Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Maybe the breached EvLog 3.05. LAN seems to be wide open


  • Please log in to reply
12 replies to this topic

#1 Titan-man

Titan-man

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 25 October 2016 - 04:57 AM

Hello and thank you in advance,

 

Not IT here however I know this isn't good. First I noticed too much data moving to & from "dumb" devices on the LAN I.E. time clock, printer etc. started looking in logs and at that time back up was faulting and previous backups gone. All logs had the same start date of 9.21.16 and nothing prior. Most all apps showed created on the same date of 9.21.16 in add/remove programs. I have lots of saved logs, screenshots and files however would like some guidance scrubbing them before posting in the open. Here are the FRST64 files and I apologize if I make a posting mistake. I will correct anything brought to my attention.

 

   Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016

Ran by fast (administrator) on ANONYMOUS-FAST (24-10-2016 01:54:41)
Running from C:\Users\fast\Desktop
Loaded Profiles: fast (Available Profiles: fast)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files (x86)\UPS\WSTD\WSDB\MSSQL11.UPSWS2012SERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\DVR Soft\DvrClient\DvrClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\pia_manager\pia_manager.exe
(hxxp://www.ruby-lang.org/) C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(hxxp://www.ruby-lang.org/) C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\bin\rubyw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\pia_manager\openvpn.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804616 2015-11-10] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1868472 2016-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WSUpdater] => C:\PROGRAM FILES (X86)\UPS\WSTD\CF\WorldShipCF.exe [238336 2016-03-02] (UPS)
HKLM-x32\...\Run: [NA1Messenger] => C:\PROGRAM FILES (X86)\UPS\WSTD\UPSNA1Msgr.exe [29952 2016-03-02] ()
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-02-27] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [GoogleChromeAutoLaunch_23E43E3C36DDE0630C2BD1E0DE7890D8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135208 2016-09-24] (Google Inc.)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe [1260544 2016-10-11] (The NWJS Community)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135208 2016-09-24] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-06-01]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-06-01]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-06-15]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-06-15]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-06-15]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip Messaging Utility.lnk [2016-04-30]
ShortcutTarget: UPS WorldShip Messaging Utility.lnk -> C:\Program Files (x86)\UPS\WSTD\WSTDMessaging.exe (United Parcel Service, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip PLD Reminder Utility.lnk [2016-04-30]
ShortcutTarget: UPS WorldShip PLD Reminder Utility.lnk -> C:\Program Files (x86)\UPS\WSTD\wstdPldReminder.exe (UPS)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{21a826f8-8044-4596-b760-d99ad2b9ec82}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97f62454-dc5c-4558-ab3f-35b9a4171b41}: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3271275025-2158743644-2568987073-1000 -> {0C59C728-CBA0-442A-9B9B-BF8DD0F3D760} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-20] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-06-01] (LastPass)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-20] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-09-20] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-06-01] (LastPass)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-09-20] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-06-01] (LastPass)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-06-01] (LastPass)
IE Session Restore: HKU\S-1-5-21-3271275025-2158743644-2568987073-1000 -> is enabled.
