Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FireFox browser malware (see attached Situation pdf file)


  • This topic is locked This topic is locked
8 replies to this topic

#1 tropicalelder

tropicalelder

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 06 October 2016 - 04:44 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
Ran by Owner (administrator) on OWNER-PC (06-10-2016 11:59:58)
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NordVPN Inc.) C:\Program Files\NordVPN\NordVPN Client.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Imtiger Software Inc.) C:\Program Files (x86)\SuperTintin for Skype\supertintin_skype.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(MangoApps) C:\Users\Owner\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
() C:\Users\Owner\AppData\Local\MangoApps\TinyTake by MangoApps\SimpleShareProxy.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2016-06-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25242560 2016-09-30] (Dropbox, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-24] (AVAST Software)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe [208792 2015-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [NuanPowerPdf1NPDFLM] => C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe [3456552 2015-07-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance Power PDF Standard-reminder] => "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Standard\Ereg\Ereg.ini"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29635712 2016-09-12] (Skype Technologies S.A.)
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\Run: [supertintin_skype] => C:\Program Files (x86)\SuperTintin for Skype\supertintin_skype.exe [4712448 2016-07-01] (Imtiger Software Inc.)
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-09-28] (Siber Systems)
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\Run: [TinyTake by MangoApps] => C:\Users\Owner\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe [362584 2015-10-13] (MangoApps)
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\MountPoints2: {0e416d06-836f-11e6-9192-00dbdf345a98} - E:\VerizonWirelessUpgradeAssistantSetup.exe -a
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{7C7264D0-71C6-4A12-A525-3B905A211445}: [NameServer] 78.46.223.24,162.242.211.137
Tcpip\..\Interfaces\{7C7264D0-71C6-4A12-A525-3B905A211445}: [DhcpNameServer] 78.46.223.24 162.242.211.137
Tcpip\..\Interfaces\{8A09E78E-FB39-49C2-82C6-38855EA1B01C}: [NameServer] 192.168.0.1,205.171.2.25
Tcpip\..\Interfaces\{8E5014EF-593F-4D84-A7B1-435D1B65878F}: [DhcpNameServer] 192.168.0.1 205.171.2.25
ManualProxies: 
 
