Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unsure if still infected with new win10-install


  • This topic is locked This topic is locked
16 replies to this topic

#1 glny

glny

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 10 July 2016 - 04:44 PM

Hello BleepingComputer

 

I've recently removed malware from my PC using Bleepingcomputers help, and would very much appreciate it, if you would check and see if my Win10-install is safe. 

 

I am experiencing long shutdown and reboot-procedures and im afraid that some virus/malware is growing :-)

Here and my FRST-logs
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by glny_ecnh7e4 (administrator) on DESKTOP-0K79A3N (11-07-2016 00:35:48)
Running from C:\Users\glny_ecnh7e4\Desktop
Loaded Profiles: glny & glny_ecnh7e4 (Available Profiles: glny & glny_ecnh7e4)
Platform: Windows 10 Pro Version 1511 (X64) Language: Dansk (Danmark)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5050\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Blizzard Entertainment) C:\Diablo III\Diablo III.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869928 2014-12-11] (Synaptics Incorporated)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [9511912 2016-06-28] (Emsisoft Ltd)
HKLM-x32\...\runonceex: [Flags] => 128
HKLM-x32\...\runonceex: [Title] => UnHackMe Rootkit Check
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3547841046-1106075004-863533779-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [805888 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3547841046-1106075004-863533779-1008\...\RunOnce: [Uninstall C:\Users\glny_ecnh7e4\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\glny_ecnh7e4\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 193.162.153.164 194.239.134.83
Tcpip\..\Interfaces\{98748cef-2c00-4fb3-ad0b-d1b79de089f8}: [DhcpNameServer] 193.162.153.164 194.239.134.83
 
