exe
C:\Users\nevetse\torbrowser-install-4.0.6_en-US.exe
C:\Users\nevetse\torbrowser-install-4.5.3_en-US.exe
C:\Users\nevetse\UnityWebPlayer.exe
C:\Users\nevetse\wds_current_setup.exe
C:\Users\nevetse\XMouseButtonControlSetup.2.10.2.exe
C:\Users\nevetse\XnView-win-full.exe
C:\Users\nevetse\youtube-dl.exe
C:\Users\nevetse\zandronum2.1.2-win32-installer.exe


Some files in TEMP:
====================
C:\Users\nevetse\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\nevetse\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\nevetse\AppData\Local\Temp\ose00000.exe
C:\Users\nevetse\AppData\Local\Temp\ose00002.exe
C:\Users\nevetse\AppData\Local\Temp\ose00003.exe
C:\Users\nevetse\AppData\Local\Temp\PidGenX.dll
C:\Users\nevetse\AppData\Local\Temp\rk.exe
C:\Users\nevetse\AppData\Local\Temp\SkypeSetup.exe
C:\Users\nevetse\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Users\nevetse\AppData\Local\Temp\xmlUpdater.exe
C:\Users\nevetse\AppData\Local\Temp\{18B8AFEC-5188-4E45-BF84-3E62AA33987A}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-22 13:22

==================== End of FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 PM

Posted 26 June 2016 - 09:21 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===


Windows Firewall is disabled.

Enable your Firewall.

===


Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GalaxyClient] => [X]
IFEO\taskmgr.exe: [Debugger] "C:\USERS\NEVETSE\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE"
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3326879936-3081261951-3617693335-1002: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll [No File]
FF HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
CHR Extension: (Chrome Web Store Payments) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Task: {802994D0-615C-4F86-91BB-55C7A04C3706} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {F72AA240-4FF3-4BFE-98D1-23550F181811} - System32\Tasks\AutoPico Daily Restart => \AutoPico.exe
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE [414]
AlternateDataStreams: C:\Users\nevetse\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\nevetse\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\nevetse\Downloads\KillSkypeHome.exe:BDU [1]
AlternateDataStreams: C:\Users\nevetse\Downloads\PANDAFREEAV.exe:BDU [0]
C:\Windows\AutoKMS
C:\Program Files\KMSpico

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png which is located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Clear your cache and cookies
https://support.google.com/chromebook/answer/183083?hl=en

Restart Chrome.
===

Please let me know what problem persists with this computer.

#3 GVOLTT

GVOLTT
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:43 PM

Posted 26 June 2016 - 12:19 PM

Unfortunately, I am still receiving the problems related to computer security pop-ups, and hijacked links leading to those pop-ups, and right-clicks.

 

Contents of Fixlog.txt:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 01
Ran by nevetse (2016-06-26 12:47:46) Run:1
Running from C:\Users\nevetse\Desktop
Loaded Profiles: nevetse (Available Profiles: User & nevetse)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GalaxyClient] => [X]
IFEO\taskmgr.exe: [Debugger] "C:\USERS\NEVETSE\DOWNLOADS\PROCESSEXPLORER\PROCEXP.EXE"
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3326879936-3081261951-3617693335-1002: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll [No File]
FF HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
CHR Extension: (Chrome Web Store Payments) - C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Task: {802994D0-615C-4F86-91BB-55C7A04C3706} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {F72AA240-4FF3-4BFE-98D1-23550F181811} - System32\Tasks\AutoPico Daily Restart => \AutoPico.exe
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE [414]
AlternateDataStreams: C:\Users\nevetse\Desktop\FRST64.exe:BDU [0]
AlternateDataStreams: C:\Users\nevetse\Downloads\HijackThis.exe:BDU [0]
AlternateDataStreams: C:\Users\nevetse\Downloads\KillSkypeHome.exe:BDU [1]
AlternateDataStreams: C:\Users\nevetse\Downloads\PANDAFREEAV.exe:BDU [0]
C:\Windows\AutoKMS
C:\Program Files\KMSpico