Internet Explorer:
==================
HKU\S-1-5-21-3287102053-510840599-1920134602-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://us.yahoo.com?fr=appattach&type=94
SearchScopes: HKU\S-1-5-21-3287102053-510840599-1920134602-1000 -> DefaultScope {BBEC880A-D4D0-4D85-A505-88B642471447} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=chr-appattach&type=93
SearchScopes: HKU\S-1-5-21-3287102053-510840599-1920134602-1000 -> {BBEC880A-D4D0-4D85-A505-88B642471447} URL = hxxp://us.search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=chr-appattach&type=93
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-09-28] (Siber Systems Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-24] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-23] (Oracle Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-09-28] (Siber Systems Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-24] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Nuance PDF Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2015-07-02] (Zeon Corporation)
BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu.dll [2014-02-27] (Zeon Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-23] (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-09-28] (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-09-28] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Nuance PDF - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2015-07-02] (Zeon Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default [2016-10-06]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\sbcmw95g.default -> Google
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\sbcmw95g.default -> Google
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\sbcmw95g.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\sbcmw95g.default -> Google (avast)
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\sbcmw95g.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\sbcmw95g.default -> hxxp://drudgereport.com/
FF Extension: (Blur) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\Extensions\donottrackplus@abine.com.xpi [2015-07-14]
FF Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\Extensions\iobitascsurfingprotection@iobit.com [2016-10-04] [not signed]
FF Extension: (KeeFox) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\Extensions\keefox@chris.tomlinson [2016-10-04]
FF Extension: (Video WithOut Flash) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\Extensions\vwof@drev.com.xpi [2015-07-05]
FF Extension: (Video DownloadHelper) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-29]
FF Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-28]
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\searchplugins\google-avast.xml [2014-12-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-24]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: (RoboForm Toolbar) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2016-09-28]
FF HKU\S-1-5-21-3287102053-510840599-1920134602-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\Power PDF\bin\nppdf.dll [2015-06-26] (Zeon Corporation)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js [2011-12-14] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\493014954.cfg [2016-09-29] <==== ATTENTION
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2016-10-06]
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR Extension: (RoboForm Password Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-09-29]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-09-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2016-09-28]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-24] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-30] (Windows ® Win 7 DDK provider)
R2 GsServer; C:\Program Files\Siber Systems\GoodSync\gs-server.exe [9364192 2016-09-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3764472 2016-09-07] (Paramount Software UK Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [60632 2013-11-19] (Asmedia Technology)
S3 asstor64; C:\Windows\system32\drivers\asstor64.sys [84816 2014-01-27] (Asmedia Technology)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [82936 2016-09-30] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-24] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-24] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-24] (AVAST Software)
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2010-12-16] (Broadcom Corporation)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2011-01-14] (Bigfoot Networks, Inc.)
S3 BFNVis64; C:\Windows\system32\drivers\XenoVa64.sys [157288 2011-01-14] (Bigfoot Networks, Inc.)
S3 BXOIS; C:\Windows\system32\drivers\bxois.sys [533544 2010-12-10] (Broadcom Corporation)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [67136 2011-07-06] (Fresco Logic)
S3 fttxr52P; C:\Windows\system32\drivers\fttxr52P.sys [191384 2007-02-15] (Promise Technology, Inc.)
S3 fttxr5_O; C:\Windows\system32\drivers\fttxr5_O.sys [227224 2007-02-15] (Promise Technology, Inc.)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
S3 IAMTVE; C:\Windows\system32\drivers\IAMTVE.sys [43416 2007-04-11] (Intel Corporation)
S3 IAMTXPE; C:\Windows\system32\drivers\IAMTXPE.sys [51096 2007-04-11] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-08-01] (Intel Corporation)
S3 IFCoEMP; C:\Windows\system32\drivers\ifM60x64.sys [348944 2011-06-15] (Intel® Corporation)
S3 IFCoEVB; C:\Windows\system32\drivers\ifP60X64.sys [70928 2011-06-15] (Intel® Corporation)
S3 johci; C:\Windows\system32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 mv61xx; C:\Windows\system32\drivers\mv61xx.sys [181040 2010-10-26] (Marvell Semiconductor, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-18] (NVIDIA Corporation)
S3 nvme; C:\Windows\system32\drivers\nvme.sys [83784 2015-12-16] (Samsung Electronics Co., Ltd)
R0 nvmeF; C:\Windows\System32\drivers\nvmeF.sys [30776 2015-12-16] (Samsung Electronics Co., Ltd)
R0 nvrd64; C:\Windows\System32\drivers\nvrd64.sys [175720 2010-04-09] (NVIDIA Corporation)
S3 ocz10xx; C:\Windows\system32\drivers\ocz10xx.sys [75056 2014-03-07] (OCZ Storage Solutions)
R0 ocztrimfilter; C:\Windows\System32\drivers\ocztrimfilter.sys [18400 2014-03-07] (OCZ Storage Solutions)
S3 rccfg; C:\Windows\system32\drivers\rccfg.sys [21680 2013-09-14] (AMD, Inc.)
S3 rcraid; C:\Windows\system32\drivers\rcraid.sys [533680 2013-09-14] (AMD, Inc.)
S3 rr62x; C:\Windows\system32\drivers\rr62x.sys [156256 2010-06-16] (HighPoint Technologies, Inc.)
S3 Ultra; C:\Windows\system32\drivers\Ultra.sys [36248 2007-03-22] (Promise Technology, Inc.)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
S3 viamrx64; C:\Windows\system32\drivers\viamrx64.sys [157336 2008-09-26] (VIA Technologies Inc.,Ltd)
R0 ViBusX64; C:\Windows\System32\drivers\ViBusX64.sys [21504 2007-12-07] (VIA Technologies, Inc.)
S3 videX64; C:\Windows\system32\drivers\videX64.sys [15000 2008-12-16] (VIA Technologies, Inc.)
S3 ViPrtX64; C:\Windows\system32\drivers\ViPrtX64.sys [62976 2007-12-07] (VIA Technologies, Inc.)
R0 xfiltx64; C:\Windows\System32\drivers\xfiltx64.sys [24728 2008-12-16] (VIA Technologies,Inc)
S3 dbx; system32\DRIVERS\dbx.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-06 11:59 - 2016-10-06 12:00 - 00029104 _____ C:\Users\Owner\Downloads\FRST.txt
2016-10-06 11:58 - 2016-10-06 11:59 - 00000000 ____D C:\FRST
2016-10-06 11:57 - 2016-10-06 11:57 - 02405376 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2016-10-05 11:58 - 2016-10-05 11:58 - 00000000 ____D C:\Users\Owner\Documents\Reflect
2016-10-04 19:49 - 2016-10-05 09:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-04 12:23 - 2016-10-04 12:23 - 00001937 _____ C:\Users\Public\Desktop\Reflect.lnk
2016-10-04 12:23 - 2016-10-04 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2016-10-04 12:23 - 2016-10-04 12:23 - 00000000 ____D C:\Program Files\Macrium
2016-10-04 12:15 - 2016-10-04 12:19 - 00000000 ____D C:\Users\Owner\Downloads\Macrium
2016-10-04 12:14 - 2016-10-05 11:51 - 00000000 ____D C:\ProgramData\Macrium
2016-10-04 12:14 - 2016-10-04 12:14 - 03545552 _____ (Paramount Software UK Ltd) C:\Users\Owner\Downloads\reflectdlfull.exe
2016-10-04 11:37 - 2016-10-06 11:20 - 00000000 ____D C:\Users\Owner\Desktop\Macrium
2016-10-04 11:24 - 2016-10-05 18:58 - 00000000 ____D C:\Program Files (x86)\Cobian Backup 11
2016-10-04 11:16 - 2016-10-04 11:17 - 19709440 _____ (Luis Cobian, CobianSoft) C:\Users\Owner\Downloads\cbSetup.exe
2016-10-04 11:05 - 2016-10-06 10:03 - 00003580 _____ C:\Windows\System32\Tasks\TinyTakeUpgrade
2016-10-04 11:05 - 2016-10-05 19:07 - 00000000 ____D C:\Users\Owner\AppData\Roaming\TinyTake by MangoApps
2016-10-04 11:05 - 2016-10-04 11:05 - 00000000 ____D C:\Users\Owner\AppData\Roaming\MangoApps
2016-10-04 11:05 - 2016-10-04 11:05 - 00000000 ____D C:\TinyTake
2016-10-04 11:04 - 2016-10-04 11:04 - 00001457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TinyTake by MangoApps.lnk
2016-10-04 11:04 - 2016-10-04 11:04 - 00001369 _____ C:\Users\Public\Desktop\TinyTake by MangoApps.lnk
2016-10-04 11:04 - 2016-10-04 11:04 - 00000000 ____D C:\Users\Owner\AppData\Local\MangoApps
2016-10-04 11:04 - 2016-10-04 11:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-04 11:03 - 2016-10-04 11:04 - 23483095 _____ C:\Users\Owner\Downloads\TinyTakeSetup_v_4_0_1.zip
2016-10-04 10:21 - 2016-10-04 10:21 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\HijackThis.exe
2016-10-04 10:20 - 2016-10-04 10:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\Owner\Downloads\Unconfirmed 756794.crdownload
2016-10-02 11:13 - 2016-10-03 16:58 - 00066048 _____ C:\Users\Owner\Desktop\garage.vsd
2016-10-02 10:37 - 2016-10-05 09:15 - 00000039 _____ C:\Windows\vbaddin.ini
2016-10-02 10:31 - 2016-10-02 10:32 - 00000000 ____D C:\Users\Owner\Downloads\Visio 2010 Professional
2016-10-01 14:30 - 2016-10-01 14:30 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Trimble Connect for SketchUp
2016-10-01 14:27 - 2016-10-01 14:27 - 00000000 ____D C:\Users\Owner\AppData\Roaming\SketchUp
2016-09-30 17:37 - 2016-10-04 10:14 - 00012800 ___SH C:\Users\Owner\Thumbs.db
2016-09-30 17:00 - 2016-09-30 17:00 - 00000000 ____D C:\Users\Owner\AppData\Roaming\FLEXnet
2016-09-30 16:09 - 2016-09-30 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-30 16:04 - 2016-09-30 16:04 - 00000000 ____D C:\Users\Owner\AppData\Local\Nuance
2016-09-30 16:03 - 2016-09-30 16:03 - 00000000 ____D C:\Windows\PIXTRAN
2016-09-30 16:03 - 2016-09-30 16:03 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Nuance
2016-09-30 16:03 - 2016-09-30 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance Power PDF Standard
2016-09-30 16:01 - 2016-09-30 16:01 - 00000000 ____D C:\ppdf-12-std-web-efgdiswabtmjkpryznch-15356.100
2016-09-30 15:55 - 2016-09-30 16:06 - 00000000 ____D C:\Program Files (x86)\Nuance
2016-09-30 15:55 - 2016-09-30 16:04 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Zeon
2016-09-30 15:55 - 2016-09-30 16:04 - 00000000 ____D C:\ProgramData\Nuance
2016-09-30 15:55 - 2016-09-30 16:03 - 00001868 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2016-09-30 15:55 - 2016-09-30 15:55 - 00001079 _____ C:\Users\Public\Desktop\Nuance PDF Reader.lnk
2016-09-30 15:55 - 2016-09-30 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance
2016-09-30 15:55 - 2016-09-30 15:55 - 00000000 ____D C:\ProgramData\Macrovision
2016-09-30 15:55 - 2016-09-30 15:55 - 00000000 ____D C:\ProgramData\FLEXnet
2016-09-30 15:54 - 2016-09-30 15:54 - 00000000 ____D C:\Users\Owner\AppData\Local\Downloaded Installations
2016-09-30 15:43 - 2016-09-30 16:04 - 00000000 ____D C:\ProgramData\Solid State Networks
2016-09-30 15:14 - 2016-09-30 08:44 - 00082936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2016-09-30 11:44 - 2016-09-30 11:44 - 00042792 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\DbxSvc.exe
2016-09-30 11:38 - 2016-09-30 11:38 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-stable.sys
2016-09-30 11:38 - 2016-09-30 11:38 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-dev.sys
2016-09-30 11:38 - 2016-09-30 11:38 - 00073840 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\dbx-canary.sys
2016-09-30 09:41 - 2016-09-30 16:09 - 00633344 _____ C:\Users\Owner\Desktop\PP UTILITY BILLING_09-30-16.xls
2016-09-30 09:13 - 2016-09-30 09:13 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill64.com
2016-09-29 15:17 - 2016-09-29 15:19 - 00000000 ____D C:\AdwCleaner
2016-09-29 15:00 - 2016-09-29 15:00 - 00000000 ____D C:\KVRT_Data
2016-09-29 14:58 - 2016-09-29 15:00 - 00448684 _____ C:\TDSSKiller.3.1.0.11_29.09.2016_14.58.46_log.txt
2016-09-29 13:24 - 2016-09-29 15:07 - 00000000 ____D C:\Users\Owner\Desktop\Old Firefox Data
2016-09-29 11:35 - 2016-09-29 11:36 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-09-29 09:34 - 2016-09-29 09:34 - 00778080 _____ C:\Users\Owner\Desktop\How-to-Build-a-Premium-Sous-Vide-Cooker.pdf
2016-09-28 14:02 - 2016-09-29 12:19 - 00001928 _____ C:\Users\Public\Desktop\GoodSync Explorer.lnk
2016-09-28 14:02 - 2016-09-29 12:19 - 00001914 _____ C:\Users\Public\Desktop\GoodSync.lnk
2016-09-28 14:02 - 2016-09-28 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoodSync
2016-09-28 14:01 - 2016-09-28 14:09 - 00000000 ____D C:\Users\Owner\AppData\Roaming\GoodSync
2016-09-28 14:01 - 2016-09-28 14:01 - 00000000 ____D C:\ProgramData\GoodSync
2016-09-28 14:01 - 2016-09-28 14:01 - 00000000 ____D C:\Program Files\Siber Systems
2016-09-28 13:57 - 2016-09-28 13:57 - 00004112 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
2016-09-28 13:57 - 2016-09-28 13:57 - 00003492 _____ C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2016-09-28 13:57 - 2016-09-28 13:57 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Siber Systems
2016-09-28 13:57 - 2016-09-28 13:57 - 00000000 ____D C:\ProgramData\RoboForm
2016-09-28 13:57 - 2016-09-28 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2016-09-28 13:56 - 2016-09-28 13:56 - 00000000 ____D C:\Program Files (x86)\Siber Systems
2016-09-28 13:30 - 2016-09-29 12:19 - 00002156 _____ C:\Users\Public\Desktop\Style Builder 2016.lnk
2016-09-28 13:30 - 2016-09-29 12:19 - 00002070 _____ C:\Users\Public\Desktop\LayOut 2016.lnk
2016-09-28 13:30 - 2016-09-29 12:19 - 00001985 _____ C:\Users\Public\Desktop\SketchUp 2016.lnk
2016-09-28 13:30 - 2016-09-28 13:30 - 00000000 ____D C:\ProgramData\Reprise
2016-09-28 13:30 - 2016-09-28 13:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2016
2016-09-28 13:29 - 2016-09-28 13:29 - 00000000 ____D C:\ProgramData\SketchUp
2016-09-28 13:29 - 2016-09-28 13:29 - 00000000 ____D C:\Program Files\SketchUp
2016-09-28 13:07 - 2016-09-28 13:07 - 00003308 _____ C:\Windows\System32\Tasks\NordVPN Client auto-start
2016-09-28 12:59 - 2016-09-29 12:19 - 00001011 _____ C:\Users\Public\Desktop\NordVPN.lnk
2016-09-28 12:59 - 2016-09-28 12:59 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-09-28 12:59 - 2016-09-28 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\NordVPN
2016-09-28 12:58 - 2016-09-28 13:07 - 00000000 ____D C:\Program Files\NordVPN
2016-09-28 12:50 - 2016-09-28 12:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperTintin for Skype