Internet Explorer:
==================
 
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-10] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Præsentation) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-10]
CHR Extension: (Google Dokumenter) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-10]
CHR Extension: (Google Drev) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-10]
CHR Extension: (YouTube) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-10]
CHR Extension: (Google Ark) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-10]
CHR Extension: (Google Docs Offline) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-11]
CHR Extension: (Betalinger i Chrome Webshop) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-10]
CHR Extension: (Gmail) - C:\Users\glny_ecnh7e4\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-10]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11446000 2016-06-28] (Emsisoft Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-07-27] (DT Soft Ltd)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [116944 2016-06-30] (Emsisoft Ltd)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-08-31] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32936 2014-12-11] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-11 00:24 - 2016-07-11 00:24 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-07-11 00:24 - 2016-07-11 00:24 - 00000000 ____D C:\Windows.old
2016-07-11 00:24 - 2016-07-10 23:29 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-11 00:23 - 2016-07-11 00:23 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-07-11 00:23 - 2016-07-11 00:23 - 00000000 ____D C:\Program Files\Synaptics
2016-07-11 00:23 - 2016-07-11 00:02 - 00000000 ____D C:\Program Files (x86)\Razer
2016-07-11 00:23 - 2016-07-10 23:25 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-07-11 00:22 - 2016-07-11 00:32 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\Battle.net
2016-07-11 00:22 - 2016-07-11 00:22 - 00001213 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-07-11 00:22 - 2016-07-11 00:22 - 00000000 ____D C:\WINDOWS\Setup
2016-07-11 00:22 - 2016-07-11 00:22 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\Blizzard Entertainment
2016-07-11 00:22 - 2016-07-11 00:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-07-11 00:22 - 2016-07-11 00:22 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-07-11 00:22 - 2016-07-11 00:22 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-11 00:21 - 2016-07-11 00:22 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Roaming\Battle.net
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\WINDOWS\OCR
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\ProgramData\Battle.net
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\Program Files\MSBuild
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-07-11 00:21 - 2016-07-11 00:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-07-11 00:19 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-07-11 00:19 - 2016-07-11 00:19 - 00311896 _____ C:\WINDOWS\system32\perfi006.dat
2016-07-11 00:19 - 2016-07-11 00:19 - 00041258 _____ C:\WINDOWS\system32\perfd006.dat
2016-07-11 00:19 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-07-11 00:19 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\da
2016-07-11 00:19 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-07-11 00:19 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\da
2016-07-11 00:19 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\0409
2016-07-11 00:19 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-07-11 00:19 - 2016-07-11 00:07 - 00464502 _____ C:\WINDOWS\system32\perfh006.dat
2016-07-11 00:19 - 2016-07-11 00:07 - 00079354 _____ C:\WINDOWS\system32\perfc006.dat
2016-07-11 00:17 - 2016-07-11 00:15 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-11 00:17 - 2016-07-11 00:15 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-11 00:16 - 2016-07-11 00:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-07-11 00:16 - 2016-07-11 00:21 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-07-11 00:16 - 2016-07-11 00:21 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-11 00:16 - 2016-07-11 00:20 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\setup
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\system32\Com
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\WINDOWS\IME
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\Program Files\Common Files\System
2016-07-11 00:16 - 2016-07-11 00:19 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 __RSD C:\WINDOWS\Media
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Web
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Vss
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\tracing
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\TAPI
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SystemResources
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SystemApps
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\spool
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\ras
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\IME
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\ias
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\System
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SKB
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\ShellNew
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\security
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\schemas
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\SchCache
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Resources
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\rescache
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Registration
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\PLA
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Performance
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\InputMethod
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Globalization
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Cursors
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\Branding
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\appcompat
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\addins
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\ProgramData\Comms
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\Program Files\Common Files\Services
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-07-11 00:16 - 2016-07-11 00:16 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-07-11 00:16 - 2016-07-11 00:15 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-07-11 00:16 - 2016-07-11 00:15 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-07-11 00:16 - 2016-07-11 00:15 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-07-11 00:16 - 2016-07-11 00:15 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-07-11 00:16 - 2016-07-11 00:15 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-07-11 00:16 - 2016-07-11 00:15 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-07-11 00:16 - 2016-07-11 00:15 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-07-11 00:16 - 2016-07-11 00:15 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-07-11 00:16 - 2016-07-11 00:15 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-07-11 00:16 - 2016-07-11 00:15 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-07-11 00:16 - 2016-07-11 00:15 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-07-11 00:16 - 2016-07-11 00:15 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-07-11 00:16 - 2016-07-11 00:15 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-07-11 00:16 - 2016-07-11 00:15 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-07-11 00:16 - 2016-07-11 00:15 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-07-11 00:16 - 2016-07-11 00:15 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-07-11 00:16 - 2016-07-11 00:15 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-07-11 00:16 - 2016-07-11 00:15 - 00000219 _____ C:\WINDOWS\system.ini
2016-07-11 00:16 - 2016-07-11 00:15 - 00000092 _____ C:\WINDOWS\win.ini
2016-07-11 00:16 - 2016-07-10 23:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-11 00:16 - 2016-07-10 23:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-11 00:16 - 2016-07-10 23:47 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-11 00:16 - 2016-07-10 23:31 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-07-11 00:16 - 2016-07-10 23:31 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-11 00:16 - 2016-07-10 23:31 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-07-11 00:16 - 2016-07-10 23:31 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-11 00:16 - 2016-07-10 23:29 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-07-11 00:16 - 2016-07-10 23:29 - 00000000 ____D C:\Program Files\Windows NT
2016-07-11 00:16 - 2016-07-10 23:28 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-11 00:16 - 2016-07-10 23:28 - 00000000 ____D C:\WINDOWS\CSC
2016-07-11 00:16 - 2016-07-10 23:27 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-07-11 00:16 - 2016-07-10 23:26 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-07-11 00:16 - 2016-07-10 23:26 - 00000000 ____D C:\WINDOWS\Help
2016-07-11 00:16 - 2016-07-10 23:26 - 00000000 ____D C:\ProgramData\USOPrivate
2016-07-11 00:15 - 2016-07-11 00:07 - 00000000 ____D C:\WINDOWS\INF
2016-07-11 00:11 - 2016-07-11 00:22 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-11 00:07 - 2016-07-11 00:20 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-07-11 00:07 - 2016-07-11 00:07 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2016-07-11 00:07 - 2016-07-11 00:07 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2016-07-11 00:07 - 2016-07-11 00:07 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2016-07-11 00:07 - 2016-07-11 00:07 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\PeerDistRepub
2016-07-11 00:07 - 2016-07-11 00:07 - 00000000 ____D C:\ProgramData\RegRun
2016-07-11 00:06 - 2016-07-11 00:23 - 00000000 ___HD C:\$Windows.~BT
2016-07-11 00:06 - 2016-07-11 00:20 - 00000000 ____D C:\WINDOWS\servicing
2016-07-11 00:06 - 2016-07-11 00:16 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-07-11 00:06 - 2016-07-11 00:01 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-11 00:06 - 2016-07-10 23:26 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-11 00:06 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-07-11 00:05 - 2016-07-11 00:06 - 212514840 _____ (Emsisoft Ltd. ) C:\Users\glny_ecnh7e4\Downloads\EmsisoftAntiMalwareSetup_bc (1).exe
2016-07-11 00:05 - 2016-07-11 00:06 - 00000000 ___HD C:\$SysReset
2016-07-11 00:04 - 2016-07-11 00:04 - 00000000 ____D C:\ProgramData\Emsisoft
2016-07-10 23:58 - 2016-07-10 23:58 - 00000937 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2016-07-10 23:58 - 2016-07-10 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2016-07-10 23:57 - 2016-07-11 00:34 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2016-07-10 23:56 - 2016-07-10 23:57 - 212514840 _____ (Emsisoft Ltd. ) C:\Users\glny_ecnh7e4\Downloads\EmsisoftAntiMalwareSetup_bc.exe
2016-07-10 23:48 - 2016-07-10 23:48 - 00000000 ____D C:\Users\glny_ecnh7e4\Desktop\Rod
2016-07-10 23:48 - 2016-07-10 23:48 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\Comms
2016-07-10 23:39 - 2016-07-11 00:35 - 02390528 _____ (Farbar) C:\Users\glny_ecnh7e4\Desktop\FRST64.exe
2016-07-10 23:39 - 2016-07-11 00:35 - 00007841 _____ C:\Users\glny_ecnh7e4\Desktop\FRST.txt
2016-07-10 23:38 - 2016-07-10 23:38 - 00002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-10 23:38 - 2016-07-10 23:38 - 00002344 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-10 23:37 - 2016-07-11 00:02 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-10 23:37 - 2016-07-10 23:47 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-10 23:37 - 2016-07-10 23:42 - 00004030 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-10 23:37 - 2016-07-10 23:42 - 00003798 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-10 23:37 - 2016-07-10 23:38 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\Google
2016-07-10 23:37 - 2016-07-10 23:38 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-10 23:37 - 2016-07-10 23:37 - 00987728 _____ (Google Inc.) C:\Users\glny_ecnh7e4\Downloads\ChromeSetup.exe
2016-07-10 23:37 - 2016-07-10 23:37 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\MicrosoftEdge
2016-07-10 23:36 - 2016-07-11 00:31 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2016-07-10 23:36 - 2016-07-10 23:36 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-07-10 23:35 - 2016-07-11 00:07 - 01410868 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-10 23:35 - 2016-07-10 23:35 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-10 23:33 - 2016-07-10 23:33 - 00002358 _____ C:\Users\glny_ecnh7e4\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-07-10 23:32 - 2016-07-10 23:32 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\ActiveSync
2016-07-10 23:32 - 2016-07-10 23:32 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-07-10 23:31 - 2016-07-10 23:31 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\Publishers
2016-07-10 23:30 - 2016-07-10 23:48 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\Packages
2016-07-10 23:30 - 2016-07-10 23:30 - 00000020 ___SH C:\Users\glny_ecnh7e4\ntuser.ini
2016-07-10 23:30 - 2016-07-10 23:30 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Roaming\Adobe
2016-07-10 23:30 - 2016-07-10 23:30 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\VirtualStore
2016-07-10 23:30 - 2016-07-10 23:30 - 00000000 ____D C:\Users\glny_ecnh7e4\AppData\Local\TileDataLayer
2016-07-10 23:30 - 2016-07-10 23:30 - 00000000 ____D C:\ProgramData\Razer
2016-07-10 23:29 - 2016-07-10 23:29 - 00006458 _____ C:\Users\glny\AppData\Local\Application.xml
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Skabeloner
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Printere
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Menuen Start
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Lokale indstillinger
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Dokumenter
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Documents\Videoer
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Documents\Musik
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Documents\Billeder
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmer
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\AppData\Local\Oversigt
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default\Andre computere
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default User\Documents\Videoer
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default User\Documents\Musik
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default User\Documents\Billeder
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmer
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Oversigt
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\Default User
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Users\All Users
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\ProgramData\Skrivebord
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\ProgramData\Skabeloner
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmer
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\ProgramData\Menuen Start
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\ProgramData\Dokumenter
2016-07-10 23:29 - 2016-07-10 23:29 - 00000000 _SHDL C:\Program Files\Fælles filer
2016-07-10 23:28 - 2016-07-11 00:24 - 00000000 ____D C:\Users\glny_ecnh7e4
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Skabeloner
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Printere
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Menuen Start
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Lokale indstillinger
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Dokumenter
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Documents\Videoer
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Documents\Musik
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Documents\Billeder
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\AppData\Roaming\Microsoft\Windows\Start Menu\Programmer
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\AppData\Local\Oversigt
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny_ecnh7e4\Andre computere
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Skabeloner
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Printere
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Menuen Start
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Lokale indstillinger
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Dokumenter
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Documents\Videoer
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Documents\Musik
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Documents\Billeder
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\AppData\Roaming\Microsoft\Windows\Start Menu\Programmer
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\AppData\Local\Oversigt
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 _SHDL C:\Users\glny\Andre computere
2016-07-10 23:28 - 2016-07-10 23:28 - 00000000 ____D C:\Users\glny
2016-07-10 23:27 - 2016-07-11 00:15 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-07-10 23:26 - 2016-07-10 23:26 - 00000000 ____D C:\ProgramData\USOShared
2016-07-10 23:26 - 2016-07-10 23:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-10 23:26 - 2016-07-10 23:26 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-10 23:26 - 2015-11-05 17:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-07-10 23:26 - 2015-11-05 17:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-07-10 23:26 - 2015-11-05 17:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-07-10 23:26 - 2015-11-05 17:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-07-10 23:26 - 2015-11-05 17:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-07-10 23:26 - 2015-11-05 17:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-07-10 23:26 - 2015-10-28 15:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-07-10 23:25 - 2016-07-11 00:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-10 23:25 - 2016-07-10 23:28 - 00189048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-10 23:25 - 2016-07-10 23:26 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-10 23:25 - 2016-07-10 23:25 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-07-10 23:25 - 2016-07-10 23:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-06 07:54 - 2016-07-06 08:00 - 00000000 ____D C:\@RestoreQuarantine
2016-07-06 07:50 - 2016-07-11 00:18 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-07-06 07:50 - 2016-07-11 00:08 - 00000000 ____D C:\Users\glny_ecnh7e4\Documents\RegRun2
2016-07-06 07:24 - 2016-07-06 07:24 - 00000000 ____D C:\zoek_backup
2016-07-03 11:37 - 2016-07-03 11:37 - 00000000 ____D C:\Users\glny_ecnh7e4\Documents\Diablo III
2016-06-11 18:45 - 2016-07-11 00:35 - 00000000 ____D C:\FRST
2016-06-11 18:10 - 2016-06-11 18:10 - 00000000 ____D C:\Users\glny_ecnh7e4\Desktop\SYS
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-11 00:23 - 2015-08-12 19:25 - 00000000 ____D C:\Diablo III
2016-07-11 00:15 - 2015-10-30 09:19 - 06971392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-11 00:15 - 2015-10-30 09:19 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 06734336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-11 00:15 - 2015-10-30 09:18 - 02723840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 02185832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 01138688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-11 00:15 - 2015-10-30 09:18 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-11 00:15 - 2015-10-30 09:18 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-07-11 00:15 - 2015-10-30 09:18 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00157696 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-07-11 00:15 - 2015-10-30 09:18 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00085312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-07-11 00:15 - 2015-10-30 09:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-07-11 00:15 - 2015-10-30 09:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-07-11 00:15 - 2015-10-30 09:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-07-11 00:15 - 2015-10-30 09:17 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-11 00:15 - 2015-10-30 09:17 - 02652784 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 01392128 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-11 00:15 - 2015-10-30 09:17 - 01322240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00911640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00717952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00652320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-07-11 00:15 - 2015-10-30 09:17 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-07-11 00:15 - 2015-10-30 09:17 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-07-11 00:15 - 2015-10-30 09:17 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-07-11 00:15 - 2015-10-30 09:17 - 00119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-07-11 00:15 - 2015-10-30 09:17 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-07-11 00:15 - 2015-10-30 09:17 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00080640 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-07-11 00:15 - 2015-10-30 09:17 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-07-11 00:15 - 2015-10-30 09:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-07-11 00:14 - 2015-10-30 09:19 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 03573248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 01859584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-11 00:14 - 2015-10-30 09:19 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-07-11 00:14 - 2015-10-30 09:19 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 22573656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 21125920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 07825920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 07527936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 06974280 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 05237336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 04502864 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 02918296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02624000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02195128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-11 00:14 - 2015-10-30 09:18 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01997320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01798144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01759688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 01718272 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01537024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01535024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-11 00:14 - 2015-10-30 09:18 - 01187840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01162144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01041920 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-11 00:14 - 2015-10-30 09:18 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-07-11 00:14 - 2015-10-30 09:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00974680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00726288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00707600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00686080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00640464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00638304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00535088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00525288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-07-11 00:14 - 2015-10-30 09:18 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00512816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00500576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00454048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00453464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00288224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-07-11 00:14 - 2015-10-30 09:18 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00227328 _____ C:\WINDOWS\system32\MTF.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-07-11 00:14 - 2015-10-30 09:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00084312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-07-11 00:14 - 2015-10-30 09:18 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-07-11 00:14 - 2015-10-30 09:18 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 06601408 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 03429888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 03350528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 03079168 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02912768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02796544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02772576 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02181160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 02058240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01997664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 01947136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01804672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01648128 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01394688 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01300016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01156456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-07-11 00:14 - 2015-10-30 09:17 - 01012224 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-07-11 00:14 - 2015-10-30 09:17 - 00983976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-07-11 00:14 - 2015-10-30 09:17 - 00926120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00823776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00794816 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00712544 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00701392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-07-11 00:14 - 2015-10-30 09:17 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00651840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00512864 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00510288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00499472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00463264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00389984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00361824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00339384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-07-11 00:14 - 2015-10-30 09:17 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00290856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00289760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00259840 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00141552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-07-11 00:14 - 2015-10-30 09:17 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00100752 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-07-11 00:14 - 2015-10-30 09:17 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-07-11 00:14 - 2015-10-30 09:17 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-07-11 00:14 - 2015-10-30 09:17 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 18677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-07-11 00:13 - 2015-10-30 09:19 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-11 00:13 - 2015-10-30 09:19 - 01211392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-07-11 00:13 - 2015-10-30 09:19 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-07-11 00:13 - 2015-10-30 09:19 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 13377024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 04827648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 04268360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 03679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-07-11 00:13 - 2015-10-30 09:18 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 02548432 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-11 00:13 - 2015-10-30 09:18 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 02121728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01858424 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01847296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01582592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01541280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-11 00:13 - 2015-10-30 09:18 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-07-11 00:13 - 2015-10-30 09:18 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-07-11 00:13 - 2015-10-30 09:18 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00686984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00675056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00579424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-07-11 00:13 - 2015-10-30 09:18 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00486400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00440664 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00430816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-07-11 00:13 - 2015-10-30 09:18 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-07-11 00:13 - 2015-10-30 09:18 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00377560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00296800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00257024 _____ C:\WINDOWS\system32\MTFServer.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00252064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-07-11 00:13 - 2015-10-30 09:18 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00183896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-07-11 00:13 - 2015-10-30 09:18 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00069224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-07-11 00:13 - 2015-10-30 09:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00051672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-07-11 00:13 - 2015-10-30 09:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-07-11 00:13 - 2015-10-30 09:18 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 08738216 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 02544776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 02156032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 02063872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01847520 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01398200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-07-11 00:13 - 2015-10-30 09:17 - 01133056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01092976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 01020616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00898704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00884768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-07-11 00:13 - 2015-10-30 09:17 - 00858440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00795912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-07-11 00:13 - 2015-10-30 09:17 - 00764976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00671440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00584672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00563544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-07-11 00:13 - 2015-10-30 09:17 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00517056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00476720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-07-11 00:13 - 2015-10-30 09:17 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00330080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00254816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00244784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00234512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00110552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00110040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-07-11 00:13 - 2015-10-30 09:17 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-07-11 00:13 - 2015-10-30 09:17 - 00035664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-11 00:13 - 2015-10-30 09:17 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-07-11 00:13 - 2015-10-30 09:17 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-07-10 23:48 - 2015-09-17 15:35 - 00000000 ____D C:\Users\glny_ecnh7e4\Desktop\Milo-rod
2016-07-10 23:33 - 2016-03-20 15:18 - 00000000 ___RD C:\Users\glny_ecnh7e4\OneDrive
2016-07-10 23:30 - 2015-07-24 03:44 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-10 23:26 - 2015-09-17 15:44 - 00000000 ____D C:\temp
2016-07-02 21:57 - 2016-06-06 19:07 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\glny_ecnh7e4\Desktop\procexp.exe
2016-06-20 17:10 - 2015-12-18 18:50 - 00000000 ____D C:\Users\glny_ecnh7e4\Downloads\Gameforge Live
2016-06-12 17:18 - 2016-03-20 14:51 - 00000000 ____D C:\Users\glny_ecnh7e4\Desktop\Bryllup
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-07-10 23:25
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by glny_ecnh7e4 (2016-07-11 00:37:02)
Running from C:\Users\glny_ecnh7e4\Desktop
Windows 10 Pro Version 1511 (X64) (2016-07-10 21:29:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3547841046-1106075004-863533779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3547841046-1106075004-863533779-503 - Limited - Disabled)
glny (S-1-5-21-3547841046-1106075004-863533779-1001 - Administrator - Enabled) => C:\Users\glny
glny_ecnh7e4 (S-1-5-21-3547841046-1106075004-863533779-1008 - Administrator - Enabled) => C:\Users\glny_ecnh7e4
Gæst (S-1-5-21-3547841046-1106075004-863533779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3547841046-1106075004-863533779-1011 - Limited - Enabled)
milo_i8i42ae (S-1-5-21-3547841046-1106075004-863533779-1007 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.45.0 - Synaptics Incorporated)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3547841046-1106075004-863533779-1008_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\glny_ecnh7e4\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {9D51EE96-74F4-4DD4-A393-E58A5401DC9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-10] (Google Inc.)
Task: {D77F7E49-659F-4797-8BAE-532737CA6C64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-10] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-10 23:26 - 2015-11-05 17:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-30 09:17 - 2016-07-11 00:15 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-30 09:17 - 2016-07-11 00:15 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-07-10 23:33 - 2016-07-10 23:33 - 00959168 _____ () C:\Users\glny_ecnh7e4\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-10-30 09:17 - 2016-07-11 00:13 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 09:17 - 2016-07-11 00:13 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 09:17 - 2016-07-11 00:13 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-10-30 09:18 - 2016-07-11 00:14 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 09:18 - 2016-07-11 00:14 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 09:18 - 2016-07-11 00:14 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 09:18 - 2016-07-11 00:14 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 21:00 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-07-10 23:38 - 2016-06-23 15:26 - 02336584 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libglesv2.dll
2016-07-10 23:38 - 2016-06-23 15:25 - 00107336 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\libegl.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 01371624 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
2015-10-30 09:18 - 2016-07-11 00:14 - 03081568 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-07-10 23:38 - 2016-06-23 04:27 - 31514816 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.106\PepperFlash\pepflashplayer.dll
2015-10-30 20:32 - 2015-10-30 20:32 - 00044032 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-07-11 00:22 - 2016-07-11 00:22 - 37241856 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libcef.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ortp.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libEGL.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libGLESv2.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libglesv2.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libegl.dll
2016-07-11 00:22 - 2016-07-11 00:22 - 00984576 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ffmpegsumo.dll
2015-08-12 19:33 - 2016-05-04 12:58 - 06248448 _____ () C:\Diablo III\Bnet\battle.net.dll
2015-10-30 20:32 - 2015-10-30 20:32 - 00151040 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-10-30 20:32 - 2015-10-30 20:32 - 18818048 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkyWrap.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-07-11 00:16 - 2016-07-11 00:15 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3547841046-1106075004-863533779-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3547841046-1106075004-863533779-1008\Control Panel\Desktop\\Wallpaper -> C:\Users\glny_ecnh7e4\Desktop\11082605_1389642938022918_7442351329446981403_n.jpg
DNS Servers: 193.162.153.164 - 194.239.134.83
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{003F2C54-D697-488A-BA06-F08D586C0857}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DC4E9A45-DE86-4CF2-BE86-FF2029174801}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [{E855C941-1887-44BE-851F-5BC1D8BC9C1D}] => (Allow) C:\Program Files (x86)\UnHackMe\Unhackme.exe
FirewallRules: [TCP Query User{29BF73DE-CAD8-4B05-AC4B-963451A920FD}C:\diablo iii\diablo iii.exe] => (Allow) C:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{DD69A6D6-D654-46F3-8DA3-4A331EB3892F}C:\diablo iii\diablo iii.exe] => (Allow) C:\diablo iii\diablo iii.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/11/2016 12:32:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0K79A3N)
Description: Aktivering af app‘en Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App mislykkedes med fejlen: -2147024770 Du kan finde flere oplysninger i loggen Microsoft-Windows-TWinUI/Operational.
 