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll [2015-02-27] (Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-20] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: mpvptqmz.default
FF ProfilePath: C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default [2016-10-23]
FF Extension: (Bing Search) - C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-28]
FF Extension: (LastPass) - C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default\Extensions\support@lastpass.com [2016-09-26]
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-04-28]
FF SearchPlugin: C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default\searchplugins\bing-.xml [2016-09-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-06-01] (LastPass)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-06-01] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-20] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Profile 1 -> "hxxp://mysearch.avg.com?cid={9F43CA9C-A693-4238-B11E-3DD90028EAB9}&mid=7d3da297d4a347d2a2ecd15aef150dac-ee1b55af0bb211f190d65bc7732d76a695e2d292&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-05-29 13:10:53&v=3.0.0.2&pid=wtu&sg=&sap=hp","hxxp://mysearch.avg.com?cid={9F43CA9C-A693-4238-B11E-3DD90028EAB9}&mid=7d3da297d4a347d2a2ecd15aef150dac-ee1b55af0bb211f190d65bc7732d76a695e2d292&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-05-29 13:10:53&v=3.2.0.15&pid=wtu&sg=&sap=hp","hxxp://www.google.com"
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Profile 1 -> Yahoo
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default [2016-10-07]
CHR Extension: (Google Slides) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-23]
CHR Extension: (Google Docs) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-23]
CHR Extension: (Google Drive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-23]
CHR Extension: (YouTube) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-23]
CHR Extension: (Galaxy-View) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-09-23]
CHR Extension: (Adobe Acrobat) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-23]
CHR Extension: (Google Sheets) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-23]
CHR Extension: (Chrome Remote Desktop) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-09-23]
CHR Extension: (Google Docs Offline) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-23]
CHR Extension: (Gmail) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR Profile: C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-24]
CHR Extension: (Google Slides) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-23]
CHR Extension: (Website and SEO Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajkomeiemllejmopbbjjngpmmikfedad [2016-09-23]
CHR Extension: (Google Docs) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-23]
CHR Extension: (Google Drive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-23]
CHR Extension: (MindMeister) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2016-09-23]
CHR Extension: (Google Docs Quick Create) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bldgenmjegcnjebiongilahhcjldgmlm [2016-09-23]
CHR Extension: (YouTube) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-23]
CHR Extension: (Alexa Traffic Rank) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cknebhggccemgcnbidipinkifmmegdel [2016-09-23]
CHR Extension: (TypingWeb Typing Tutor) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clcgempicojkfhpnepfecmklndooebjk [2016-09-23]
CHR Extension: (Site SEO Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgbkldehhidnhpecibnmabmbclnokikd [2016-09-23]
CHR Extension: (Lucidchart Diagrams - Desktop) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djejicklhojeokkfmdelnempiecmdomj [2016-10-13]
CHR Extension: (Chromebleed) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2016-09-23]
CHR Extension: (Adobe Acrobat) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-23]
CHR Extension: (MailChimp) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\einnfnfpkbbebamphappjlmbedgjbnoe [2016-09-23]
CHR Extension: (Google Sheets) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-23]
CHR Extension: (SEO Site Tools, Site Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\femogmcmjpjkokoojcljkpfdifkpbbpp [2016-09-23]
CHR Extension: (Weebly Dashboard Extension) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkhpeihpgdipchpfmddkfcigllaaiaki [2016-09-23]
CHR Extension: (Page Analytics (by Google)) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-09-23]
CHR Extension: (Google Analytics URL Builder) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gaidpiakchgkapdgbnoglpnbccdepnpk [2016-09-23]
CHR Extension: (HTTPS Everywhere) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-10-21]
CHR Extension: (Google Docs Offline) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-25]
CHR Extension: (AdBlock) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-20]
CHR Extension: (In-Page SEO Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdeoafjegchjkmadbbjlbhiooliinkja [2016-09-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-09-23]
CHR Extension: (HTML5 Banner Creator) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hioegghdmpcchhfdcbkldeiobkahllhg [2016-09-23]
CHR Extension: (SEO & Website Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2016-09-23]
CHR Extension: (ONLYOFFICE Personal) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iohfebkcjhlelaoibebeohcgkohkcgpn [2016-09-23]