2016-09-28 12:50 - 2016-09-28 12:50 - 00000000 ____D C:\Program Files (x86)\SuperTintin for Skype
2016-09-28 12:50 - 2015-05-20 19:25 - 00629760 _____ (DivX, Inc.) C:\Windows\SysWOW64\DivXDecH264.ax
2016-09-28 12:50 - 2015-05-20 19:25 - 00189952 _____ (GDCL (www.gdcl.co.uk)) C:\Windows\SysWOW64\mp4demux.dll
2016-09-28 12:50 - 2015-05-20 19:22 - 00352256 _____ () C:\Windows\SysWOW64\lame.ax
2016-09-28 12:50 - 2012-05-30 22:43 - 00622592 _____ (MONOGRAM Multimedia s.r.o.) C:\Windows\SysWOW64\mmaacd.ax
2016-09-28 12:09 - 2016-09-29 12:19 - 00000866 _____ C:\Users\Public\Desktop\Notepad++.lnk
2016-09-28 12:09 - 2016-09-28 12:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Notepad++
2016-09-28 12:09 - 2016-09-28 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-09-28 12:09 - 2016-09-28 12:09 - 00000000 ____D C:\Program Files\Notepad++
2016-09-27 10:26 - 2016-09-29 12:19 - 00000995 _____ C:\Users\Public\Desktop\Tribler.lnk
2016-09-27 10:26 - 2016-09-27 10:42 - 00000000 ____D C:\Users\Owner\AppData\Roaming\.Tribler
2016-09-27 10:26 - 2016-09-27 10:26 - 00000000 ____D C:\Users\Owner\Downloads\TriblerDownloads
2016-09-27 10:25 - 2016-09-27 10:26 - 00000000 ____D C:\Program Files (x86)\Tribler
2016-09-27 10:10 - 2016-08-16 14:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-09-27 10:10 - 2016-08-16 14:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-09-27 10:10 - 2016-08-16 14:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-09-27 10:10 - 2016-08-16 14:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-09-27 10:10 - 2016-08-16 14:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-09-27 10:10 - 2016-08-16 14:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-09-27 10:10 - 2016-08-16 14:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-09-26 12:01 - 2016-09-26 12:23 - 00000000 ____D C:\Users\Owner\Desktop\Nikon Photos
2016-09-26 12:00 - 2016-09-26 12:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-09-25 20:06 - 2016-10-06 10:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-25 20:05 - 2016-09-29 12:19 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-25 20:05 - 2016-09-25 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-25 20:05 - 2016-09-25 20:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-25 20:05 - 2016-09-25 20:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-25 20:05 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-25 20:05 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-25 20:05 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-25 16:12 - 2016-09-25 16:12 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-09-25 16:12 - 2016-09-25 16:12 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-09-24 15:49 - 2016-09-29 12:19 - 00001900 _____ C:\Users\Owner\Desktop\IrfanView Thumbnails.lnk
2016-09-24 15:49 - 2016-09-29 12:19 - 00001008 _____ C:\Users\Owner\Desktop\IrfanView.lnk
2016-09-24 15:49 - 2016-09-24 15:49 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-09-24 15:49 - 2016-09-24 15:49 - 00000000 ____D C:\Program Files (x86)\IrfanView
2016-09-24 13:39 - 2016-09-24 13:39 - 00133607 _____ C:\Users\Owner\Desktop\PGRInsuranceIDCard.pdf
2016-09-24 13:00 - 2016-09-29 12:19 - 00001964 _____ C:\Users\Public\Desktop\Avast Pro Antivirus.lnk
2016-09-24 13:00 - 2016-09-24 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-24 13:00 - 2016-09-24 11:43 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-24 12:06 - 2016-09-24 12:06 - 00000000 ____D C:\Users\Owner\AppData\Local\Microsoft Games
2016-09-24 11:54 - 2016-09-29 12:19 - 00000864 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-09-24 11:54 - 2016-09-24 11:54 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-24 11:54 - 2016-09-24 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-09-24 11:54 - 2016-09-24 11:54 - 00000000 ____D C:\Program Files\CCleaner
2016-09-24 11:46 - 2016-09-30 15:25 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1474739192
2016-09-24 11:46 - 2016-09-29 12:19 - 00001185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-24 11:46 - 2016-09-29 12:19 - 00001167 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-09-24 11:46 - 2016-09-24 11:46 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-09-24 11:46 - 2016-09-24 11:46 - 00000000 ____D C:\Users\Owner\AppData\Local\CEF
2016-09-24 11:45 - 2016-09-29 12:19 - 00001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-09-24 11:45 - 2016-09-29 12:19 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-09-24 11:45 - 2016-09-28 12:14 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Thunderbird
2016-09-24 11:45 - 2016-09-24 11:53 - 00000000 ____D C:\Users\Owner\AppData\Local\Thunderbird
2016-09-24 11:43 - 2016-10-06 11:11 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-24 11:43 - 2016-09-24 11:43 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-24 11:43 - 2016-09-24 11:43 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-24 11:43 - 2016-09-24 11:43 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-09-24 11:43 - 2016-09-24 11:43 - 00000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2016-09-24 11:43 - 2016-09-24 11:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-24 11:40 - 2016-09-24 11:46 - 00000000 ____D C:\Program Files\AVAST Software
2016-09-24 11:31 - 2016-09-29 12:19 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-24 11:31 - 2016-09-24 11:39 - 00000000 ____D C:\Users\Owner\AppData\Local\Mozilla
2016-09-24 11:31 - 2016-09-24 11:31 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Mozilla
2016-09-24 11:28 - 2016-09-24 11:28 - 00000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2016-09-24 11:19 - 2016-09-24 11:22 - 00211981 _____ C:\Users\Owner\Downloads\Unconfirmed 244474.crdownload
2016-09-24 11:11 - 2016-10-01 08:46 - 00109776 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-24 11:11 - 2016-09-24 11:46 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-24 09:50 - 2016-09-28 12:00 - 00000000 ____D C:\Users\Owner\Desktop\Apps For Laptop
2016-09-23 18:12 - 2016-09-23 18:12 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Adobe
2016-09-23 15:48 - 2016-10-06 10:03 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2016-09-23 15:48 - 2016-09-23 15:48 - 00000000 ____D C:\Users\Owner\Tracing
2016-09-23 15:21 - 2016-10-02 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-23 15:21 - 2016-09-23 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-09-23 15:20 - 2016-09-23 15:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-09-23 15:20 - 2016-09-23 15:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-09-23 15:19 - 2016-09-23 15:19 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-09-23 15:18 - 2016-09-23 15:21 - 00000000 ____D C:\Windows\SHELLNEW
2016-09-23 15:18 - 2016-09-23 15:18 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-23 15:18 - 2016-09-23 15:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-09-23 15:18 - 2016-09-23 15:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-23 15:17 - 2016-09-30 09:44 - 00000000 ____D C:\Users\Owner\AppData\Local\Microsoft Help
2016-09-23 15:17 - 2016-09-23 15:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-23 15:17 - 2016-09-23 15:17 - 00000000 __RHD C:\MSOCache
2016-09-23 15:07 - 2016-09-23 15:07 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Temp
2016-09-23 15:00 - 2016-09-29 12:19 - 00002691 _____ C:\Users\Public\Desktop\Skype.lnk
2016-09-23 15:00 - 2016-09-23 15:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-23 15:00 - 2016-09-23 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-09-23 14:59 - 2016-09-29 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-09-23 14:59 - 2016-09-29 13:18 - 00000000 ____D C:\Program Files\7-Zip
2016-09-23 14:59 - 2016-09-23 15:00 - 00000000 ____D C:\ProgramData\Skype
2016-09-23 14:46 - 2016-09-29 12:19 - 00001128 _____ C:\Users\Owner\Desktop\Dropbox.lnk
2016-09-23 14:42 - 2016-09-23 14:48 - 00000000 ____D C:\Users\Owner\Downloads\Music Videos
2016-09-23 14:39 - 2016-09-23 14:41 - 00000000 ____D C:\Users\Owner\Downloads\Movies
2016-09-23 14:38 - 2016-10-06 11:43 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-23 14:38 - 2016-10-06 10:02 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-23 14:38 - 2016-09-30 16:09 - 00000000 ____D C:\Users\Owner\AppData\Local\Dropbox
2016-09-23 14:38 - 2016-09-30 16:09 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-23 14:38 - 2016-09-23 14:38 - 00003902 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-09-23 14:38 - 2016-09-23 14:38 - 00003650 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\Mental Exercises
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\Mechanics
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\Mathematics
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\Mark Levin
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\KSS
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\Kodi
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\Downloads\Investing
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Dropbox
2016-09-23 14:38 - 2016-09-23 14:38 - 00000000 ____D C:\ProgramData\Dropbox
2016-09-23 14:37 - 2016-09-23 14:37 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-09-23 14:37 - 2016-09-23 14:37 - 00000000 ____D C:\Users\Owner\Downloads\Graphics
2016-09-23 14:37 - 2016-09-23 14:37 - 00000000 ____D C:\Users\Owner\Downloads\FrameMaker 10 - Files
2016-09-23 14:37 - 2016-09-23 14:37 - 00000000 ____D C:\Users\Owner\Downloads\ExtraTorrent Downloads
2016-09-23 14:37 - 2016-09-23 14:37 - 00000000 ____D C:\Users\Owner\Downloads\Excel Resources
2016-09-23 14:36 - 2016-09-23 14:37 - 00000000 ____D C:\Users\Owner\Downloads\Ewell Family Docs
2016-09-23 14:36 - 2016-09-23 14:36 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Drones
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Docs
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Digital Social Media Marketing Strategy For Startup Business
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Declaration
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\dBan
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Chevy Astro Van
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Business Planning
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\Boom Box Designs
2016-09-23 14:36 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\Downloads\BassBox Pro v6.0.18 Software
2016-09-23 14:35 - 2016-09-23 14:35 - 00000000 ____D C:\Program Files\Java
2016-09-23 14:34 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-09-23 14:34 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-09-23 14:34 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-09-23 14:34 - 2014-07-08 20:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-09-23 14:34 - 2014-07-08 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-09-23 14:34 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-09-23 14:34 - 2014-07-08 19:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-09-23 14:34 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-09-23 14:34 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-09-23 14:34 - 2014-07-08 19:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-09-23 14:33 - 2016-09-30 17:34 - 00000000 ____D C:\Users\Owner\Downloads\Applications - New
2016-09-23 14:33 - 2016-09-23 14:36 - 00000000 ____D C:\Users\Owner\.oracle_jre_usage
2016-09-23 14:33 - 2016-09-23 14:33 - 00000000 ____D C:\Users\Owner\Documents\Websites
2016-09-23 14:33 - 2016-09-23 14:33 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Sun
2016-09-23 14:33 - 2016-09-23 14:33 - 00000000 ____D C:\Users\Owner\AppData\LocalLow\Sun
2016-09-23 14:33 - 2016-09-23 14:32 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-09-23 14:33 - 2016-09-04 07:44 - 00111149 _____ C:\Users\Owner\Downloads\ForWarrenRecipiesyouabsolutelycantbleepup.pdf
2016-09-23 14:33 - 2016-08-29 11:46 - 00482987 _____ C:\Users\Owner\Downloads\Kitchen cabinet installations.pdf
2016-09-23 14:33 - 2016-08-24 11:25 - 46517788 _____ C:\Users\Owner\Downloads\Makeuseof_Windows 10 Bible.pdf
2016-09-23 14:33 - 2016-08-23 07:53 - 01390387 _____ C:\Users\Owner\Downloads\Build-a-Bookcase-with-Doors.pdf
2016-09-23 14:33 - 2016-08-10 11:19 - 15885114 _____ C:\Users\Owner\Downloads\Makeuseof_Excel 2013.pdf
2016-09-23 14:33 - 2016-07-03 14:39 - 00075422 _____ C:\Users\Owner\Downloads\Paleo-Diet-Food-List-PDF.pdf
2016-09-23 14:33 - 2016-06-25 15:55 - 00011601 _____ C:\Users\Owner\Downloads\Genealogy Continuation Page Numbering.xlsx
2016-09-23 14:33 - 2016-06-25 13:07 - 00003757 _____ C:\Users\Owner\Downloads\FAMGRPWD.ZIP
2016-09-23 14:33 - 2016-06-13 14:41 - 01060371 _____ C:\Users\Owner\Downloads\Cold Box Frame.pdf
2016-09-23 14:33 - 2016-06-13 11:44 - 00338276 _____ C:\Users\Owner\Downloads\PB_LXDT01.pdf
2016-09-23 14:33 - 2016-06-09 09:00 - 08799217 _____ C:\Users\Owner\Downloads\MRCWatchdog-June2016.pdf
2016-09-23 14:33 - 2016-06-04 11:36 - 00834191 _____ C:\Users\Owner\Downloads\CleanVacFilter.pdf
2016-09-23 14:33 - 2016-05-28 10:06 - 01587135 _____ C:\Users\Owner\Downloads\Beer Battered Fish Sandwich with Chile-Apple Slaw and Ancho-Sriracha Mayo - Recipe.pdf
2016-09-23 14:33 - 2016-05-19 12:51 - 00477838 _____ C:\Users\Owner\Downloads\Burying Electrical Wire.pdf
2016-09-23 14:33 - 2016-05-17 11:18 - 00025233 _____ C:\Users\Owner\Downloads\mpeg_2.pdf
2016-09-23 14:33 - 2016-04-16 10:27 - 00014819 _____ C:\Users\Owner\Downloads\Antenna_instructions.pdf
2016-09-23 14:33 - 2016-04-14 09:23 - 00092911 _____ C:\Users\Owner\Downloads\utah-rental-application-form.pdf
2016-09-23 14:33 - 2016-04-10 12:16 - 122719342 _____ C:\Users\Owner\Downloads\Handbook of Technical Analysis - The Practitioner's Comprehensive Guide to Technical Analysis (2015).pdf
2016-09-23 14:33 - 2016-04-10 11:37 - 907699232 _____ C:\Users\Owner\Downloads\The Professional Chef.pdf
2016-09-23 14:33 - 2016-04-10 09:50 - 07168326 _____ C:\Users\Owner\Downloads\What Every Engineer Should Know About Excel - J. P. Holman (CRC, 2006).pdf
2016-09-23 14:33 - 2016-04-02 18:42 - 68643548 _____ C:\Users\Owner\Downloads\Makeuseof_Windows 10.pdf
2016-09-23 14:33 - 2016-03-20 13:00 - 00029406 _____ C:\Users\Owner\Downloads\How To Prune Grapes_ How To Trim A Grapevine.pdf
2016-09-23 14:33 - 2016-02-07 14:51 - 00232384 _____ C:\Users\Owner\Downloads\How-to-Fix-Cloudy-Headlights.pdf
2016-09-23 14:33 - 2016-02-05 13:58 - 00247563 _____ C:\Users\Owner\Downloads\Kitchen Island Plans.pdf
2016-09-23 14:33 - 2016-02-02 20:07 - 00093056 _____ C:\Users\Owner\Downloads\w1824_ds.pdf
2016-09-23 14:33 - 2016-01-24 13:43 - 01583070 _____ C:\Users\Owner\Downloads\Night-Stand-with-Locking-Secret-Hidden-Drawer.pdf
2016-09-23 14:33 - 2016-01-22 23:02 - 24980738 _____ C:\Users\Owner\Downloads\Utah_SoilSurveyStudy_(1968).pdf
2016-09-23 14:33 - 2016-01-12 15:30 - 00081213 _____ C:\Users\Owner\Downloads\pi_wifi_ap.pdf
2016-09-23 14:33 - 2016-01-01 17:01 - 00019265 _____ C:\Users\Owner\Downloads\standard
2016-09-23 14:33 - 2015-12-29 02:23 - 06601187 _____ C:\Users\Owner\Downloads\Usenet_make71.pdf
2016-09-23 14:33 - 2015-12-15 16:38 - 02352319 _____ C:\Users\Owner\Downloads\Guide_to_a_Successful_Meetup.pdf