Error: (07/11/2016 12:17:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0K79A3N)
Description: Aktivering af app‘en Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App mislykkedes med fejlen: -2147024770 Du kan finde flere oplysninger i loggen Microsoft-Windows-TWinUI/Operational.
 
Error: (07/11/2016 12:07:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0K79A3N)
Description: Aktivering af app‘en Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App mislykkedes med fejlen: -2147024770 Du kan finde flere oplysninger i loggen Microsoft-Windows-TWinUI/Operational.
 
Error: (07/11/2016 12:02:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0K79A3N)
Description: Aktivering af app‘en Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App mislykkedes med fejlen: -2147024770 Du kan finde flere oplysninger i loggen Microsoft-Windows-TWinUI/Operational.
 
Error: (07/10/2016 11:47:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0K79A3N)
Description: Aktivering af app‘en Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App mislykkedes med fejlen: -2147024770 Du kan finde flere oplysninger i loggen Microsoft-Windows-TWinUI/Operational.
 
Error: (07/10/2016 11:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: RzWizard.exe, version: 1.0.3.1105, tidsstempel: 0x54e32fee
Navn på modul med fejl: KERNELBASE.dll, version: 10.0.10586.0, tidsstempel: 0x5632da1c
Undtagelseskode: 0xe0434352
Forskydning med fejl 0x000bd8a8
Proces-id 0x2208
Programmets starttidspunkt 0xRzWizard.exe0
Programsti: RzWizard.exe1
Modulsti: RzWizard.exe2
Rapport-id: RzWizard.exe3
Fuldt navn på program med fejl: RzWizard.exe4
Relativt program-id for program med fejl: RzWizard.exe5
 
Error: (07/10/2016 11:32:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Program: RzWizard.exe
Framework-version: v4.0.30319
Beskrivelse: Denne proces blev afsluttet pga. en ubehandlet undtagelse.
Undtagelsesoplysninger: System.UnauthorizedAccessException
   ved System.IO.__Error.WinIOError(Int32, System.String)
   ved System.Threading.Mutex+MutexTryCodeHelper.MutexTryCode(System.Object)
   ved System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
   ved System.Threading.Mutex.CreateMutexWithGuaranteedCleanup(Boolean, System.String, Boolean ByRef, SECURITY_ATTRIBUTES)
   ved System.Threading.Mutex..ctor(Boolean, System.String, Boolean ByRef, System.Security.AccessControl.MutexSecurity)
   ved System.Threading.Mutex..ctor(Boolean, System.String, Boolean ByRef)
   ved Razer.MiniInstaller.App.SingleInstance_SetUp()
   ved Razer.MiniInstaller.App.OnStartup(System.Windows.StartupEventArgs)
   ved System.Windows.Application.<.ctor>b__1_0(System.Object)
   ved System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   ved System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   ved System.Windows.Threading.DispatcherOperation.InvokeImpl()
   ved System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   ved System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   ved System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   ved System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   ved System.Windows.Threading.DispatcherOperation.Invoke()
   ved System.Windows.Threading.Dispatcher.ProcessQueue()
   ved System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   ved MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   ved MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   ved System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   ved System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   ved System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   ved MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   ved MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   ved System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   ved System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   ved System.Windows.Application.RunDispatcher(System.Object)
   ved System.Windows.Application.RunInternal(System.Windows.Window)
   ved System.Windows.Application.Run(System.Windows.Window)
   ved Razer.MiniInstaller.App.Main()
 
 
System errors:
=============
Error: (07/11/2016 12:01:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0K79A3N)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (07/11/2016 12:01:32 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-0K79A3N)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (07/11/2016 12:01:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjenesten Adgang til brugerdata_1239f9 blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.
 
Error: (07/11/2016 12:01:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjenesten Lagring af brugerdata_1239f9 blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.
 
Error: (07/11/2016 12:01:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjenesten Kontaktdata_1239f9 blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.
 
Error: (07/11/2016 12:01:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjenesten Synkroniseringsvært_1239f9 blev afbrudt uventet. Dette er sket 1 gange. Følgende korrigerende handling foretages om 10000 millisekunder: Genstart tjenesten.
 
Error: (07/11/2016 12:01:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: programspecifikkeLokalAktivering{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Ikke tilgængeligIkke tilgængelig
 
Error: (07/10/2016 11:53:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: programspecifikkeLokalAktivering{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOKAL TJENESTES-1-5-19LocalHost (via LRPC)Ikke tilgængeligIkke tilgængelig
 
Error: (07/10/2016 11:53:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: programspecifikkeLokalAktivering{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOKAL TJENESTES-1-5-19LocalHost (via LRPC)Ikke tilgængeligIkke tilgængelig
 
Error: (07/10/2016 11:53:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: programspecifikkeLokalAktivering{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOKAL TJENESTES-1-5-19LocalHost (via LRPC)Ikke tilgængeligIkke tilgængelig
 
 
CodeIntegrity:
===================================
  Date: 2016-07-10 23:25:47.756
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 79%
Total physical RAM: 8109.11 MB
Available physical RAM: 1649.43 MB
Total Virtual: 10029.11 MB
Available Virtual: 3865.07 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.3 GB) (Free:51.52 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:83.49 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BDB75CE3)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 02ABDA31)
Partition 1: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498 MB) - (Type=27)
 
==================== End of Addition.txt ============================

 


Edited by glny, 10 July 2016 - 05:40 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:26 PM

Posted 13 July 2016 - 10:20 PM

Greetings glny and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Your computer appears to be clean.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 08:06 AM

Hello Gary

 

Thank you for the assistance in looking into my logs.