CHR Extension: (File System for OneDrive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbfdfcehgafdbfpniaimfbfomafoadgo [2016-09-23]
CHR Extension: (Free SEO Deal of the Week) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgnekndlomccgljphjjcmhgmbbbeeklm [2016-09-23]
CHR Extension: (Google Forms) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2016-09-23]
CHR Extension: (Google Analytics Debugger) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jnkmfdileelhofjcijamephohjechhna [2016-09-23]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-09-23]
CHR Extension: (Google Maps) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-23]
CHR Extension: (Google Drawings) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2016-09-23]
CHR Extension: (Easy SEO Tools) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnlboglefdlldiioafkgbbdfihdoicam [2016-09-23]
CHR Extension: (Office Online) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2016-10-12]
CHR Extension: (OneDrive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-09-23]
CHR Extension: (Website Analysis & SEO Tool) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nglkdkpdncleifbbjhhlfpakclhahhkn [2016-09-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-23]
CHR Extension: (PowToon Presentations Edu) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ogodblbnhpbcmcjcoopbalconhnloagl [2016-09-23]
CHR Extension: (ScriptSafe) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2016-10-14]
CHR Extension: (Gmail) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR Profile: C:\Users\fast\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-25]
CHR HKLM-x32\...\Chrome\Extension: [bhfhojbhbnajajgihpicejdalbjlpcep] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-03-17] (Dassault Systèmes) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-10-03] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 MSSQL$UPSWS2012SERVER; C:\PROGRAM FILES (X86)\UPS\WSTD\WSDB\MSSQL11.UPSWS2012SERVER\MSSQL\Binn\sqlservr.exe [163008 2015-05-05] (Microsoft Corporation)
S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-02-27] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2011-08-19] (Intuit Inc.) [File not signed]
S4 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S4 SQLAgent$UPSWS2012SERVER; C:\PROGRAM FILES (X86)\UPS\WSTD\WSDB\MSSQL11.UPSWS2012SERVER\MSSQL\Binn\SQLAGENT.EXE [448704 2015-05-05] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-25] (Malwarebytes)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NMgamingmsFltr; C:\WINDOWS\system32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-27] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84792 2016-10-14] (Sysinternals - www.sysinternals.com)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-08-13] (Oracle Corporation)
S3 vuhub; C:\WINDOWS\System32\drivers\vuhub.sys [47616 2007-12-16] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-24 01:54 - 2016-10-24 01:54 - 00034965 _____ C:\Users\fast\Desktop\FRST.txt
2016-10-24 01:53 - 2016-10-24 01:53 - 02407424 _____ (Farbar) C:\Users\fast\Desktop\FRST64.exe
2016-10-24 00:50 - 2016-10-24 00:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-10-23 08:00 - 2016-10-23 08:00 - 00041370 _____ C:\evlog3-2016-10-23.htm
2016-10-22 08:00 - 2016-10-22 08:00 - 00028312 _____ C:\evlog3-2016-10-22.htm
2016-10-21 08:00 - 2016-10-21 08:00 - 00037232 _____ C:\evlog3-2016-10-21.htm
2016-10-20 08:00 - 2016-10-20 08:00 - 00029521 _____ C:\evlog3-2016-10-20.htm
2016-10-19 08:00 - 2016-10-19 08:00 - 00038972 _____ C:\evlog3-2016-10-19.htm
2016-10-18 08:00 - 2016-10-18 08:00 - 00050786 _____ C:\evlog3-2016-10-18.htm
2016-10-17 16:06 - 2016-10-17 16:06 - 21613453 _____ C:\Users\fast\Desktop\HERC Cookbook Final 082814 (1).pdf
2016-10-17 08:00 - 2016-10-17 08:00 - 00039446 _____ C:\evlog3-2016-10-17.htm
2016-10-16 23:09 - 2016-10-16 23:10 - 01217792 _____ C:\Users\fast\Desktop\Horazonal mill.pdf
2016-10-16 08:00 - 2016-10-16 08:00 - 00035249 _____ C:\evlog3-2016-10-16.htm
2016-10-16 05:03 - 2016-10-16 05:03 - 00000000 ____D C:\Users\fast\Downloads\FW_RT_AC68U_30043803831
2016-10-16 05:02 - 2016-10-16 05:02 - 40280274 _____ C:\Users\fast\Downloads\FW_RT_AC68U_30043803831.zip
2016-10-15 08:00 - 2016-10-15 08:00 - 00101249 _____ C:\evlog3-2016-10-15.htm
2016-10-14 19:49 - 2016-10-14 19:49 - 00000000 ____D C:\Users\fast\Downloads\Ronin_Installer_v2.4_20160721 (2)
2016-10-14 16:18 - 2016-10-14 16:18 - 00038400 _____ C:\Users\fast\Downloads\970.xls
2016-10-14 15:28 - 2016-10-14 15:28 - 00000121 ____C C:\WINDOWS\DUNZLOG.TXT
2016-10-14 08:08 - 2016-10-14 08:08 - 50110688 _____ (Microsoft Corporation) C:\Users\fast\Downloads\Windows-KB890830-x64-V5.41 (1).exe
2016-10-14 08:00 - 2016-10-14 08:06 - 00099393 _____ C:\evlog3-2016-10-14.htm
2016-10-14 05:02 - 2016-10-14 05:02 - 50110688 _____ (Microsoft Corporation) C:\Users\fast\Downloads\Windows-KB890830-x64-V5.41.exe
2016-10-14 03:38 - 2016-10-14 03:38 - 00084792 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2016-10-13 12:52 - 2016-10-13 12:52 - 00058912 _____ C:\evlog3-2016-10-13.htm
2016-10-12 08:01 - 2016-10-12 08:01 - 00128904 _____ C:\evlog3-2016-10-12.htm
2016-10-12 02:20 - 2016-10-12 02:21 - 01065376 _____ (Google Inc.) C:\Users\fast\Downloads\ChromeSetup (2).exe
2016-10-11 20:20 - 2016-10-11 20:20 - 00000000 __SHD C:\Users\fast\wc
2016-10-11 20:20 - 2016-10-11 20:20 - 00000000 __SHD C:\Users\fast\AppData\Roaming\wyUpdate AU