2016-09-23 14:33 - 2015-12-14 18:15 - 00141195 _____ C:\Users\Owner\Downloads\ListofLegislatorsforVolunteerDeliveryandVolunteerInstructions.docx.pdf
2016-09-23 14:33 - 2015-12-12 14:12 - 01316126 _____ C:\Users\Owner\Downloads\Ultra-Sensitive-Spy-Ear.pdf
2016-09-23 14:33 - 2015-12-11 00:26 - 732352358 _____ C:\Users\Owner\Downloads\Obama's America.m4v
2016-09-23 14:33 - 2015-12-09 22:09 - 35781637 _____ C:\Users\Owner\Downloads\Hydroponics for the Home Grower (2015).pdf
2016-09-23 14:33 - 2015-08-27 12:05 - 05127975 _____ C:\Users\Owner\Downloads\Lightroom_cc6-quickstart.pdf
2016-09-23 14:33 - 2015-08-17 12:29 - 00339379 _____ C:\Users\Owner\Downloads\CW-June09-Muskoka.pdf
2016-09-23 14:33 - 2015-07-16 13:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-09-23 14:33 - 2015-07-16 13:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-09-23 14:33 - 2015-07-16 13:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-09-23 14:33 - 2015-07-16 13:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-09-23 14:33 - 2015-07-16 13:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-09-23 14:33 - 2015-07-16 13:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-09-23 14:33 - 2015-07-11 07:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-09-23 14:33 - 2014-06-30 23:26 - 00222957 ___SH C:\Users\Owner\Downloads\~WRL3516.tmp
2016-09-23 14:33 - 2014-05-24 18:12 - 00086943 ___SH C:\Users\Owner\Downloads\~WRL1990.tmp
2016-09-23 14:33 - 2014-03-22 19:38 - 00063709 ___SH C:\Users\Owner\Downloads\~WRL0427.tmp
2016-09-23 14:33 - 2011-12-18 18:11 - 00001642 _____ C:\Users\Owner\Downloads\Dropbox.lnk
2016-09-23 14:33 - 2011-11-30 16:18 - 00000363 _____ C:\Users\Owner\Downloads\RecentPlaces.lnk
2016-09-23 14:32 - 2016-09-23 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-23 14:32 - 2016-09-23 14:32 - 00000000 ____D C:\ProgramData\Oracle
2016-09-23 14:32 - 2016-09-23 14:32 - 00000000 ____D C:\Program Files (x86)\Java
2016-09-23 14:32 - 2016-05-13 16:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-09-23 14:32 - 2016-05-13 16:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-09-23 14:32 - 2016-05-13 16:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-09-23 14:32 - 2016-05-13 16:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-09-23 14:32 - 2016-05-13 15:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-09-23 14:32 - 2016-05-13 15:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-09-23 14:32 - 2016-05-13 15:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-09-23 14:32 - 2016-05-13 15:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-09-23 14:32 - 2016-05-13 15:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-09-23 14:32 - 2016-05-13 15:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-09-23 14:32 - 2016-05-13 15:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-09-23 14:32 - 2016-05-13 15:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-09-23 14:32 - 2016-05-13 15:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-09-23 14:32 - 2016-05-13 15:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-09-23 14:32 - 2016-05-13 15:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-09-23 14:32 - 2016-05-13 15:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-09-23 14:32 - 2016-05-12 11:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-09-23 14:32 - 2016-05-12 09:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-09-23 14:32 - 2016-05-12 09:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-09-23 14:32 - 2016-05-04 11:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-09-23 14:32 - 2016-05-04 11:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-09-23 14:32 - 2016-05-04 11:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-09-23 14:32 - 2016-05-04 11:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-09-23 14:32 - 2016-05-04 11:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-09-23 14:32 - 2016-05-04 11:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-09-23 14:32 - 2016-05-04 11:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-09-23 14:32 - 2016-05-04 11:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-09-23 14:32 - 2016-05-04 09:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-09-23 14:32 - 2016-05-04 08:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-09-23 14:29 - 2016-09-23 14:29 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Macromedia
2016-09-23 14:29 - 2016-09-23 14:29 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-09-23 14:29 - 2016-09-23 14:29 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-09-23 14:28 - 2016-09-23 14:33 - 00000000 ____D C:\Users\Owner\Documents\W O O D W O R K I N G -- 04
2016-09-23 14:27 - 2016-09-23 18:12 - 00000000 ____D C:\Users\Owner\AppData\Local\Adobe
2016-09-23 14:23 - 2014-12-11 11:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-09-23 14:19 - 2016-09-23 14:28 - 00000000 ____D C:\Users\Owner\Documents\W O O D W O R K I N G -- 03
2016-09-23 14:16 - 2016-09-23 14:19 - 00000000 ____D C:\Users\Owner\Documents\W O O D W O R K I N G -- 02
2016-09-23 14:03 - 2016-09-23 14:16 - 00000000 ____D C:\Users\Owner\Documents\W O O D W O R K I N G -- 01
2016-09-23 14:03 - 2016-09-23 14:03 - 00000000 ____D C:\Users\Owner\Documents\W O O D  D E C K S
2016-09-23 14:03 - 2016-09-23 14:03 - 00000000 ____D C:\Users\Owner\Documents\W O O D   T O Y S  &  P U Z Z L E S
2016-09-23 14:02 - 2016-09-29 13:20 - 00000000 ____D C:\Users\Owner\Documents\Ccleaner Backups
2016-09-23 14:02 - 2016-09-23 14:03 - 00000000 ____D C:\Users\Owner\Documents\SuperTintin Records for Skype
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\Smart Connect Statements
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\OneNote Notebooks
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\N E W  D O C S
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\My Shapes
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\My RoboForm Data
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\My Games
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\Jarrett and Jessie
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\Family Tree Maker
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\athtek_video
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\athtek_record
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\athtek_config
2016-09-23 14:02 - 2016-09-23 14:02 - 00000000 ____D C:\Users\Owner\Documents\Anicesoft
2016-09-23 14:02 - 2016-09-21 19:47 - 00000000 ____D C:\Users\Owner\Documents\My Downloads
2016-09-23 14:02 - 2016-09-21 19:46 - 00000000 ____D C:\Users\Owner\Documents\athtek_offline
2016-09-23 14:02 - 2016-01-13 15:29 - 00014350 _____ C:\Users\Owner\Documents\PersonalDatabase.kdbx
2016-09-23 14:02 - 2015-04-28 01:38 - 00031232 _____ C:\Users\Owner\Documents\Center Console.vsd
2016-09-23 14:02 - 2015-03-21 13:58 - 01138688 _____ C:\Users\Owner\Documents\Desktop contacts.accdb
2016-09-23 14:02 - 2014-08-16 10:04 - 00000880 _____ C:\Users\Owner\Documents\Downloads.lnk
2016-09-23 14:02 - 2014-07-09 21:55 - 00041569 ___SH C:\Users\Owner\Documents\~WRL3483.tmp
2016-09-23 14:02 - 2009-02-19 13:04 - 09943110 _____ C:\Users\Owner\Documents\WebmastersGuideToTNG_7-0.zip
2016-09-23 14:01 - 2016-09-30 16:08 - 00000000 ____D C:\Users\Owner\Desktop\PP PDFs
2016-09-23 14:01 - 2016-09-24 19:29 - 00000000 ____D C:\Users\Owner\Desktop\Projects Current
2016-09-23 14:01 - 2016-09-23 14:01 - 00000000 ____D C:\Users\Owner\Desktop\Food New
2016-09-23 14:00 - 2016-09-23 14:01 - 00000000 ____D C:\Users\Owner\Desktop\Family Histories
2016-09-23 13:49 - 2016-10-04 10:13 - 00000000 ____D C:\Users\Owner\Desktop\Old Firefox Data - Aaron
2016-09-23 13:41 - 2016-09-29 12:19 - 00000760 _____ C:\Users\Owner\Desktop\7-Zip File Manager.lnk
2016-09-23 13:41 - 2016-09-29 12:19 - 00000392 _____ C:\Users\Owner\Desktop\Spider Solitaire.lnk
2016-09-23 13:41 - 2016-09-23 13:41 - 00000000 ____D C:\Users\Owner\Desktop\COS Simulation
2016-09-23 13:41 - 2016-09-06 17:41 - 00618713 _____ C:\Users\Owner\Desktop\Fresh Peach Pie.pdf
2016-09-23 13:41 - 2016-09-05 08:30 - 1988131036 _____ C:\Users\Owner\Desktop\The.Sea.Of.Trees.2015.1080p.BluRay.H264.AAC-RARBG.mp4
2016-09-23 13:41 - 2016-08-28 10:56 - 00058206 ___SH C:\Users\Owner\Desktop\~WRL1221.tmp
2016-09-23 13:41 - 2015-12-22 18:18 - 00654921 ___SH C:\Users\Owner\Desktop\~WRL1975.tmp
2016-09-23 13:41 - 2015-12-17 17:39 - 00087918 ___SH C:\Users\Owner\Desktop\~WRL0526.tmp
2016-09-23 13:41 - 2015-10-27 18:07 - 00026373 ___SH C:\Users\Owner\Desktop\~WRL2251.tmp
2016-09-23 13:41 - 2015-10-11 18:16 - 00020590 ___SH C:\Users\Owner\Desktop\~WRL2848.tmp
2016-09-23 13:41 - 2015-08-30 14:04 - 00020852 ___SH C:\Users\Owner\Desktop\~WRL0864.tmp
2016-09-23 13:41 - 2015-06-04 20:54 - 00027259 ___SH C:\Users\Owner\Desktop\~WRL2368.tmp
2016-09-23 13:41 - 2015-04-19 20:27 - 00021946 ___SH C:\Users\Owner\Desktop\~WRL3275.tmp
2016-09-23 13:41 - 2014-10-06 21:13 - 00020894 ___SH C:\Users\Owner\Desktop\~WRL2308.tmp
2016-09-23 13:41 - 2014-10-06 13:22 - 00019262 ___SH C:\Users\Owner\Desktop\~WRL2613.tmp
2016-09-23 13:41 - 2014-09-03 20:33 - 00019900 ___SH C:\Users\Owner\Desktop\~WRL3828.tmp
2016-09-23 13:41 - 2014-08-09 23:02 - 00016077 ___SH C:\Users\Owner\Desktop\~WRL1566.tmp
2016-09-23 13:41 - 2014-07-09 01:01 - 00510464 ___SH C:\Users\Owner\Desktop\~WRL0001.tmp
2016-09-23 13:41 - 2014-01-07 13:24 - 00183521 ___SH C:\Users\Owner\Desktop\~WRL3004.tmp
2016-09-23 13:41 - 2013-11-02 19:35 - 00004096 ___SH C:\Users\Owner\Desktop\~$$Tool Shed.~vsd
2016-09-23 13:41 - 2011-01-09 14:52 - 00000880 ___SH C:\Users\Owner\Desktop\readme.txt
2016-09-23 13:40 - 2016-09-23 13:40 - 00000000 ____D C:\Users\Owner\Movies
2016-09-23 13:40 - 2016-09-23 13:40 - 00000000 ____D C:\Users\Owner\HDR Projects 3
2016-09-23 13:39 - 2016-10-06 11:56 - 00000000 ___RD C:\Users\Owner\Dropbox
2016-09-23 13:39 - 2016-10-03 14:51 - 00000000 ____D C:\Users\Owner\dwhelper
2016-09-23 13:39 - 2016-09-23 13:39 - 00000000 ____D C:\Users\Owner\Projects Series
2016-09-23 13:39 - 2016-09-21 22:38 - 00000000 ____D C:\Users\Owner\SyncUP
2016-09-23 13:39 - 2016-09-21 22:37 - 00000000 ____D C:\Users\Owner\My Backup Files
2016-09-23 13:39 - 2013-08-11 18:54 - 02824347 _____ C:\Users\Owner\crestonwoodplans.pdf
2016-09-23 13:39 - 2012-01-01 02:41 - 00000351 _____ C:\Users\Owner\Network - Shortcut.lnk
2016-09-22 13:42 - 2016-09-22 13:42 - 00000000 ____D C:\ProgramData\Geek Squad
2016-09-22 13:41 - 2016-09-22 13:41 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-09-22 12:54 - 2013-10-01 20:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-09-22 12:54 - 2013-10-01 20:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-09-22 12:54 - 2013-10-01 20:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-09-22 12:54 - 2013-10-01 19:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-09-22 12:54 - 2013-10-01 19:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-09-22 12:54 - 2013-10-01 19:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-09-22 12:54 - 2013-10-01 18:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-09-22 12:54 - 2013-10-01 18:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-09-22 12:54 - 2013-10-01 17:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-09-22 12:54 - 2013-10-01 16:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-09-22 12:48 - 2016-08-29 09:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-09-22 12:48 - 2016-08-29 09:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-09-22 12:48 - 2016-08-29 09:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-09-22 12:48 - 2016-08-29 09:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-09-22 12:48 - 2016-08-29 09:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-09-22 12:48 - 2016-08-29 09:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-09-22 12:48 - 2016-08-29 09:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-09-22 12:48 - 2016-08-29 08:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-09-22 12:48 - 2015-12-16 12:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-09-22 12:48 - 2015-12-16 12:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-09-22 12:48 - 2015-12-16 12:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-09-22 12:48 - 2015-12-16 12:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-09-22 12:48 - 2015-12-16 12:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-09-22 12:48 - 2015-12-16 12:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-09-22 12:48 - 2015-12-16 12:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-09-22 12:48 - 2015-12-16 12:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-09-22 12:48 - 2015-08-05 11:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-09-22 12:48 - 2015-08-05 11:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-09-22 12:47 - 2016-08-16 12:47 - 00419640 _____ C:\Windows\SysWOW64\locale.nls
2016-09-22 12:47 - 2016-08-16 12:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-09-22 12:47 - 2016-08-12 11:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-09-22 12:47 - 2016-08-12 11:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-09-22 12:47 - 2016-08-12 11:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-09-22 12:47 - 2016-08-12 11:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-09-22 12:47 - 2016-08-12 11:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-09-22 12:47 - 2016-08-12 10:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-09-22 12:47 - 2016-08-12 10:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-09-22 12:47 - 2016-08-12 10:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-09-22 12:47 - 2016-08-12 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-09-22 12:47 - 2016-08-12 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-09-22 12:47 - 2016-08-12 10:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-09-22 12:47 - 2016-08-06 09:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-09-22 12:47 - 2016-08-06 09:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-09-22 12:47 - 2016-08-06 09:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-09-22 12:47 - 2016-08-06 09:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-09-22 12:47 - 2016-08-06 09:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-09-22 12:47 - 2016-08-06 09:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-09-22 12:47 - 2016-08-06 09:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-09-22 12:47 - 2016-08-06 09:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-09-22 12:47 - 2016-08-06 09:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-09-22 12:47 - 2016-08-06 09:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-09-22 12:47 - 2016-08-06 09:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-09-22 12:47 - 2016-08-06 09:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-09-22 12:47 - 2016-08-06 09:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-09-22 12:47 - 2016-08-06 08:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-09-22 12:47 - 2016-08-06 08:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-09-22 12:47 - 2016-08-06 08:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-09-22 12:47 - 2016-06-14 11:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-09-22 12:47 - 2016-06-14 11:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-09-22 12:47 - 2016-06-14 11:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-09-22 12:47 - 2016-06-14 11:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-09-22 12:47 - 2016-06-14 09:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-09-22 12:47 - 2016-06-14 09:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-09-22 12:47 - 2016-06-14 09:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-09-22 12:47 - 2016-06-14 09:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-09-22 12:47 - 2016-06-14 09:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-09-22 12:47 - 2016-06-14 09:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-09-22 12:47 - 2016-06-14 09:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-09-22 12:47 - 2016-06-14 09:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-09-22 12:47 - 2016-06-14 09:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-09-22 12:33 - 2016-09-22 12:33 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-09-22 12:33 - 2016-09-22 12:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-09-22 09:57 - 2015-07-30 07:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-22 09:57 - 2015-07-30 07:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-22 09:40 - 2016-09-22 09:40 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-22 09:40 - 2016-09-22 09:40 - 00000000 ____D C:\Intel