 

 

However, since I posted the logs, my SSD-disc appears not to be working anymore, so im currently using my old HDD, and it seems to function very odd.

 

Do you mind looking into FRST-logs here, also?

I'll post them if you agree upon it.

 

My first name is Glenn, please do use that as you wish :-)



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:26 PM

Posted 15 July 2016 - 09:38 AM

Hi Glenn.

No problem. Post the logs and if you could be a bit more specific with the symptoms that would help.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 10:07 AM

Thank you, Gary.

 

FRST-log

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by Glenn (administrator) on GLENN-PC (15-07-2016 17:05:14)
Running from C:\Users\Glenn\Desktop
Loaded Profiles: Glenn (Available Profiles: Glenn)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
() C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5065\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Glenn\AppData\Local\Google\Chrome\Application\chrome.exe
(BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(Farbar) C:\Users\Glenn\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKLM-x32\...\runonceex: [Flags] => 128
HKLM-x32\...\runonceex: [Title] => UnHackMe Rootkit Check
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\...\Run: [WDSM] => C:\Program Files\Yamicsoft\Windows 7 Manager\LaunchTaskCommand.exe [93264 2014-09-11] (Yamicsoft)
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks-x32:  - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} =>  No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} =>  No File
BootExecute: autocheck autochk * Partizan

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 193.162.153.164 194.239.134.83
Tcpip\..\Interfaces\{5087354F-A399-4112-AD06-41D7BF7B4BEF}: [DhcpNameServer] 193.162.153.164 194.239.134.83
Tcpip\..\Interfaces\{FB8703CE-BA66-4A4C-9E1B-DAA84B5D828A}: [DhcpNameServer] 62.44.166.197 62.44.166.69

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2362975480-581817718-3346835720-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
DPF: HKLM-x32 {001EE746-A1F9-460E-80AD-269E088D6A01} hxxp://site.ebrary.com.ez.statsbiblioteket.dk:2048/lib/stats/support/plugins/ebraryRdr.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Glenn\AppData\Roaming\Mozilla\Firefox\Profiles\ups9236o.default
FF NewTab:
FF DefaultSearchEngine: Google
FF DefaultSearchEngine,S: Google
FF DefaultSearchUrl:
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.1,S: Google
FF SelectedSearchEngine: Google
FF SelectedSearchEngine,S: Google
FF Homepage: about:blank
FF Keyword.URL:
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2011-05-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-01-21] ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll [2012-03-28] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: visualon.com/voBrowserPlugin -> C:\ProgramData\VisualOn\BrowserPlugin\npStofaWebtvPlayer.dll [2014-11-21] ()
FF Plugin HKU\S-1-5-21-2362975480-581817718-3346835720-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Glenn\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-2362975480-581817718-3346835720-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Glenn\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-03] (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml [2010-01-01]