2016-10-11 20:18 - 2016-10-11 20:18 - 62008080 _____ (Microsoft Corporation) C:\Users\fast\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
2016-10-11 20:09 - 2016-10-11 20:09 - 09977856 _____ C:\Users\fast\Downloads\EvLog3 (1).msi
2016-10-11 16:24 - 2016-10-11 16:24 - 00083949 _____ C:\Users\fast\Downloads\Emergency Preparedness Letter Invite.pdf
2016-10-11 16:02 - 2016-10-11 16:03 - 59955885 _____ C:\Users\fast\Downloads\pia-v65-win.exe
2016-10-11 10:42 - 2016-10-05 03:17 - 01322848 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-11 10:42 - 2016-10-05 03:13 - 02750384 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-11 10:42 - 2016-10-05 03:13 - 01859264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-11 10:42 - 2016-10-05 03:13 - 00146784 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-11 10:42 - 2016-10-05 03:12 - 02446696 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-11 10:42 - 2016-10-05 03:09 - 22219328 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-11 10:42 - 2016-10-05 03:09 - 00064352 ____C (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-11 10:42 - 2016-10-05 02:50 - 02256592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-11 10:42 - 2016-10-05 02:44 - 22568960 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-11 10:42 - 2016-10-05 02:41 - 00545944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-11 10:42 - 2016-10-05 02:38 - 00237568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-11 10:42 - 2016-10-05 02:36 - 00113664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 10:42 - 2016-10-05 02:35 - 00196096 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-11 10:42 - 2016-10-05 02:35 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 10:42 - 2016-10-05 02:33 - 00651264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-11 10:42 - 2016-10-05 02:33 - 00268800 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-11 10:42 - 2016-10-05 02:33 - 00157696 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-11 10:42 - 2016-10-05 02:32 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-11 10:42 - 2016-10-05 02:32 - 00146432 ____C (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-11 10:42 - 2016-10-05 02:31 - 00480768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-11 10:42 - 2016-10-05 02:31 - 00425472 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-11 10:42 - 2016-10-05 02:30 - 00396800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-11 10:42 - 2016-10-05 02:29 - 00956416 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-11 10:42 - 2016-10-05 02:29 - 00368640 ____C (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-11 10:42 - 2016-10-05 02:28 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 23680512 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00590848 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00327680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00137216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00088576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 01589248 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00822784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00404992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00299520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00117760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-11 10:42 - 2016-10-05 02:24 - 00483840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 10:42 - 2016-10-05 02:24 - 00099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00431616 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00426496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00284672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-11 10:42 - 2016-10-05 02:22 - 13081088 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-11 10:42 - 2016-10-05 02:21 - 03689984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-11 10:42 - 2016-10-05 02:21 - 01364992 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-11 10:42 - 2016-10-05 02:21 - 00567808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-11 10:42 - 2016-10-05 02:20 - 00661504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-11 10:42 - 2016-10-05 02:20 - 00143872 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 10:42 - 2016-10-05 02:19 - 02390016 ____C (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-11 10:42 - 2016-10-05 02:19 - 02265088 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-11 10:42 - 2016-10-05 02:19 - 01690112 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-11 10:42 - 2016-10-05 02:19 - 00982528 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-11 10:42 - 2016-10-05 02:18 - 00983040 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-11 10:42 - 2016-10-05 02:18 - 00858112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-11 10:42 - 2016-10-05 02:18 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 10:42 - 2016-10-05 02:17 - 08126464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-11 10:42 - 2016-10-05 02:17 - 02914304 ____C (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-11 10:42 - 2016-10-05 02:16 - 19418624 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-11 10:42 - 2016-10-05 02:16 - 04747776 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 10:42 - 2016-10-05 02:16 - 00765440 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-11 10:42 - 2016-10-05 02:15 - 07625728 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-11 10:42 - 2016-10-05 