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient => value removed successfully
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient => value not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\taskmgr.exe" => key removed successfully
Firefox "homepage" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf" => key removed successfully
"HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\Software\MozillaPlugins\@turbo.net/Turbo.net Plugin 3.33" => key removed successfully
C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll => not found.
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\MozillaPlugins\@turbo.net/Turbo.net Plugin 3.33 => key not found.
C:\Users\nevetse\AppData\Local\Spoon\3.33.1109.0\npMozillaSpoonPlugin.dll => not found.
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com => value removed successfully
HKU\S-1-5-21-3326879936-3081261951-3617693335-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com => value not found.
C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek" => key removed successfully
"C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{802994D0-615C-4F86-91BB-55C7A04C3706} => key not found.
C:\Windows\System32\Tasks\AutoKMS => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F72AA240-4FF3-4BFE-98D1-23550F181811} => key not found.
C:\Windows\System32\Tasks\AutoPico Daily Restart => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key not found.
C:\ProgramData\Temp => ":A5C00DEE" ADS removed successfully.
"C:\Users\nevetse\Desktop\FRST64.exe" => ":BDU" ADS not found.
C:\Users\nevetse\Downloads\HijackThis.exe => ":BDU" ADS removed successfully.
C:\Users\nevetse\Downloads\KillSkypeHome.exe => ":BDU" ADS removed successfully.
C:\Users\nevetse\Downloads\PANDAFREEAV.exe => ":BDU" ADS removed successfully.
"C:\Windows\AutoKMS" => not found.
"C:\Program Files\KMSpico" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13968372 B
Java, Flash, Steam htmlcache => 69322792 B
Windows/system/drivers => 602 B
Edge => 0 B
Chrome => 522950755 B
Firefox => 382650299 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 73472 B
NetworkService => 0 B
User => 6940077 B
nevetse => 92701576 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:48:32 ====

 

================================

 

Contents of the Adwcleaner log:

 

# AdwCleaner v5.200 - Logfile created 26/06/2016 at 13:00:07
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-25.3 [Server]
# Operating system : Windows 8.1  (X64)
# Username : nevetse - 5CD41114W2
# Running from : C:\Users\nevetse\Desktop\adwcleaner_5.200.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\nevetse\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4030 bytes] - [23/06/2016 13:56:37]
C:\AdwCleaner\AdwCleaner[C2].txt - [1020 bytes] - [26/06/2016 13:00:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [3570 bytes] - [23/06/2016 13:20:28]
C:\AdwCleaner\AdwCleaner[S2].txt - [3224 bytes] - [23/06/2016 13:24:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [1217 bytes] - [26/06/2016 12:59:05]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1312 bytes] ##########

 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 PM

Posted 26 June 2016 - 01:04 PM


Look at all your Chrome Extensions.
Are any of them identified as "Installed by Enterprise Policy"?

Refer to this page for additional details.

Chrome Extension
How to Uninstall Extension with "Installed by Enterprise Policy" from Google?

http://forums.anvisoft.com/viewtopic-51-8494-0.html


If you find any give me the name and the ID number associated with it.

===

#5 GVOLTT

GVOLTT
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:43 PM

Posted 26 June 2016 - 03:03 PM

I have no extensions that are identified as "installed by enterprise policy".



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 PM

Posted 27 June 2016 - 06:37 AM

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

Re-install Chrome and the Bookmarks.

If you want to save all your settings refer to this page.
Follow the instructions before removing Chrome.
http://juan2geek.com/how-to-backup-and-restore-entire-google-chrome-setting/
<<<>>>


If you Sync your chrome data with other apps you may have to clean it.
How To Delete Your Google Chrome Browser Sync Data
http://www.howtogeek.com/103655/how-to-delete-your-google-chrome-browser-sync-data/


Keep me posted.

#7 GVOLTT

GVOLTT
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:43 PM

Posted 28 June 2016 - 04:12 PM

After [regrettably] completely reinstalling Chrome and the extensions I was using from scratch, I believe my problem has been solved.  Only wish that I remembered to back up settings in a few extensions, but it's not a big deal.

 

Thanks for the help.



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 PM

Posted 29 June 2016 - 06:28 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,969 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 PM

Posted 05 July 2016 - 09:49 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users