Chrome:
=======
CHR Profile: C:\Users\Glenn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Betalinger i Chrome Webshop) - C:\Users\Glenn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-10]
StartMenuInternet: Google Chrome - C:\USERS\GLENN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation)
S4 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2010-11-04] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [61440 2009-10-13] (Atheros Communications, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-07-06] (Greatis Software)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [60416 2008-07-22] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-11-03] () [File not signed]
S1 SSHDRV65; C:\Windows\SysWOW64\drivers\SSHDRV65.sys [120320 2011-04-08] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-07-08] ()
U0 ttrdiw; C:\Windows\System32\drivers\alwbsqv.sys [79064 2016-07-15] (Malwarebytes)
U3 aadh5szh; C:\Windows\System32\Drivers\aadh5szh.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
U2 SBKUPNT; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-15 16:43 - 2016-07-15 16:50 - 00000000 ____D C:\Users\Glenn\Downloads\Embrace.of.the.Serpent.2015.LIMITED.1080p.BluRay.x264-DEPTH
2016-07-15 16:22 - 2016-07-15 16:22 - 00079064 _____ (Malwarebytes) C:\windows\system32\Drivers\alwbsqv.sys
2016-07-15 14:46 - 2016-07-15 14:46 - 00096016 _____ C:\Users\Glenn\Documents\cc_20160715_144630.reg
2016-07-15 14:30 - 2016-07-15 14:30 - 00015128 _____ C:\Users\Glenn\Downloads\mr-robot-second-season_english-1371410.zip
2016-07-15 03:31 - 2016-07-15 03:31 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-15 03:31 - 2016-07-15 03:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-15 03:30 - 2016-07-15 03:31 - 02182248 _____ C:\Users\Glenn\Downloads\winrar-x64-54b3.exe
2016-07-15 03:30 - 2016-07-15 03:31 - 01962216 _____ C:\Users\Glenn\Downloads\wrar54b3.exe
2016-07-15 03:29 - 2016-07-15 03:32 - 00000022 _____ C:\Users\Glenn\Downloads\mr-robot-second-season_english-1371399.zip
2016-07-15 03:25 - 2016-07-15 14:29 - 00000000 ____D C:\Users\Glenn\Downloads\Mr.Robot.S02E02.INTERNAL.720p.HDTV.x264-KILLERS
2016-07-15 03:25 - 2016-07-15 03:30 - 00000000 ____D C:\Users\Glenn\Downloads\Mr.Robot.S02E01.720p.HDTV.x264-KILLERS
2016-07-15 03:25 - 2016-07-15 03:25 - 00004770 _____ C:\Users\Glenn\Downloads\Mr.Robot.S02E02.INTERNAL.720p.HDTV.x264-KILLERS.torrent
2016-07-15 03:24 - 2016-07-15 03:24 - 00004577 _____ C:\Users\Glenn\Downloads\Mr.Robot.S02E01.720p.HDTV.x264-KILLERS.torrent
2016-07-14 19:45 - 2016-07-14 19:45 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-14 19:45 - 2016-05-04 04:23 - 00129824 _____ C:\windows\SysWOW64\vulkan-1.dll
2016-07-14 19:45 - 2016-05-04 04:22 - 00130848 _____ C:\windows\system32\vulkan-1.dll
2016-07-14 19:45 - 2016-05-04 04:22 - 00045344 _____ C:\windows\system32\vulkaninfo.exe
2016-07-14 19:45 - 2016-05-04 04:22 - 00040224 _____ C:\windows\SysWOW64\vulkaninfo.exe
2016-07-14 19:44 - 2016-07-11 01:17 - 00547896 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
2016-07-14 19:44 - 2016-07-11 01:17 - 00081856 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
2016-07-14 19:43 - 2016-07-14 19:44 - 00000000 ____D C:\windows\LastGood
2016-07-14 19:42 - 2016-07-11 04:13 - 39977920 _____ C:\windows\system32\nvcompiler.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 35115968 _____ C:\windows\SysWOW64\nvcompiler.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 31640512 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 25414080 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 17321352 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 13581880 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2016-07-14 19:42 - 2016-07-11 04:13 - 10691632 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 10656112 _____ C:\windows\system32\nvptxJitCompiler.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 10234336 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 09020656 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 08742360 _____ C:\windows\SysWOW64\nvptxJitCompiler.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 08615336 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 03542072 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 03099072 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 01939000 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6436881.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 01571776 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6436881.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 01001016 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00930360 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00909880 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00852024 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00694672 _____ C:\windows\system32\nvfatbinaryLoader.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00583736 _____ C:\windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00544120 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00490744 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00459320 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00444472 _____ (NVIDIA Corporation) C:\windows\system32\NvIFROpenGL.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00406064 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00394808 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFROpenGL.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00177952 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00155768 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00153416 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2016-07-14 19:42 - 2016-07-11 04:13 - 00131584 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2016-07-14 19:37 - 2016-07-14 19:38 - 00000000 ____D C:\Users\Glenn\AppData\Local\NVIDIA
2016-07-14 19:37 - 2016-07-14 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-14 19:37 - 2016-06-14 22:01 - 01767944 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2016-07-14 19:37 - 2016-06-14 22:01 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2016-07-14 19:37 - 2016-06-14 22:01 - 01377800 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2016-07-14 19:37 - 2016-06-14 22:01 - 01316184 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2016-07-14 19:37 - 2016-06-14 22:01 - 00112216 _____ C:\windows\system32\NvRtmpStreamer64.dll
2016-07-14 19:36 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\windows\system32\nvaudcap64v.dll
2016-07-14 19:36 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2016-07-14 19:36 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2016-07-14 19:35 - 2016-07-14 19:35 - 44984120 _____ (NVIDIA Corporation) C:\Users\Glenn\Downloads\GeForce_Experience_v2.11.4.0(1).exe
2016-07-14 06:00 - 2016-07-15 03:32 - 00046949 _____ C:\Users\Glenn\Desktop\Mr. Robot - 02x01 - eps2.0_unm4sk-pt1.tc.KILLERS.English.HI.C.orig.Addic7ed.com.srt
2016-07-13 21:38 - 2016-07-13 21:41 - 00000000 ____D C:\Users\Glenn\Downloads\London.Has.Fallen.2016.DKSubs.1080p.WEB-DL.X264.AC3-UNiTAiL
2016-07-13 20:27 - 2016-07-13 20:31 - 00000000 ____D C:\Users\Glenn\Downloads\London.Has.Fallen.2016.DKSubs.BLUR.720p.HDRip.x264-UNiTAiL
2016-07-13 20:14 - 2016-07-13 20:14 - 00000000 ____D C:\Users\Glenn\Downloads\Preacher.S01E07.NORDiC.1080p.WEB-DL.DD5.1.H.264-DBRETAiL
2016-07-13 07:11 - 2016-07-13 07:15 - 00000000 ____D C:\windows\Microsoft Antimalware
2016-07-12 22:10 - 2016-07-15 14:47 - 00000000 ____D C:\Program Files\CCleaner
2016-07-12 22:10 - 2016-07-12 22:10 - 00002790 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2016-07-12 22:10 - 2016-07-12 22:10 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-12 22:10 - 2016-07-12 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-12 22:09 - 2016-07-12 22:09 - 07991656 _____ (Piriform Ltd) C:\Users\Glenn\Downloads\ccsetup519.exe
2016-07-10 22:40 - 2016-07-10 22:45 - 29360128 _____ C:\windows\system32\config\systme
2016-07-10 22:32 - 2016-07-10 22:32 - 00396403 __RSH C:\JTWRB
2016-07-10 22:15 - 2016-07-10 22:49 - 00000000 ____D C:\Windows10Upgrade
2016-07-10 22:15 - 2016-07-10 22:15 - 05792848 _____ (Microsoft Corporation) C:\Users\Glenn\Downloads\Windows10Upgrade9194.exe
2016-07-10 22:15 - 2016-07-10 22:15 - 00000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Upgrade Assistant.lnk
2016-07-10 22:15 - 2016-07-10 22:15 - 00000682 _____ C:\Users\Glenn\Desktop\Windows 10 Upgrade Assistant.lnk
2016-07-10 22:15 - 2016-07-10 22:15 - 00000000 ___HD C:\$GetCurrent
2016-07-10 21:51 - 2016-07-10 21:51 - 00918695 _____ C:\Users\Glenn\Desktop\New Text Document.txt
2016-07-10 21:51 - 2016-07-10 21:50 - 00918698 _____ C:\Users\Glenn\Desktop\cbs.txt
2016-07-10 20:57 - 2016-07-10 20:57 - 00341788 _____ C:\Users\Glenn\Desktop\Addition.txt
2016-07-10 20:34 - 2016-07-10 20:34 - 00001035 _____ C:\Users\Glenn\Desktop\mb.txt
2016-07-10 20:31 - 2016-07-10 20:50 - 00000000 ____D C:\EEK
2016-07-10 20:29 - 2016-07-10 20:30 - 242763376 _____ C:\Users\Glenn\Desktop\EmsisoftEmergencyKit(3).exe
2016-07-10 20:24 - 2016-07-10 20:24 - 02390528 _____ (Farbar) C:\Users\Glenn\Desktop\FRST64(1).exe
2016-07-10 20:13 - 2016-07-10 20:13 - 02390528 _____ (Farbar) C:\Users\Glenn\Downloads\FRST64.exe
2016-07-10 20:12 - 2016-07-10 20:13 - 242763376 _____ C:\Users\Glenn\Downloads\EmsisoftEmergencyKit(2).exe
2016-07-10 20:09 - 2016-07-15 17:05 - 00014386 _____ C:\Users\Glenn\Desktop\FRST.txt
2016-07-10 20:09 - 2016-07-10 20:09 - 00000000 ____D C:\Users\Glenn\Desktop\Bleeping
2016-07-09 03:06 - 2016-07-09 03:06 - 00000000 ____D C:\windows\system32\SPReview
2016-07-08 15:33 - 2016-07-15 14:51 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-08 15:33 - 2016-07-08 15:34 - 248410960 _____ C:\Users\Glenn\Downloads\EmsisoftEmergencyKit(1).exe
2016-07-08 15:32 - 2016-07-08 15:32 - 22851472 _____ (Malwarebytes ) C:\Users\Glenn\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-08 15:32 - 2016-07-08 15:32 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-08 15:32 - 2016-07-08 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-08 15:32 - 2016-07-08 15:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-08 15:32 - 2016-07-08 15:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-08 15:32 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-07-08 15:32 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-07-08 15:32 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-07-08 14:28 - 2016-07-08 14:29 - 248410960 _____ C:\Users\Glenn\Downloads\EmsisoftEmergencyKit.exe
2016-07-08 07:20 - 2016-07-08 07:20 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\SUPERAntiSpyware.com
2016-07-08 07:20 - 2016-07-08 07:20 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-07-08 07:19 - 2016-07-08 07:19 - 26537944 _____ (SUPERAntiSpyware) C:\Users\Glenn\Downloads\SUPERAntiSpyware.exe
2016-07-08 06:56 - 2016-07-08 07:07 - 00021213 _____ C:\Users\Glenn\Desktop\attach.txt
2016-07-08 06:56 - 2016-07-08 07:07 - 00012475 _____ C:\Users\Glenn\Desktop\dds.txt
2016-07-08 06:55 - 2016-07-08 06:55 - 00688992 ____R (Swearware) C:\Users\Glenn\Downloads\dds.com
2016-07-08 06:49 - 2016-07-08 06:49 - 19921992 _____ C:\Users\Glenn\Downloads\RogueKiller(1).exe
2016-07-08 06:18 - 2016-07-15 14:43 - 00000000 ____D C:\AdwCleaner
2016-07-08 06:17 - 2016-07-08 06:18 - 03712064 _____ C:\Users\Glenn\Desktop\AdwCleaner.exe
2016-07-08 06:15 - 2016-07-15 14:42 - 00001862 _____ C:\Users\Glenn\Desktop\JRT.txt
2016-07-08 06:06 - 2016-07-08 06:06 - 01610560 _____ (Malwarebytes) C:\Users\Glenn\Desktop\JRT.exe
2016-07-08 05:47 - 2016-07-08 07:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-08 05:41 - 2016-07-10 21:14 - 00001191 _____ C:\Users\Glenn\Desktop\Fixlog.txt
2016-07-08 04:48 - 2016-07-08 04:49 - 212514840 _____ (Emsisoft Ltd. ) C:\Users\Glenn\Downloads\EmsisoftAntiMalwareSetup_bc.exe
2016-07-08 04:46 - 2016-07-08 13:55 - 00024688 _____ C:\windows\system32\Drivers\TrueSight.sys
2016-07-08 04:46 - 2016-07-08 04:46 - 19921992 _____ C:\Users\Glenn\Downloads\RogueKiller.exe
2016-07-08 04:46 - 2016-07-08 04:46 - 00000000 ____D C:\ProgramData\RogueKiller
2016-07-08 04:37 - 2016-07-08 04:37 - 00020421 _____ C:\ComboFix.txt
2016-07-08 04:33 - 2016-07-08 04:33 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Glenn\Downloads\tdsskiller.exe
2016-07-08 04:29 - 2016-07-08 04:37 - 00000000 ____D C:\Qoobox
2016-07-08 04:29 - 2016-07-08 04:36 - 00000000 ____D C:\windows\erdnt
2016-07-08 04:29 - 2016-07-08 04:29 - 05659337 ____R (Swearware) C:\Users\Glenn\Downloads\ComboFix.exe
2016-07-08 04:29 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2016-07-08 04:29 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2016-07-08 04:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2016-07-08 04:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2016-07-08 04:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2016-07-08 04:29 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2016-07-08 04:29 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2016-07-08 04:29 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2016-07-08 04:11 - 2016-07-08 13:54 - 00000000 ____D C:\Users\Glenn\Downloads\backups
2016-07-08 04:09 - 2016-07-08 04:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Glenn\Downloads\HijackThis.exe
2016-07-08 03:37 - 2016-07-15 17:05 - 00000000 ____D C:\FRST
2016-07-08 03:37 - 2016-07-10 20:16 - 00039082 _____ C:\Users\Glenn\Downloads\FRST.txt
2016-07-08 03:37 - 2016-07-08 03:37 - 02390016 _____ (Farbar) C:\Users\Glenn\Desktop\FRST64.exe
2016-07-08 02:05 - 2016-07-08 02:22 - 00073262 _____ C:\Users\Glenn\Downloads\Extras.Txt
2016-07-08 02:05 - 2016-07-08 02:21 - 00071584 _____ C:\Users\Glenn\Downloads\OTL.Txt
2016-07-08 00:58 - 2016-07-08 00:58 - 00065665 _____ C:\Users\Glenn\Downloads\Shortcut.txt
2016-07-08 00:43 - 2016-07-08 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-07-08 00:42 - 2016-07-08 00:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-08 00:42 - 2016-07-08 00:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-08 00:18 - 2016-07-10 20:16 - 00386583 _____ C:\Users\Glenn\Downloads\Addition.txt
2016-07-08 00:10 - 2016-07-08 00:10 - 00380928 _____ C:\Users\Glenn\Downloads\codi3sn3.exe
2016-07-07 22:46 - 2016-07-07 22:46 - 00597304 _____ C:\Users\Glenn\Downloads\flux-setup.exe
2016-07-07 22:46 - 2016-07-07 22:46 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2016-07-07 22:46 - 2016-07-07 22:46 - 00000000 ____D C:\Users\Glenn\AppData\Local\FluxSoftware
2016-07-07 22:40 - 2016-07-07 22:40 - 00000000 ____D C:\windows\pss
2016-07-07 22:35 - 2016-07-14 19:22 - 00000000 ____D C:\windows\system32\MRT
2016-07-07 21:14 - 2016-07-07 21:14 - 00000000 ____D C:\Users\Glenn\Documents\Diablo III
2016-07-07 21:04 - 2016-07-07 21:04 - 00045056 _____ C:\Users\Glenn\Documents\BootBackup(20160707)