2016-09-22 08:52 - 2016-09-22 08:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-22 08:52 - 2016-09-22 08:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-22 08:52 - 2016-09-22 08:52 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-22 08:31 - 2016-09-22 08:33 - 00000000 ____D C:\Windows\system32\MRT
2016-09-22 08:29 - 2014-06-30 16:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-09-22 08:29 - 2014-06-30 16:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-09-22 08:29 - 2014-06-06 00:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-09-22 08:29 - 2014-06-06 00:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-09-22 08:29 - 2014-03-09 15:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-09-22 08:29 - 2014-03-09 15:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-09-22 08:29 - 2014-03-09 15:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-09-22 08:29 - 2014-03-09 15:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-09-22 04:51 - 2015-01-08 21:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-09-22 04:51 - 2015-01-08 21:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-09-22 04:51 - 2015-01-08 21:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-09-22 04:51 - 2015-01-08 20:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-09-22 04:47 - 2016-06-25 18:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-09-22 04:47 - 2016-06-25 18:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-09-22 04:47 - 2016-06-22 07:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-09-22 04:47 - 2016-06-17 12:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-09-22 04:47 - 2016-06-17 12:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-09-22 04:47 - 2016-06-17 12:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-09-22 04:47 - 2016-06-17 12:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-09-22 04:47 - 2016-06-17 12:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-09-22 04:47 - 2016-06-17 12:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-09-22 04:47 - 2016-05-12 07:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-09-22 04:47 - 2016-05-12 07:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-09-22 04:47 - 2016-05-12 07:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-09-22 04:47 - 2016-03-23 16:40 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-09-22 04:47 - 2016-03-17 16:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-09-22 04:47 - 2016-03-17 16:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-09-22 04:47 - 2016-03-15 18:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-09-22 04:47 - 2016-03-15 18:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-09-22 04:47 - 2016-03-15 17:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-09-22 04:47 - 2016-03-06 12:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-09-22 04:47 - 2016-03-06 12:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-09-22 04:47 - 2016-03-06 12:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-09-22 04:47 - 2016-03-06 12:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-09-22 04:47 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-09-22 04:47 - 2015-11-13 17:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-09-22 04:47 - 2015-11-13 17:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-09-22 04:47 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-09-22 04:47 - 2015-11-13 16:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-09-22 04:47 - 2015-11-13 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-09-22 04:47 - 2015-11-10 12:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-09-22 04:47 - 2015-11-10 12:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-09-22 04:47 - 2015-11-10 12:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-09-22 04:47 - 2015-11-03 13:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-09-22 04:47 - 2015-11-03 12:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-09-22 04:47 - 2015-07-01 14:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-09-22 04:47 - 2015-07-01 14:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-09-22 04:47 - 2015-07-01 14:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-09-22 04:47 - 2015-07-01 14:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-09-22 04:47 - 2015-06-01 18:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-09-22 04:47 - 2015-06-01 17:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-09-22 04:47 - 2015-05-25 12:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-09-22 04:47 - 2015-05-25 12:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-09-22 04:47 - 2015-05-25 12:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-09-22 04:47 - 2015-05-25 12:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-09-22 04:47 - 2015-05-25 12:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-09-22 04:47 - 2015-05-25 12:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-09-22 04:47 - 2015-05-25 12:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-09-22 04:47 - 2015-05-25 12:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-09-22 04:47 - 2015-05-25 12:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-09-22 04:47 - 2015-05-25 12:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-09-22 04:47 - 2015-05-25 12:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-09-22 04:47 - 2015-05-25 12:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-09-22 04:47 - 2015-04-24 12:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-09-22 04:47 - 2015-04-24 11:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-09-22 04:47 - 2015-01-28 21:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-09-22 04:47 - 2015-01-28 21:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-09-22 04:47 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-09-22 04:47 - 2013-06-25 16:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-09-22 04:46 - 2016-09-02 09:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-22 04:46 - 2016-09-02 09:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-22 04:46 - 2016-09-02 09:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-22 04:46 - 2016-09-02 09:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-22 04:46 - 2016-09-02 09:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-22 04:46 - 2016-09-02 09:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-22 04:46 - 2016-09-02 09:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-22 04:46 - 2016-09-02 09:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-22 04:46 - 2016-09-02 09:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 09:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-22 04:46 - 2016-09-02 09:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-22 04:46 - 2016-09-02 09:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-22 04:46 - 2016-09-02 09:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-22 04:46 - 2016-09-02 08:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-22 04:46 - 2016-09-02 08:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-22 04:46 - 2016-09-02 08:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-22 04:46 - 2016-09-02 08:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-22 04:46 - 2016-09-02 08:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-22 04:46 - 2016-09-02 08:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-22 04:46 - 2016-09-02 08:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-22 04:46 - 2016-09-02 08:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-22 04:46 - 2016-09-02 08:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-22 04:46 - 2016-09-02 08:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-22 04:46 - 2016-09-02 08:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-22 04:46 - 2016-09-02 08:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-22 04:46 - 2016-09-02 08:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-22 04:46 - 2016-09-02 08:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 08:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 08:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-22 04:46 - 2016-09-02 08:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-22 04:46 - 2016-08-12 10:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-22 04:46 - 2016-08-12 10:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-22 04:46 - 2016-08-12 10:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-22 04:46 - 2016-03-23 16:43 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-09-22 04:46 - 2016-03-23 16:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-22 04:46 - 2016-03-23 16:40 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-22 04:46 - 2016-03-16 12:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-09-22 04:46 - 2016-03-16 12:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-09-22 04:46 - 2016-03-16 12:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-09-22 04:46 - 2016-02-02 12:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-09-22 04:46 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-09-22 04:46 - 2015-08-05 11:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-09-22 04:46 - 2015-07-14 21:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-09-22 04:46 - 2015-04-12 21:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-09-22 04:46 - 2013-10-29 20:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-09-22 04:46 - 2013-10-29 20:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-09-22 04:46 - 2013-10-18 20:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-09-22 04:46 - 2013-10-18 19:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-09-22 04:45 - 2016-04-09 01:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-09-22 04:45 - 2016-04-09 01:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-09-22 04:45 - 2016-04-09 00:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-09-22 04:45 - 2016-01-20 18:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-09-22 04:45 - 2015-07-15 12:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-09-22 04:45 - 2014-01-27 20:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-09-22 04:44 - 2016-09-01 13:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-22 04:44 - 2016-09-01 12:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-22 04:44 - 2016-08-31 21:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-22 04:44 - 2016-08-31 21:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-22 04:44 - 2016-08-31 20:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-22 04:44 - 2016-08-31 20:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-22 04:44 - 2016-08-31 20:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-22 04:44 - 2016-08-31 20:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-22 04:44 - 2016-08-31 20:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-22 04:44 - 2016-08-31 20:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-22 04:44 - 2016-08-31 20:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-22 04:44 - 2016-08-31 20:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-22 04:44 - 2016-08-31 20:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-22 04:44 - 2016-08-31 20:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-22 04:44 - 2016-08-31 20:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-22 04:44 - 2016-08-31 20:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-22 04:44 - 2016-08-31 20:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-22 04:44 - 2016-08-31 19:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-22 04:44 - 2016-08-31 19:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-22 04:44 - 2016-08-31 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-22 04:44 - 2016-08-31 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-22 04:44 - 2016-08-31 19:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-22 04:44 - 2016-08-31 19:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-22 04:44 - 2016-08-31 19:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-22 04:44 - 2016-08-31 19:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-22 04:44 - 2016-08-31 19:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-22 04:44 - 2016-08-31 19:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-22 04:44 - 2016-08-31 19:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-22 04:44 - 2016-08-31 19:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-22 04:44 - 2016-08-31 18:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-22 04:44 - 2016-08-31 18:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-22 04:44 - 2016-08-31 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-22 04:44 - 2016-08-31 18:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-22 04:44 - 2016-08-31 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-22 04:44 - 2016-08-31 18:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-22 04:44 - 2016-08-31 18:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-22 04:44 - 2016-08-31 18:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-22 04:44 - 2016-08-31 18:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-22 04:44 - 2016-08-31 18:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-22 04:44 - 2016-08-31 18:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-22 04:44 - 2016-08-31 18:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-22 04:44 - 2016-08-31 18:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-22 04:44 - 2016-08-31 18:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-22 04:44 - 2016-08-31 18:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-22 04:44 - 2016-08-31 18:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-22 