02:15 - 02800128 ____C (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-11 10:42 - 2016-10-05 02:15 - 01509376 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-11 10:42 - 2016-10-05 02:15 - 00141312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-11 10:42 - 2016-10-05 02:14 - 19416576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-11 10:42 - 2016-10-05 02:14 - 02667520 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-11 10:42 - 2016-10-05 02:14 - 02476544 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-11 10:42 - 2016-10-05 02:14 - 01778176 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-11 10:42 - 2016-10-05 02:14 - 01255936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 10:42 - 2016-10-05 02:13 - 00055808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 10:42 - 2016-10-05 02:12 - 01107456 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-11 10:42 - 2016-10-05 02:11 - 12174848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-11 10:42 - 2016-10-05 02:11 - 06108672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-11 10:42 - 2016-10-05 02:11 - 06043136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-11 10:42 - 2016-10-05 02:11 - 00640000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-11 10:42 - 2016-10-05 02:10 - 06474752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-11 10:42 - 2016-10-05 02:09 - 07467520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-11 10:42 - 2016-10-05 02:09 - 00884224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-11 10:42 - 2016-10-05 02:09 - 00710144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-11 10:42 - 2016-10-05 02:09 - 00691712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 10:42 - 2016-10-05 02:08 - 00873472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 03667456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 02682880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 02646016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 00566784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-11 10:42 - 2016-10-05 02:06 - 02254336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-11 10:42 - 2016-10-05 02:06 - 02005504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-11 10:42 - 2016-10-05 02:06 - 01880576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-11 10:42 - 2016-10-05 02:06 - 01594368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-11 10:42 - 2016-10-05 02:06 - 00850944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-11 10:42 - 2016-09-06 22:34 - 00360040 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-11 10:41 - 2016-10-05 03:35 - 00279904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-11 10:41 - 2016-10-05 03:34 - 01051104 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-11 10:41 - 2016-10-05 03:34 - 00894088 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-11 10:41 - 2016-10-05 03:33 - 00128864 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 10:41 - 2016-10-05 03:31 - 02213248 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-11 10:41 - 2016-10-05 03:31 - 01353768 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-11 10:41 - 2016-10-05 03:31 - 01172472 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-11 10:41 - 2016-10-05 03:30 - 07812448 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-11 10:41 - 2016-10-05 03:22 - 01181536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-11 10:41 - 2016-10-05 03:16 - 00187232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-11 10:41 - 2016-10-05 03:12 - 01112928 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-11 10:41 - 2016-10-05 03:12 - 00619368 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-11 10:41 - 2016-10-05 03:09 - 04129928 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-11 10:41 - 2016-10-05 03:09 - 01071728 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-11 10:41 - 2016-10-05 03:09 - 00244816 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-11 10:41 - 2016-10-05 03:08 - 00241504 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-11 10:41 - 2016-10-05 03:04 - 02537824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-11 10:41 - 2016-10-05 03:04 - 00628032 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-11 10:41 - 2016-10-05 03:03 - 01705976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-11 10:41 - 2016-10-05 02:51 - 01430720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 10:41 - 2016-10-05 02:50 - 00116576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 10:41 - 2016-10-05 02:49 - 01980768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-11 10:41 - 2016-10-05 02:48 - 01022304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-11 10:41 - 2016-10-05 02:46 - 03892352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-11 10:41 - 2016-10-05 02:46 - 01360456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-11 10:41 - 2016-10-05 02:46 - 00980824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-11 10:41 - 2016-10-05 02:45 - 20965240 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-11 10:41 - 2016-10-05 02:38 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-11 10:41 - 2016-10-05 02:36 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-11 10:41 - 2016-10-05 02:35 - 00352768 ____C (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-11 10:41 - 2016-10-05 02:35 - 00327680 ____C C:\WINDOWS\system32\wc_storage.dll