2016-07-07 21:01 - 2016-07-07 21:01 - 00001098 _____ C:\Users\Public\Desktop\Diablo III.lnk
2016-07-07 21:01 - 2016-07-07 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-07-07 20:56 - 2016-07-14 19:49 - 00007684 _____ C:\Users\Glenn\AppData\Local\Resmon.ResmonCfg
2016-07-07 20:54 - 2016-07-14 19:37 - 00000000 ____D C:\Users\Glenn\AppData\Local\NVIDIA Corporation
2016-07-07 20:28 - 2016-07-11 01:17 - 01762752 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
2016-07-07 20:28 - 2016-07-11 01:17 - 01364536 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
2016-07-07 20:28 - 2016-07-07 19:03 - 07211925 _____ C:\windows\system32\nvcoproc.bin
2016-07-07 20:24 - 2016-07-07 21:30 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-07-07 20:23 - 2016-07-07 20:23 - 00000000 ____D C:\Users\Glenn\AppData\Local\Blizzard Entertainment
2016-07-07 20:22 - 2016-07-15 17:04 - 00000000 ____D C:\Users\Glenn\AppData\Local\Battle.net
2016-07-07 20:22 - 2016-07-14 19:51 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-07 20:22 - 2016-07-07 20:24 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\Battle.net
2016-07-07 20:22 - 2016-07-07 20:22 - 00001104 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-07-07 20:22 - 2016-07-07 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-07-07 20:21 - 2016-07-07 20:21 - 03219440 _____ (Blizzard Entertainment) C:\Users\Glenn\Downloads\Diablo-III-Setup.exe
2016-07-07 20:21 - 2016-07-07 20:21 - 03219440 _____ (Blizzard Entertainment) C:\Users\Glenn\Downloads\Diablo-III-Setup(1).exe
2016-07-07 20:00 - 2016-07-07 20:00 - 00000000 ____D C:\Program Files (x86)\Intel
2016-07-07 20:00 - 2016-07-07 20:00 - 00000000 ____D C:\Intel
2016-07-07 19:51 - 2016-07-07 19:51 - 44984120 _____ (NVIDIA Corporation) C:\Users\Glenn\Downloads\GeForce_Experience_v2.11.4.0.exe
2016-07-07 19:48 - 2016-06-25 18:03 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2016-07-07 19:46 - 2016-07-07 19:46 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-07 19:46 - 2016-07-07 19:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-07 19:45 - 2016-07-07 19:45 - 00242232 _____ C:\Users\Glenn\Downloads\Firefox Setup Stub 47.0.1.exe
2016-07-07 15:27 - 2016-07-07 15:27 - 00000000 ___SD C:\windows\system32\CompatTel
2016-07-07 15:27 - 2016-07-07 15:27 - 00000000 ____D C:\windows\system32\appraiser
2016-07-07 01:27 - 2016-06-03 18:18 - 00041704 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-07-07 01:27 - 2016-06-03 18:10 - 01204224 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-07-07 01:27 - 2016-06-03 15:06 - 01413120 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-07-07 01:27 - 2016-05-26 15:07 - 00569856 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-07-07 01:27 - 2016-05-26 15:07 - 00544256 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-07-07 01:27 - 2016-05-26 15:07 - 00276480 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-07-07 01:27 - 2016-05-26 15:07 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2016-07-07 01:27 - 2016-05-22 15:07 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-07-07 01:27 - 2016-04-27 15:18 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2016-07-07 01:27 - 2016-04-27 15:18 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-07-07 01:27 - 2015-03-19 05:07 - 05503416 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-07-07 01:27 - 2015-03-19 04:57 - 03963320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-07-07 01:27 - 2015-03-19 04:57 - 03908024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-07-07 01:27 - 2014-09-15 02:44 - 03195392 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-07-07 01:27 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-07-07 01:27 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-07-07 01:27 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-07-07 01:14 - 2016-07-06 22:33 - 00000000 ____D C:\Users\Glenn\Downloads\Preacher.S01E04.HDTV.x264-KILLERS
2016-07-07 01:10 - 2016-07-07 01:11 - 00000000 ____D C:\Users\Glenn\Downloads\Preacher.S01E06.NORDiC.720p.WEB-DL.DD5.1.H.264-DBRETAiL
2016-07-07 01:07 - 2016-07-07 01:09 - 00000000 ____D C:\Users\Glenn\Downloads\Preacher.S01E05.NORDiC.720p.WEB-DL.DD5.1.H.264-DBRETAiL
2016-07-06 22:25 - 2016-07-06 22:25 - 30533688 _____ C:\Users\Glenn\Downloads\vlc-2.2.4-win32.exe
2016-07-06 22:25 - 2016-07-06 22:25 - 00001026 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-06 22:25 - 2016-07-06 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-07-06 22:22 - 2016-07-14 19:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-06 22:18 - 2016-06-30 00:44 - 01922616 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6436869.dll
2016-07-06 22:18 - 2016-06-30 00:44 - 01571776 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6436869.dll
2016-07-06 22:18 - 2016-06-30 00:44 - 00000594 _____ C:\windows\SysWOW64\nv-vk32.json
2016-07-06 22:18 - 2016-06-30 00:44 - 00000594 _____ C:\windows\system32\nv-vk64.json
2016-07-06 22:14 - 2016-07-06 22:15 - 348045000 _____ (NVIDIA Corporation) C:\Users\Glenn\Downloads\368.69-desktop-win8-win7-winvista-64bit-international-whql.exe
2016-07-06 21:30 - 2012-06-03 01:19 - 00186752 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2016-07-06 21:30 - 2012-06-03 01:15 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2016-07-06 21:30 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2016-07-06 21:30 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2016-07-06 21:30 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2016-07-06 21:30 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2016-07-06 21:30 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2016-07-06 21:30 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2016-07-06 21:30 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2016-07-06 21:29 - 2016-07-06 21:29 - 00370355 _____ C:\Users\Glenn\Desktop\regrunlog.txt
2016-07-06 20:34 - 2016-07-14 19:28 - 00000250 _____ C:\windows\SysWOW64\PARTIZAN.TXT
2016-07-06 20:28 - 2016-07-08 00:06 - 00000000 ____D C:\@RestoreQuarantine
2016-07-06 20:17 - 2016-07-14 19:29 - 00000000 ____D C:\ProgramData\RegRun
2016-07-06 20:16 - 2016-07-13 08:34 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-07-06 20:16 - 2016-07-08 00:52 - 00000000 ____D C:\Users\Glenn\Documents\RegRun2
2016-07-06 20:16 - 2016-07-07 14:53 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-07-06 20:16 - 2016-07-06 21:32 - 00000002 RSHOT C:\windows\winstart.bat
2016-07-06 20:16 - 2016-07-06 21:32 - 00000002 RSHOT C:\windows\SysWOW64\CONFIG.NT
2016-07-06 20:16 - 2016-07-06 21:32 - 00000002 RSHOT C:\windows\SysWOW64\AUTOEXEC.NT
2016-07-06 20:16 - 2016-07-06 21:28 - 00003324 _____ C:\windows\System32\Tasks\UnHackMe Task Scheduler
2016-07-06 20:16 - 2016-07-06 20:16 - 00040304 _____ (Greatis Software) C:\windows\SysWOW64\Drivers\Partizan.sys
2016-07-06 20:16 - 2016-07-06 20:16 - 00000967 _____ C:\Users\Glenn\Desktop\UnHackMe.lnk
2016-07-06 20:16 - 2016-07-06 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-07-06 20:16 - 2016-06-29 00:56 - 00015016 _____ (Greatis Software, LLC.) C:\windows\SysWOW64\Drivers\UnHackMeDrv.sys
2016-07-06 20:16 - 2015-12-28 21:32 - 00049968 _____ (Greatis Software) C:\windows\system32\partizan.exe
2016-07-06 20:15 - 2016-07-06 20:15 - 18051441 _____ C:\Users\Glenn\Downloads\unhackme (1).zip
2016-07-06 20:14 - 2016-07-06 20:15 - 18051441 _____ C:\Users\Glenn\Downloads\unhackme.zip
2016-07-06 20:07 - 2016-07-06 20:07 - 00000000 ____D C:\found.000
2016-07-03 05:37 - 2016-07-03 05:38 - 138617616 _____ (Microsoft Corporation) C:\Users\Glenn\Downloads\msert.exe
2016-07-03 05:17 - 2016-07-03 05:17 - 00002083 _____ C:\Users\Public\Desktop\Windows 7 Manager.lnk
2016-07-03 05:17 - 2016-07-03 05:17 - 00002072 _____ C:\Users\Public\Desktop\1-Click Cleaner.lnk
2016-07-03 05:17 - 2016-07-03 05:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Manager
2016-07-03 05:17 - 2016-07-03 05:17 - 00000000 ____D C:\Program Files\Yamicsoft
2016-07-03 05:14 - 2016-07-03 05:14 - 01378550 _____ (Igor Pavlov) C:\Users\Glenn\Downloads\7z1602-x64.exe
2016-07-03 05:14 - 2016-07-03 05:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-07-03 05:14 - 2016-07-03 05:14 - 00000000 ____D C:\Program Files\7-Zip
2016-07-03 05:08 - 2016-07-03 05:17 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\Yamicsoft
2016-06-26 21:43 - 2016-06-27 06:48 - 1849748301 _____ C:\DUMP1443.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-15 17:05 - 2010-11-03 14:00 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\uTorrent
2016-07-15 16:31 - 2010-11-03 14:07 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\vlc
2016-07-15 14:45 - 2011-04-07 10:42 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\Azureus
2016-07-15 14:45 - 2010-11-11 21:16 - 00000000 ____D C:\Users\Glenn\Tracing
2016-07-15 14:45 - 2010-11-03 13:44 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\DAEMON Tools Lite
2016-07-15 14:44 - 2009-10-14 15:08 - 00000000 ____D C:\windows\Panther
2016-07-15 14:44 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-07-15 03:31 - 2010-11-03 14:06 - 00000000 ____D C:\Program Files\WinRAR
2016-07-14 19:45 - 2010-11-03 13:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-14 19:43 - 2010-11-03 13:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-14 19:38 - 2010-11-03 13:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-14 19:37 - 2010-11-03 13:37 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-14 19:28 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-07-14 19:22 - 2009-10-14 14:51 - 144749672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-07-14 18:41 - 2009-07-14 06:45 - 00005872 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-14 18:41 - 2009-07-14 06:45 - 00005872 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-12 22:08 - 2009-07-14 07:32 - 00032768 _____ C:\windows\system32\config\BCD-Template
2016-07-11 09:02 - 2010-11-03 22:17 - 00008192 __RSH C:\BOOTSECT.BAK
2016-07-11 04:13 - 2015-11-10 02:51 - 19220352 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2016-07-11 04:13 - 2015-11-10 02:51 - 16790552 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
2016-07-11 04:13 - 2015-11-10 02:47 - 14371384 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
2016-07-11 04:13 - 2015-11-10 02:44 - 03840096 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
2016-07-11 04:13 - 2015-11-10 02:44 - 03393576 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2016-07-11 04:13 - 2011-12-05 22:02 - 00213952 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2016-07-11 04:13 - 2011-12-05 22:02 - 00203320 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2016-07-11 04:13 - 2010-11-03 13:36 - 00039124 _____ C:\windows\system32\nvinfo.pb
2016-07-11 01:17 - 2011-02-23 01:39 - 06384064 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2016-07-11 01:17 - 2011-02-23 01:39 - 02465848 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
2016-07-11 01:17 - 2011-02-23 01:38 - 00392128 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
2016-07-11 01:17 - 2010-10-16 14:13 - 00071224 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
2016-07-10 21:06 - 2010-11-09 14:42 - 00000000 ____D C:\Users\Glenn\AppData\Roaming\Dropbox
2016-07-10 21:05 - 2011-04-08 19:49 - 00000000 ____D C:\Program Files (x86)\Diablo
2016-07-09 03:20 - 2010-11-03 14:22 - 00453656 _____ C:\windows\system32\perfh006.dat
2016-07-09 03:20 - 2010-11-03 14:22 - 00073504 _____ C:\windows\system32\perfc006.dat
2016-07-09 03:11 - 2012-03-28 16:51 - 00000000 ____D C:\windows\rescache
2016-07-09 03:03 - 2011-04-05 13:17 - 00000039 _____ C:\windows\vbaddin.ini
2016-07-09 03:01 - 2015-10-19 19:41 - 00000000 ____D C:\Users\Glenn\AppData\Local\ElevatedDiagnostics
2016-07-08 07:03 - 2011-01-24 23:26 - 00000000 ____D C:\ProgramData\Skype
2016-07-08 05:49 - 2010-11-03 14:43 - 00000000 ____D C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-07-08 05:42 - 2010-11-05 14:19 - 00000000 ___SD C:\Users\Glenn\AppData\LocalLow\Temp
2016-07-08 05:41 - 2010-11-03 13:28 - 00000000 ____D C:\Users\Glenn
2016-07-08 05:22 - 2009-07-14 05:20 - 00000000 ____D C:\windows\AppCompat
2016-07-08 04:35 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2016-07-08 03:46 - 2011-02-26 18:12 - 00000000 ____D C:\ProgramData\MAGIX
2016-07-08 03:46 - 2011-02-26 18:12 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-07-08 02:29 - 2009-07-14 04:34 - 73662464 _____ C:\windows\system32\config\software.rcbak
2016-07-08 02:29 - 2009-07-14 04:34 - 28835840 _____ C:\windows\system32\config\system.rcbak
2016-07-08 02:29 - 2009-07-14 04:34 - 00262144 _____ C:\windows\system32\config\security.rcbak
2016-07-08 02:29 - 2009-07-14 04:34 - 00262144 _____ C:\windows\system32\config\sam.rcbak
2016-07-08 02:29 - 2009-07-14 04:34 - 00262144 _____ C:\windows\system32\config\default.rcbak
2016-07-08 00:35 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-07-07 21:01 - 2012-03-28 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Beta
2016-07-07 20:41 - 2011-05-15 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-07 20:27 - 2011-05-15 12:22 - 00000000 ____D C:\Users\Glenn\AppData\Local\Mozilla
2016-07-07 20:22 - 2012-03-28 14:57 - 00000000 ____D C:\ProgramData\Battle.net
2016-07-07 19:46 - 2011-05-15 12:18 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-07 19:43 - 2009-07-14 06:45 - 00490488 _____ C:\windows\system32\FNTCACHE.DAT
2016-07-07 15:07 - 2009-07-14 04:34 - 00000478 _____ C:\windows\win.ini
2016-07-07 00:22 - 2010-11-03 13:31 - 00000000 ____D C:\Users\Glenn\AppData\Local\Google
2016-07-06 22:21 - 2009-07-14 09:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-07-06 21:48 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-07-06 21:24 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-07-06 20:25 - 2011-05-25 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net Monitor for Employees Pro
2016-07-06 07:46 - 2015-07-29 22:03 - 00000000 ____D C:\Overførsler
2016-07-03 07:34 - 2009-07-14 05:20 - 00000000 ____D C:\PerfLogs
2016-07-03 05:09 - 2012-03-28 22:49 - 00002384 _____ C:\Users\Glenn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-03 05:09 - 2012-03-28 22:49 - 00002376 _____ C:\Users\Glenn\Desktop\Google Chrome.lnk
2016-07-03 05:07 - 2009-07-14 07:13 - 01264910 _____ C:\windows\system32\PerfStringBackup.INI
2016-06-27 15:14 - 2015-07-24 04:25 - 00000000 ____D C:\Torrentfiler
2016-06-21 12:13 - 2009-10-14 14:52 - 00485032 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2010-12-28 13:00 - 2010-12-28 13:00 - 0003584 _____ () C:\Users\Glenn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-07 20:56 - 2016-07-14 19:49 - 0007684 _____ () C:\Users\Glenn\AppData\Local\Resmon.ResmonCfg
2011-01-24 23:26 - 2011-01-24 23:26 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-08 00:01