04:44 - 2016-08-31 18:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-22 04:44 - 2016-08-31 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-22 04:44 - 2016-08-31 18:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-22 04:44 - 2016-08-31 18:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-22 04:44 - 2016-08-31 18:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-22 04:44 - 2016-08-31 17:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-22 04:44 - 2016-08-31 17:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-22 04:44 - 2016-08-31 17:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-22 04:44 - 2016-08-31 17:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-22 04:44 - 2016-08-31 17:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-22 04:44 - 2016-08-31 17:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-22 04:44 - 2016-08-31 17:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-22 04:44 - 2016-08-31 17:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-22 04:44 - 2016-08-31 17:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-22 04:44 - 2016-08-31 17:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-22 04:44 - 2016-08-31 17:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-22 04:44 - 2016-08-31 17:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-22 04:44 - 2016-08-31 17:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-22 04:44 - 2016-08-31 17:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-22 04:44 - 2016-08-31 16:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-22 04:44 - 2016-08-31 16:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-22 04:44 - 2016-02-05 12:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-09-22 04:44 - 2016-02-05 12:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-09-22 04:44 - 2016-02-05 11:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-09-22 04:44 - 2016-02-03 12:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-09-22 04:44 - 2016-01-11 13:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-09-22 04:44 - 2015-11-05 13:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-09-22 04:44 - 2015-11-05 13:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-09-22 04:44 - 2015-11-05 03:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-09-22 04:44 - 2015-06-03 14:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-09-22 04:44 - 2015-02-02 21:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-09-22 04:44 - 2015-02-02 21:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2016-09-22 04:44 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-09-22 04:44 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-09-22 04:44 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-09-22 04:44 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-09-22 04:44 - 2013-10-03 20:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-09-22 04:44 - 2013-10-03 20:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-09-22 04:44 - 2013-10-03 19:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-09-22 04:44 - 2013-10-03 19:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-09-22 04:43 - 2016-08-16 11:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-22 04:43 - 2016-08-15 20:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-22 04:43 - 2016-08-15 20:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-22 04:43 - 2016-08-05 09:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-22 04:43 - 2016-08-05 09:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-22 04:43 - 2016-07-07 09:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-22 04:43 - 2016-07-07 09:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-22 04:43 - 2016-07-07 09:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-22 04:43 - 2016-07-07 09:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-09-22 04:43 - 2016-07-01 09:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-22 04:43 - 2016-07-01 09:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-09-22 04:43 - 2016-07-01 09:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-22 04:43 - 2016-07-01 09:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-22 04:43 - 2016-06-25 18:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-09-22 04:43 - 2016-06-25 18:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-09-22 04:43 - 2016-06-25 18:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-09-22 04:43 - 2016-06-25 18:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-09-22 04:43 - 2016-06-25 18:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-09-22 04:43 - 2016-06-25 13:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-09-22 04:43 - 2016-06-25 13:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-09-22 04:43 - 2016-06-25 13:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-09-22 04:43 - 2016-06-25 13:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-09-22 04:43 - 2016-06-25 13:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-09-22 04:43 - 2016-02-04 19:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-09-22 04:43 - 2016-02-04 12:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-09-22 04:43 - 2016-01-07 11:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-09-22 04:43 - 2015-12-20 12:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-09-22 04:43 - 2015-12-20 12:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-09-22 04:43 - 2015-12-20 08:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-09-22 04:43 - 2015-11-11 12:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-09-22 04:43 - 2015-11-11 12:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-09-22 04:43 - 2015-11-11 12:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-09-22 04:43 - 2015-11-11 12:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-09-22 04:43 - 2015-10-13 10:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-09-22 04:43 - 2015-10-13 10:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-09-22 04:43 - 2015-07-09 11:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-09-22 04:43 - 2015-07-09 11:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-09-22 04:43 - 2015-07-09 11:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-09-22 04:43 - 2015-07-09 11:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-09-22 04:43 - 2014-08-01 05:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-09-22 04:43 - 2014-08-01 05:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-09-22 04:43 - 2014-06-18 16:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-09-22 04:43 - 2014-06-18 16:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-09-22 04:43 - 2014-06-18 16:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-09-22 04:43 - 2014-06-18 16:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-09-22 04:43 - 2014-06-18 16:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-09-22 04:43 - 2014-06-18 16:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-09-22 04:43 - 2014-06-17 20:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-09-22 04:43 - 2014-06-17 19:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-09-22 04:43 - 2014-01-28 20:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-09-22 04:43 - 2014-01-28 20:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-09-22 04:43 - 2013-12-03 20:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-09-22 04:43 - 2013-12-03 20:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-09-22 04:43 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-09-22 04:43 - 2013-12-03 20:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-09-22 04:43 - 2013-12-03 20:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-09-22 04:43 - 2013-12-03 20:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-09-22 04:43 - 2013-12-03 20:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-09-22 04:43 - 2013-12-03 20:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-09-22 04:43 - 2013-12-03 20:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-09-22 04:43 - 2013-12-03 20:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-09-22 04:43 - 2013-12-03 20:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-09-22 04:43 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-09-22 04:43 - 2013-12-03 20:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-09-22 04:43 - 2013-12-03 20:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-09-22 04:43 - 2013-12-03 19:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-09-22 04:43 - 2013-12-03 19:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-09-22 04:43 - 2013-12-03 19:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-09-22 04:43 - 2013-12-03 19:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-09-22 04:43 - 2013-08-04 20:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-09-22 04:43 - 2013-07-12 04:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2016-09-22 04:43 - 2013-07-12 04:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2016-09-22 04:43 - 2013-07-02 22:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-09-22 04:43 - 2013-07-02 22:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-09-22 04:42 - 2016-05-13 16:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-09-22 04:42 - 2016-05-13 16:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-09-22 04:42 - 2016-05-13 16:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-09-22 04:42 - 2016-05-13 16:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-09-22 04:42 - 2016-05-13 16:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-09-22 04:42 - 2016-05-13 15:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-09-22 04:42 - 2016-05-13 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-09-22 04:42 - 2016-05-13 15:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-09-22 04:42 - 2016-05-13 15:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-09-22 04:42 - 2016-05-13 15:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-09-22 04:42 - 2016-05-11 11:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-09-22 04:42 - 2016-05-11 09:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-09-22 04:42 - 2016-04-14 07:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-09-22 04:42 - 2016-04-14 07:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-09-22 04:42 - 2015-12-08 15:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-09-22 04:42 - 2015-12-08 15:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-09-22 04:42 - 2015-12-08 15:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-09-22 04:42 - 2015-12-08 15:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-09-22 04:42 - 2015-12-08 15:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-09-22 04:42 - 2015-12-08 15:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-09-22 04:42 - 2015-12-08 15:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-09-22 04:42 - 2015-12-08 15:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-09-22 04:42 - 2015-12-08 15:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-09-22 04:42 - 2015-12-08 15:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-09-22 04:42 - 2015-12-08 15:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-09-22 04:42 - 2015-12-08 13:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-09-22 04:42 - 2015-12-08 13:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-09-22 04:42 - 2015-12-08 13:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-09-22 04:42 - 2015-12-08 12:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-09-22 04:42 - 2015-12-08 12:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-09-22 04:42 - 2015-12-08 12:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-09-22 04:42 - 2015-10-29 11:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-09-22 04:42 - 2015-10-29 11:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-09-22 04:42 - 2015-10-29 11:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-09-22 04:42 - 2015-10-29 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-09-22 04:42 - 2015-10-29 11:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-09-22 04:42 - 2015-10-29 11:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-09-22 04:42 - 2015-10-29 11:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-09-22 04:42 - 2015-07-30 12:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-09-22 04:42 - 2015-07-30 11:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-09-22 04:42 - 2015-07-22 18:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-09-22 04:42 - 2015-07-22 18:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-09-22 04:42 - 2015-07-22 11:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-09-22 04:42 - 2015-07-22 10:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-09-22 04:42 - 2015-07-09 11:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-09-22 04:42 - 2015-07-09 11:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-09-22 04:42 - 2015-07-09 11:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-09-22 04:42 - 2015-02-18 01:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-09-22 04:42 - 2015-02-18 01:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-09-22 04:42 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-09-22 04:42 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-09-22 04:42 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-09-22 04:42 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-09-22 04:42 - 2014-03-04 03:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2016-09-22 04:42 - 2014-03-04 03:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2016-09-22 04:42 - 2014-03-04 03:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2016-09-22 04:42 - 2014-03-04 03:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2016-09-22 04:42 - 2014-03-04 03:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2016-09-22 04:42 - 2014-03-04 03:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2016-09-22 04:42 - 2014-03-04 03:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2016-09-22 04:42 - 2014-03-04 03:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2016-09-22 04:42 - 2013-11-26 02:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-09-22 04:42 - 2013-11-22 16:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-09-22 04:41 - 2016-08-06 09:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-22 04:41 - 2016-08-06 09:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-22 04:41 - 2016-05-12 11:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-09-22 04:41 - 2016-05-12 11:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-09-22 04:41 - 2016-05-12 11:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-09-22 04:41 - 2016-05-12 11:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-09-22 04:41 - 2016-05-12 11:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-09-22 04:41 - 2016-05-12 11:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-09-22 04:41 - 2016-05-12 09:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-09-22 04:41 - 2016-05-12 09:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-09-22 04:41 - 2016-05-12 09:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-09-22 04:41 - 