==================== End of FRST.txt ============================

 

 

 

Addition-log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by Glenn (2016-07-15 17:06:11)
Running from C:\Users\Glenn\Desktop
Windows 7 Ultimate (X64) (2010-11-03 11:22:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2362975480-581817718-3346835720-500 - Administrator - Disabled)
Glenn (S-1-5-21-2362975480-581817718-3346835720-1001 - Administrator - Enabled) => C:\Users\Glenn
Guest (S-1-5-21-2362975480-581817718-3346835720-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2362975480-581817718-3346835720-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.2.152.26 - Adobe Systems Incorporated)
Adobe Reader 9.4.4 - Dansk (HKLM-x32\...\{AC76BA86-7AD7-1030-7B44-A94000000001}) (Version: 9.4.4 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E5C95CA5-4565-4B9D-97ED-05088D775614}) (Version: 3.3.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}) (Version: 2.0.4.0 - Apple Inc.)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
f.lux (HKU\S-1-5-21-2362975480-581817718-3346835720-1001\...\Flux) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
FirstClass® Client (HKLM-x32\...\{5B35C417-2649-11D6-83D1-0050FC01225C}) (Version: 9.1 (build 9.126) - FirstClass Division, Open Text Corporation.)
Google Chrome (HKU\S-1-5-21-2362975480-581817718-3346835720-1001\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
iTunes (HKLM\...\{77B8B4A5-EE79-4907-A318-2DA86325B8D7}) (Version: 10.1.2.17 - Apple Inc.)
Java™ 6 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416025FF}) (Version: 6.0.250 - Oracle)
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 da) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 da)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RTPatch Update (HKLM-x32\...\RTPatch_is1) (Version:  - PocketSoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{679F739E-5C76-4A41-B562-F9392156B6DD}) (Version: 4.4.21.0 - Husdawg, LLC)
UnHackMe 8.11 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows 7 Manager (HKLM\...\{C7534E78-48F0-4E13-A919-A19330CA79B2}) (Version: 5.0.5 - Yamicsoft)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2362975480-581817718-3346835720-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Glenn\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2362975480-581817718-3346835720-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Glenn\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2A647AB4-00CA-4BC0-8A8B-3FBC7C63061C} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2016-06-29] (Greatis Software)
Task: {41ABECED-2ABE-4516-83FC-879B4DD53058} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {6153CD04-FC91-4142-99A8-C255ADCAF335} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {9A84CCFF-10F4-462F-A837-DCCA28EB3658} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-25] (Microsoft Corporation)
Task: {A90075AD-FB18-44E4-BE40-36CFCDDBE7D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-14 19:36 - 2016-06-14 22:03 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 01371624 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\Battle.net Helper.exe
2016-07-14 19:36 - 2016-06-14 22:03 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-07-15 14:47 - 2016-07-15 14:47 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ortp.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 37241856 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libcef.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libEGL.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libGLESv2.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 03384832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libglesv2.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 00133632 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\libegl.dll
2016-07-07 20:22 - 2016-07-07 20:22 - 00984576 _____ () C:\Program Files (x86)\Battle.net\Battle.net.7575\ffmpegsumo.dll
2016-07-14 19:36 - 2016-06-14 22:03 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-07-03 05:09 - 2016-06-15 11:15 - 01745560 _____ () C:\Users\Glenn\AppData\Local\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-07-03 05:09 - 2016-06-15 11:15 - 00091288 _____ () C:\Users\Glenn\AppData\Local\Google\Chrome\Application\51.0.2704.103\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-07-10 22:17 - 00000067 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 validation.sls.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2362975480-581817718-3346835720-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Glenn\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 193.162.153.164 - 194.239.134.83
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F013D42C-E27D-4E65-8A5E-42FF0DA36E36}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{2ED5F5E4-E614-4703-A291-8CA0E652A609}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{82181B86-9D8C-4386-9EE1-E5823D8F787B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D2D376B2-22CD-4986-B335-FF9F24229C62}] => (Allow) LPort=2869
FirewallRules: [{5A34207D-B866-4E44-ACFB-2A6817141A65}] => (Allow) LPort=1900
FirewallRules: [{B2E3A952-2D93-43C4-A1BB-5EF212DD5831}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0CFBCED5-C7F3-4B77-A04D-5C70BA29C24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BA7BBAD8-0BA5-4532-A85F-6508C9FCD158}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5D6875B6-87F5-488E-82CD-AA0F5537CF6C}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{37DAD84D-C50A-4A8B-80C7-42DE203244AB}C:\users\glenn\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\glenn\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{C77BC989-CE16-42F2-97CF-CD04EDDEFB1B}C:\users\glenn\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\glenn\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{5588A0CA-16DB-4786-B76F-698E6224C5C9}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{C92DA284-2E2A-4FB9-80FF-B1F61F9D9843}C:\program files (x86)\java\jre6\bin\java.exe] => (Allow) C:\program files (x86)\java\jre6\bin\java.exe
FirewallRules: [TCP Query User{5282CED4-71EF-46E9-981F-17EB0B0743F3}C:\diablo\diablo.exe] => (Allow) C:\diablo\diablo.exe
FirewallRules: [UDP Query User{D517C22C-678D-42A1-BB29-195206544144}C:\diablo\diablo.exe] => (Allow) C:\diablo\diablo.exe
FirewallRules: [{16F908D0-D127-4C35-9B45-1C07602483ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8C2BB44C-FBAF-44D5-A9DB-34131617AEDC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7FCB63D1-BE17-422A-93B8-EA297C6D9002}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{30AF3DA9-A960-4E6C-9535-16F834248BAD}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{4825EA97-99D2-4DB5-8E48-C53C5CD4A3B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6BA09DE2-633C-4B7D-BD50-A4E3864D673E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D74EADE0-82E1-4D8C-A9B9-A34E98184188}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5DB9F445-1822-42B1-885A-3FFF23971224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{74BC2AD8-7D02-4837-979B-0FBF2CA69143}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DA0701A9-855B-4F29-9656-7A9EB3A74C1D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E165EB1A-8773-47AB-A2A7-927877454791}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

13-07-2016 10:11:27 Scheduled Checkpoint
14-07-2016 19:21:10 Windows Update
14-07-2016 19:45:47 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
14-07-2016 19:46:17 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
15-07-2016 14:41:09 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2016 11:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4010

Error: (07/14/2016 11:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4010

Error: (07/14/2016 11:39:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/14/2016 11:39:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (07/14/2016 11:39:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (07/14/2016 11:39:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/14/2016 11:39:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013

Error: (07/14/2016 11:39:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2013

Error: (07/14/2016 11:39:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/14/2016 11:39:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014


System errors:
=============
Error: (07/14/2016 07:28:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\SSHDRV65.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/14/2016 07:28:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:26:57 on ‎14-‎07-‎2016 was unexpected.

Error: (07/14/2016 07:25:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error:
%%-2147467259 = Unspecified error


Error: (07/14/2016 07:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.


Error: (07/14/2016 06:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.


Error: (07/14/2016 05:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.


Error: (07/14/2016 04:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.


Error: (07/14/2016 03:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.


Error: (07/14/2016 02:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.


Error: (07/14/2016 01:11:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5 = Access is denied.



CodeIntegrity:
===================================
  Date: 2016-07-13 08:44:18.588
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\WinSxS\amd64_iastorav.inf_31bf3856ad364e35_10.0.10586.0_none_171a7c5ec4807d75\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:44:18.588
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\WinSxS\amd64_iastorav.inf_31bf3856ad364e35_10.0.10586.0_none_171a7c5ec4807d75\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:44:18.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\WinSxS\amd64_iastorav.inf_31bf3856ad364e35_10.0.10586.0_none_171a7c5ec4807d75\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:44:18.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\WinSxS\amd64_iastorav.inf_31bf3856ad364e35_10.0.10586.0_none_171a7c5ec4807d75\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:42:42.835
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iastorav.inf_amd64_e9e1b7ce2ab0e894\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:42:42.835
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iastorav.inf_amd64_e9e1b7ce2ab0e894\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:42:42.819
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iastorav.inf_amd64_e9e1b7ce2ab0e894\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:42:42.819
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\iastorav.inf_amd64_e9e1b7ce2ab0e894\iaStorAV.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:42:35.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\c0296217.inf_amd64_5c110cd680d977f2\B296168\atikmdag.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-13 08:42:35.643
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\c0296217.inf_amd64_5c110cd680d977f2\B296168\atikmdag.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 49%
Total physical RAM: 8109.11 MB
Available physical RAM: 4074.44 MB
Total Virtual: 16216.37 MB
Available Virtual: 11955.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:60.81 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BDB75CE3)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#6 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 10:10 AM

Symptoms:

 

My computer is strangely slow in the restart/shutdown-procedure and my windows defender keep getting disabled.

 

Also, i cannot update my windows to SP1 though Windows Update, I keep getting a Failure upon trying.(Errorcode: 8024200D)

 

When gaming Diablo3 I believe there is a small performance-issue also...



#7 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 10:14 AM

Also, I have this strange folder in my downloads-folder called "backups" with some strange looking accounts under the Security-tab (Account Unknown(S-1-5-21-2362975480...) with full-control permissions...



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:26 PM

Posted 15 July 2016 - 11:01 AM

Thanks Glenn,

Please run this.

===================================================

CKScanner

--------------------
  • Download CKScanner and save it to your Desktop
  • Double click CKScanner
  • Select Search For Files
  • Once completed select Save List to File
  • A ckfiles.txt document will be placed on your Desktop
  • Copy and paste the results of that report in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ckfiles.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 11:07 AM

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\backup\gemme\ha (1).it\2. semester\statistik ii\eviews 6 - til statistik\eviews 6\eviews 6\eviews6 crack atenÇÃo eviews6 do chines para substituir depois de instalado\eviews6.exe
c:\backup\glenn\gnupg-2.0.28\g10\keygen.c
c:\backup\glenn\gpg4usb\help\docu_keygen.html
c:\backup\rod\kmspico.(windows.8.1office.2013.activator).v9.06.20131120.by.heldigard.-.dm999.torrent
c:\backup\rod\malwarebytes.anti-malware.premium.2.0.3.1025.final.+.keys.+.keygen.torrent
c:\backup\rod\rarlab.winrar.5.21.danish.final.keygen.by.fff-rapidcows.torrent
c:\backup\rod\[kat.cr]utorrent.pro.v3.4.2.build.v38397.incl.crack.techtools.torrent
c:\backup\rod\malwarebytes anti-malware premium 2.0.3.1025 final + keys + keygen\keys to register.txt
c:\dropbox\glenn\glenny og jb\windows loader 2.2.2 by daz\keys.ini
c:\overførsler\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol.torrent
c:\overførsler\malwarebytes.anti-malware.premium.2.0.3.1025.final.+.keys.+.keygen.torrent
c:\overførsler\[hounddawgs]bitsum.technologies.process.lasso.pro.v6.7.06.cracked-eat.torrent
c:\overførsler\[hounddawgs]hd.tune.pro.v5.60.winall.cracked-blizzard.torrent
c:\overførsler\[hounddawgs]hotspot.shield.vpn.elite.5.20.18.plus.crack.herher.torrent
c:\overførsler\[hounddawgs]yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped.torrent
c:\torrentfiler\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol.torrent
c:\torrentfiler\hd.tune.pro.v5.60.winall.cracked-blizzard.torrent
c:\torrentfiler\hotspot.shield.vpn elite.5.20.18.plus.crack.herher.torrent
c:\torrentfiler\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped.torrent
c:\torrentfiler\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net].torrent
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\eav_nt32_enu.msi
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\eav_nt64_enu.msi
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\install.nfo
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r00
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r01
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r02
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r03
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r04
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r05
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r06
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r07
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r08
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r09
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r10
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r11
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r13
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r14
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r15
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r16
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r17
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r18
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r19
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r20
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r21
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r22
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r23
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.r24
c:\utorrent\downloads\eset.nod32.antivirus.v7.0.317.cracked.x86-x64-merol\merol-ena.rar
c:\utorrent\downloads\hd.tune.pro.v5.60.winall.cracked-blizzard\blizz.nfo
c:\utorrent\downloads\hd.tune.pro.v5.60.winall.cracked-blizzard\file_id.diz
c:\utorrent\downloads\hd.tune.pro.v5.60.winall.cracked-blizzard\hdtunepro560.exe
c:\utorrent\downloads\hotspot.shield.vpn elite.5.20.18.plus.crack.herher\hss-5.2.1-install-plain-714-plain.exe
c:\utorrent\downloads\hotspot.shield.vpn elite.5.20.18.plus.crack.herher\hss-5.20.18-nodrv-update.exe
c:\utorrent\downloads\hotspot.shield.vpn elite.5.20.18.plus.crack.herher\install notes.txt
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\amped.nfo
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\amped.part1.rar
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\amped.part2.rar
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\amped.part3.rar
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\ampkhsr1.zip
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\ampkhsr2.zip
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\ampkhsr3.zip
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\file_id.diz
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\windows10manager.exe
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\amped\amped.txt
c:\utorrent\downloads\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\amped\keygen.exe
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\www.techtools.net.txt
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net].rar
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\utorrent.exe
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\_readme.txt
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\dht.dat
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\dht.dat.old
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\dht_feed.dat
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\dht_feed.dat.old
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\maindoc.ico
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\resume.dat
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\resume.dat.old
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\rss.dat
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\settings.dat
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\settings.dat.old
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\updates.dat
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\utorrent.exe
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\featuredcontent.btapp
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\player.btapp
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\plus.btapp
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\welcome-upsell.btapp
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\72f0d3e2141065dacf6134d07a06a2df20590748\btapp
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\72f0d3e2141065dacf6134d07a06a2df20590748\index.html
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\72f0d3e2141065dacf6134d07a06a2df20590748\index.js
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\72f0d3e2141065dacf6134d07a06a2df20590748\main.css
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\d944b3378fab35793b7951fa53e41b2ab9cc462b\btapp
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\d944b3378fab35793b7951fa53e41b2ab9cc462b\index.html
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\apps\d944b3378fab35793b7951fa53e41b2ab9cc462b\main.css
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\dlimagecache\10e6fbe4d921b475fa5fec6e9a535a540d6feed1
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\dlimagecache\165f6ef40a81dd175ffaea69e77abfd30b27e71c
c:\utorrent\downloads\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\µtorrent pro v3.4.2 build v38397 incl. crack [techtools.net]\crack\updates\39e8a1.lng
c:\utorrent\temp\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\ampkhsr3.zip
c:\utorrent\temp\yamicsoft.windows.10.manager.v1.0.6.incl.keygen.and.patch-amped\file_id.diz
c:\windows\system32\slmgr.vbs.removewat
c:\windows\syswow64\slmgr.vbs.removewat
scanner sequence 3.ZZ.11.MKNAOZ
 ----- EOF -----
 



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:26 PM

Posted 15 July 2016 - 11:31 AM

Unfortunately you have a variety of cracked/illegal software on your computer, including Windows itself. Unless you have a valid Product Key for Windows and you removed all programs identified by CKScanner I won't be able to offer you any assistance. Your computer is compromised to the point where we would need to provide the stability of a legal Operating System and the removal of software that poses a significant risk going forward.

Sorry for the bad news. Please let me know what you would like to do.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 11:52 AM

I'll look into removing the files and buy a key to windows..



#12 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 11:59 AM

OK, i've removed all of the files listed in the scan and bought a key to windows online - how do you want me to verify it for you?



#13 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 15 July 2016 - 12:00 PM

This is from CKScanner:

 

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.JAAAW0
 ----- EOF -----
 

 

But since its pretty easy to fake, I assume it's not going to be enough? Please advise.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,791 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:26 PM

Posted 15 July 2016 - 12:12 PM

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad

That is a legitimate entry in the program output and it is basically saying double check things.

 

You are correct, that is not enough, the programs are not legit.

 

If you are going to address this within a day or two I can leave the Topic open. If it is going to be awhile I will close it then you can send me a Personal Message to reopen.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 glny

glny
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:07:26 AM

Posted 17 July 2016 - 11:23 AM

You can close this topic now, i'm recieving help elsewhere. Thanks so far and have a nice day :-)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users