2016-05-12 09:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-09-22 04:41 - 2016-05-11 11:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-09-22 04:41 - 2016-05-11 11:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-09-22 04:41 - 2016-05-11 11:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-09-22 04:41 - 2016-05-11 09:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-09-22 04:41 - 2016-05-11 09:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-09-22 04:41 - 2016-05-11 09:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-09-22 04:41 - 2016-05-11 09:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-09-22 04:41 - 2016-05-11 09:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-09-22 04:41 - 2016-05-11 08:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-09-22 04:41 - 2016-02-09 03:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-09-22 04:41 - 2016-01-22 00:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-09-22 04:41 - 2016-01-22 00:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-09-22 04:41 - 2016-01-22 00:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-09-22 04:41 - 2016-01-22 00:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-09-22 04:41 - 2015-08-27 12:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-09-22 04:41 - 2015-08-27 12:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-09-22 04:41 - 2015-08-27 11:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-09-22 04:41 - 2015-08-27 11:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-09-22 04:41 - 2015-04-10 21:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2016-09-22 04:41 - 2015-02-24 21:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-09-22 04:41 - 2015-01-16 20:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-09-22 04:41 - 2015-01-16 20:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-09-22 04:41 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-09-22 04:41 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-09-22 04:41 - 2014-09-03 23:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-09-22 04:41 - 2014-09-03 23:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-09-22 04:41 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-09-22 04:41 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-09-22 04:41 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-09-22 04:41 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-09-22 04:41 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-09-22 04:41 - 2013-07-25 20:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-09-22 04:41 - 2013-07-25 19:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-09-22 04:40 - 2016-05-18 10:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-09-22 04:40 - 2016-05-18 10:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-09-22 04:40 - 2016-03-09 13:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-09-22 04:40 - 2016-03-09 12:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-09-22 04:40 - 2016-03-09 12:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-09-22 04:40 - 2016-03-09 12:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-09-22 04:40 - 2015-11-03 13:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-09-22 04:40 - 2015-11-03 12:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-09-22 04:40 - 2015-10-12 22:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-09-22 04:40 - 2015-03-03 22:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-09-22 04:40 - 2015-03-03 22:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-09-22 04:40 - 2015-03-03 22:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-09-22 04:40 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-09-22 04:40 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-09-22 04:40 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-09-22 04:40 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-09-22 04:40 - 2014-07-16 20:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-09-22 04:40 - 2014-07-16 20:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-09-22 04:40 - 2014-07-16 20:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-09-22 04:40 - 2014-07-16 19:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-09-22 04:40 - 2014-07-16 19:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-09-22 04:40 - 2013-10-11 20:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-09-22 04:40 - 2013-10-11 20:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-09-22 04:40 - 2013-10-11 20:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-09-22 04:40 - 2013-10-11 20:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-09-22 04:40 - 2013-10-11 19:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-09-22 04:40 - 2013-10-11 19:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-09-22 04:40 - 2013-10-11 19:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-09-22 04:40 - 2013-10-11 19:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-09-22 04:40 - 2013-05-12 23:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-09-22 04:40 - 2013-05-12 21:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-09-22 04:40 - 2013-05-12 21:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-09-22 04:40 - 2013-05-12 21:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-09-22 04:40 - 2013-05-09 23:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-09-22 04:40 - 2013-05-09 21:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-09-22 04:39 - 2016-04-08 22:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-09-22 04:39 - 2016-04-08 21:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-09-22 04:39 - 2013-10-11 20:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-09-22 04:39 - 2013-10-11 20:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-09-22 04:39 - 2013-10-11 20:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-09-22 04:39 - 2013-10-11 20:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-09-22 04:39 - 2013-10-11 20:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-09-22 04:28 - 2015-02-03 21:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-09-22 04:28 - 2015-02-03 20:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-09-22 00:13 - 2016-09-22 00:13 - 00003886 _____ C:\BASEPremium64o.txt
2016-09-22 00:13 - 2016-09-22 00:13 - 00001283 _____ C:\Info.txt
2016-09-22 00:13 - 2016-09-22 00:13 - 00000088 _____ C:\BASE_Drivers.txt
2016-09-22 00:13 - 2016-09-22 00:13 - 00000000 ____D C:\AHS
2016-09-22 00:13 - 2016-09-21 22:22 - 00000000 ____D C:\IE11
2016-09-22 00:13 - 2016-02-18 10:41 - 00000333 _____ C:\AHS-Readme.txt
2016-09-22 00:13 - 2016-02-11 06:52 - 00000171 _____ C:\Users\Default\Desktop\PCLaptops At Home Support.url
2016-09-22 00:13 - 2016-02-11 06:52 - 00000171 _____ C:\Users\Default User\Desktop\PCLaptops At Home Support.url
2016-09-22 00:13 - 2016-02-11 06:52 - 00000171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCLaptops At Home Support.url
2016-09-22 00:13 - 2015-09-07 17:46 - 00000000 ____D C:\GC
2016-09-22 00:13 - 2015-09-07 17:46 - 00000000 ____D C:\FF
2016-09-22 00:12 - 2013-12-11 23:46 - 11530992 ____R (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2016-09-22 00:11 - 2016-09-22 00:13 - 00000000 ____D C:\Windows\OEMFolder
2016-09-22 00:11 - 2014-01-27 03:30 - 00084816 ____R (Asmedia Technology) C:\Windows\system32\Drivers\asstor64.sys
2016-09-22 00:11 - 2013-11-19 03:39 - 00060632 ____R (Asmedia Technology) C:\Windows\system32\Drivers\asahci64.sys
2016-09-22 00:11 - 2013-02-07 00:51 - 00041984 ____R (Asmedia Technology) C:\Windows\system32\ahcipp64.dll
2016-09-21 22:22 - 2016-09-21 22:22 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-09-21 22:21 - 2016-09-21 22:21 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-09-21 22:21 - 2016-09-21 22:21 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-09-21 22:21 - 2016-09-21 22:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-09-21 22:21 - 2016-09-21 22:21 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-09-21 22:21 - 2016-09-21 22:21 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-09-21 22:21 - 2016-09-21 22:21 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-09-21 22:21 - 2016-09-21 22:21 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-09-21 22:20 - 2016-09-21 22:20 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-09-21 22:20 - 2016-09-21 22:20 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-09-21 22:18 - 2016-09-21 22:18 - 07065600 _____ C:\Program Files (x86)\GUTDEDA.tmp
2016-09-21 22:18 - 2016-09-21 22:18 - 00000000 ____D C:\Program Files (x86)\GUMDED9.tmp
2016-09-21 22:17 - 2016-09-29 12:19 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-09-21 22:17 - 2016-09-29 12:19 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-09-21 17:30 - 2016-09-23 18:12 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Adobe
2016-09-21 17:30 - 2016-09-21 17:30 - 00000000 ____D C:\Users\Owner\AppData\Local\Packages
2016-09-21 17:29 - 2016-10-04 15:55 - 00000000 ____D C:\Users\Owner\AppData\Local\Google
2016-09-21 17:29 - 2016-10-04 10:21 - 00000000 ____D C:\Users\Owner\AppData\Local\VirtualStore
2016-09-21 17:29 - 2016-09-30 17:37 - 00000000 ____D C:\Users\Owner
2016-09-21 17:29 - 2016-09-29 12:19 - 00002107 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
2016-09-21 17:29 - 2016-09-29 12:19 - 00001405 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-21 17:29 - 2016-09-22 13:19 - 00000000 ___RD C:\Users\Owner\Virtual Machines
2016-09-21 17:29 - 2016-09-21 17:29 - 00000000 _SHDL C:\Users\Owner\My Documents
2016-09-21 17:29 - 2016-09-21 17:29 - 00000000 _SHDL C:\Users\Owner\Documents\My Videos
2016-09-21 17:29 - 2016-09-21 17:29 - 00000000 _SHDL C:\Users\Owner\Documents\My Pictures
2016-09-21 17:29 - 2016-09-21 17:29 - 00000000 _SHDL C:\Users\Owner\Documents\My Music
2016-09-21 17:29 - 2013-05-16 18:44 - 00000000 ____D C:\Users\Owner\AppData\Roaming\Media Center Programs
2016-09-21 17:29 - 2010-11-20 20:50 - 00000020 ___SH C:\Users\Owner\ntuser.ini
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-06 12:00 - 2013-05-15 10:17 - 00000000 ____D C:\ProgramData\Temp
2016-10-06 11:54 - 2013-05-15 10:14 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-06 11:43 - 2013-05-15 10:25 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 11:20 - 2009-07-13 23:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-06 11:20 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2016-10-06 10:41 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-06 10:10 - 2009-07-13 22:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-06 10:10 - 2009-07-13 22:45 - 00029376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-06 10:02 - 2013-05-15 10:14 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-06 10:01 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-05 19:03 - 2013-05-15 10:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-03 14:24 - 2013-05-15 10:14 - 00002211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 14:24 - 2013-05-15 10:14 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-01 08:45 - 2009-07-13 22:45 - 00409568 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-29 16:14 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\IME
2016-09-29 15:20 - 2009-07-13 23:32 - 00000000 ____D C:\Windows\addins
2016-09-29 15:19 - 2013-05-15 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-29 15:06 - 2013-05-15 10:19 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-09-29 12:19 - 2013-05-15 11:01 - 00001479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-09-29 12:19 - 2013-05-15 11:01 - 00001405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-09-29 12:19 - 2013-05-15 11:01 - 00001332 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-09-29 12:19 - 2013-05-15 10:16 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-09-29 12:19 - 2013-05-15 10:16 - 00002030 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-09-29 12:19 - 2013-05-15 10:13 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-29 12:19 - 2009-07-13 23:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-09-29 12:19 - 2009-07-13 22:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-29 12:19 - 2009-07-13 22:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-09-29 12:19 - 2009-07-13 22:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-09-29 12:19 - 2009-07-13 22:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-09-29 12:19 - 2009-07-13 22:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-09-29 12:19 - 2009-07-13 22:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-09-27 11:16 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2016-09-27 09:12 - 2009-07-13 20:34 - 00000478 _____ C:\Windows\win.ini
2016-09-25 16:13 - 2009-07-13 21:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-09-24 15:29 - 2013-05-15 11:20 - 00000000 ____D C:\Windows\Panther
2016-09-24 11:13 - 2009-07-13 21:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-23 15:21 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-23 15:20 - 2013-05-15 11:01 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-09-23 14:55 - 2013-05-15 11:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-23 14:55 - 2013-05-15 11:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-23 14:52 - 2013-05-15 10:58 - 00777338 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-09-23 14:49 - 2009-07-13 23:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-09-23 14:30 - 2013-05-15 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-23 14:29 - 2013-05-15 10:15 - 00000000 ____D C:\ProgramData\Adobe
2016-09-23 14:28 - 2013-05-15 10:16 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-23 13:53 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\AppCompat
2016-09-22 13:06 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\tracing
2016-09-22 13:06 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-09-22 13:06 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\Dism
2016-09-22 12:34 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-22 12:33 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-22 12:33 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-22 12:33 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-09-22 08:31 - 2013-05-15 12:19 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-22 03:49 - 2013-05-15 10:14 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-22 03:49 - 2013-05-15 10:14 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-22 00:13 - 2013-06-06 14:29 - 00000000 ____D C:\Windows\Options
2016-09-21 22:19 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\oobe
2016-09-21 22:17 - 2009-07-13 23:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-21 17:43 - 2013-05-15 10:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-21 17:43 - 2013-05-15 10:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-21 17:43 - 2013-05-15 10:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-21 17:43 - 2013-05-15 10:25 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-21 17:43 - 2013-05-15 10:25 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-21 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\sysprep
 
==================== Files in the root of some directories =======
 
2016-09-21 22:18 - 2016-09-21 22:18 - 7065600 _____ () C:\Program Files (x86)\GUTDEDA.tmp
2016-09-27 10:28 - 2016-09-27 10:28 - 0000335 _____ () C:\Users\Owner\AppData\Roaming\Tribler.exe.old.log
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-05 18:52
 
==================== End of FRST.txt ============================

 

 

 

Attached File  Situation.pdf   150.78KB   6 downloadsAttached File  Addition.txt   35.23KB   2 downloads



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:12 AM

Posted 08 October 2016 - 10:19 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\sbcmw95g.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\searchplugins\google-avast.xml [2014-12-11]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js [2011-12-14] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\493014954.cfg [2016-09-29] <==== ATTENTION
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Extension: (Avast Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 dbx; system32\DRIVERS\dbx.sys [X]
CustomCLSID: HKU\S-1-5-21-3287102053-510840599-1920134602-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {180CE044-9468-D082-1270-7DE985889A47} => No File
CustomCLSID: HKU\S-1-5-21-3287102053-510840599-1920134602-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5BD32D01-9468-D082-57BD-A2AA85889A47} => No File
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [716]
AlternateDataStreams: C:\Users\Owner\Desktop\PP UTILITY BILLING_09-30-16.xls:com.dropbox.attributes [168]
C:\Program Files (x86)\mozilla firefox\493014954.cfg

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.


The tool will create a log (Fixlog.txt) please post it to your reply.
===

Firefox:
Reset Default Browsing settings:
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-problems?utm_expid=65912487-41.djHNRQY0RhaLvvtvcd0BQA.2&utm_referrer=https%3A%2F%2Fwww.google.ca%2F

Clean the Firefox Cache.
https://kb.iu.edu/d/ahic#firefox
<<<>>>

Please post the log and let me know what problem persists.

#3 tropicalelder

tropicalelder
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 08 October 2016 - 11:33 AM

Hello nasdaq! Many thanks for responding. I followed your instructions completely. However, after the reboot and when I launch FF, I still get "Index of file:///C:/Windows/system32/" and when I launch Chrome, I get a similar "Index of C:\Program Files (x86). . ."

 

The contents of the resulting Fixlog.txt file is as follows.

 

Thanks,
Tropicalelder

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2016
Ran by Owner (08-10-2016 10:15:33) Run:1
Running from C:\Users\Owner\Downloads
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\sbcmw95g.default -> hxxps://www.google.com/search/?trackid=sp-006
FF SearchPlugin:
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\searchplugins\google-avast.xml [2014-12-11]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js [2011-12-14] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\493014954.cfg [2016-09-29] <==== ATTENTION
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Extension: (Avast
Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 dbx; system32\DRIVERS\dbx.sys [X]
CustomCLSID: HKU\S-1-5-21-3287102053-510840599-1920134602-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {180CE044-9468-D082-1270-7DE985889A47} => No File
CustomCLSID: HKU\S-1-5-21-3287102053-510840599-1920134602-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5BD32D01-9468-D082-57BD-A2AA85889A47} => No File
ShortcutWithArgument:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:F9CFE070 [716]
AlternateDataStreams: C:\Users\Owner\Desktop\PP UTILITY BILLING_09-30-16.xls:com.dropbox.attributes [168]
C:\Program Files (x86)\mozilla firefox\493014954.cfg

End

*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
Firefox DefaultSearchUrl removed successfully
"FF SearchPlugin:" => not found.
"C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\sbcmw95g.default\searchplugins\google-avast.xml [2014-12-11]" => not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\local-settings.js => moved successfully
C:\Program Files (x86)\mozilla firefox\493014954.cfg => moved successfully
C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => not found.
c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => not found.
CHR Extension: (Avast => not found
Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-09-29] => Error: No automatic fix found for this entry.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => key removed successfully
dbx => service removed successfully
"HKU\S-1-5-21-3287102053-510840599-1920134602-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}" => key removed successfully
"HKU\S-1-5-21-3287102053-510840599-1920134602-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}" => key removed successfully
ShortcutWithArgument: => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> " => not found.
C:\Users\Public\Desktop\Google Chrome.lnk => Shortcut argument removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully.
C:\ProgramData\Temp => ":F9CFE070" ADS removed successfully.
"C:\Users\Owner\Desktop\PP UTILITY BILLING_09-30-16.xls" => ":com.dropbox.attributes" ADS not found.
"C:\Program Files (x86)\mozilla firefox\493014954.cfg" => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 20165652 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 15132091 B
Edge => 0 B
Chrome => 155737217 B
Firefox => 90601471 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 87718 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66228 B
LocalService => 0 B
NetworkService => 0 B
Owner => 60629746 B

RecycleBin => 767715182 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:16:23 ====



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:12 AM

Posted 08 October 2016 - 12:41 PM

Remove Chrome using the the instructions on this page.
https://support.google.com/chrome/answer/95319?hl=en

Before you do Export your Bookmarks
Chrome will export your bookmarks as a HTML file, which you can then import into another browser.

Re-install Chrome and the Bookmarks.

If you want to save all your settings refer to this page.
Follow the instructions before removing Chrome.
http://juan2geek.com/how-to-backup-and-restore-entire-google-chrome-setting/
<<<>>>

Let me know if chrome is working.

Will take care for Firefox next..

#5 tropicalelder

tropicalelder
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 08 October 2016 - 12:45 PM

nasdaq, in addition to neither browsers opening correctly, the wireless adapter is still not working. I will work on the Chrome repairs now.

Thanks,
john



#6 tropicalelder

tropicalelder
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 08 October 2016 - 12:56 PM

nasdaq, I did not have any bookmarks or ???? in Chrome as it was only used since FF stopped working.

 

I was able to successfully uninstall and reinstall Chrome. Thanks!



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:12 AM

Posted 09 October 2016 - 08:39 AM


Copy your Firefox bookmarks to Chrome.
https://support.google.com/chrome/answer/95418?hl=en

This is required in case you loose them in the next instructions.

===

Remove Firefox using the instructions one this page.
https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer

Before proceeding save your Bookmarks.
https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Install the latest version of the application.

You can then import them to the new version of Firefox.

Firefox Password manager -
Remember, delete and change saved passwords in Firefox
https://support.mozilla.org/en-US/kb/password-manager-remember-delete-change-passwords
<<<>>>

Keep me posted.

#8 tropicalelder

tropicalelder
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:12 AM

Posted 09 October 2016 - 01:01 PM

Hello nasdaq - Excellent. Your solutions fixed my problems perfectly. Plus, I discovered that I had inadvertently turned off my wireless adapter from the keyboard, which was easily rectified by turning it back on. Please, from the Fixit log, can you tell me which malware or issues that had infected my computer? I am also really enjoying all of the articles on Bleeping Computer. Thank you, again!



#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:12 AM

Posted 10 October 2016 - 10:06 AM

Nothing malicious was found.

I removed what we know as not required or wanted.
Some registry items that needed ATTENTION were fixed.


If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users