2016-10-11 10:41 - 2016-10-05 02:35 - 00122880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-11 10:41 - 2016-10-05 02:34 - 00463360 ____C (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-11 10:41 - 2016-10-05 02:34 - 00144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 10:41 - 2016-10-05 02:33 - 00296960 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-11 10:41 - 2016-10-05 02:32 - 00379904 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-11 10:41 - 2016-10-05 02:32 - 00223744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00837632 ____C (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00748544 ____C (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00561664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00176128 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 10:41 - 2016-10-05 02:29 - 09129984 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-11 10:41 - 2016-10-05 02:29 - 06285312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-11 10:41 - 2016-10-05 02:29 - 01145856 ____C (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 03059200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 00775168 ____C (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-11 10:41 - 2016-10-05 02:28 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 00406016 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 00123904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 10:41 - 2016-10-05 02:27 - 00945664 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-11 10:41 - 2016-10-05 02:27 - 00094208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 10:41 - 2016-10-05 02:27 - 00087040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 10:41 - 2016-10-05 02:26 - 00182784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-11 10:41 - 2016-10-05 02:24 - 13434368 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-11 10:41 - 2016-10-05 02:23 - 01908224 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-11 10:41 - 2016-10-05 02:22 - 07654912 ____C (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-11 10:41 - 2016-10-05 02:22 - 04749312 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-11 10:41 - 2016-10-05 02:22 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 10:41 - 2016-10-05 02:21 - 08075264 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-11 10:41 - 2016-10-05 02:21 - 00310272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-11 10:41 - 2016-10-05 02:21 - 00167936 ____C (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-11 10:41 - 2016-10-05 02:20 - 00936960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-11 10:41 - 2016-10-05 02:20 - 00804864 ____C (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-11 10:41 - 2016-10-05 02:19 - 00779776 ____C (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-11 10:41 - 2016-10-05 02:18 - 04612608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-11 10:41 - 2016-10-05 02:18 - 01656832 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 10:41 - 2016-10-05 02:18 - 00911872 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-11 10:41 - 2016-10-05 02:17 - 04136960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-11 10:41 - 2016-10-05 02:17 - 01493504 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-11 10:41 - 2016-10-05 02:17 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 10:41 - 2016-10-05 02:16 - 06664192 ____C (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-11 10:41 - 2016-10-05 02:16 - 00771072 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-11 10:41 - 2016-10-05 02:16 - 00508416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 03617792 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-11 10:41 - 2016-10-05 02:15 - 01980416 ____C (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 01840640 ____C (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 00833024 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 00774656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 00716800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 02688512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 01456640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 01013760 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 00909312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 00701952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 12345856 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 01328128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-11 10:41 - 2016-10-05 02:12 - 00998912 ____C (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-11 10:41 - 2016-10-05 02:12 - 00924672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 10:41 - 2016-10-05 02:11 - 03496960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 10:41 - 2016-10-05 02:09 - 03369984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-11 10:41 - 2016-10-05 02:09 - 00674304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-11 10:41 - 2016-10-05 02:08 - 02356736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 10:41 - 2016-10-05 02:08 - 00598528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-11 10:41 - 2016-10-05 02:07 - 00589312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-11 10:41 - 2016-10-05 02:07 - 00542208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-11 10:41 - 2016-10-05 02:06 - 02999296 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-11 10:41 - 2016-10-05 02:06 - 01013248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-11 10:41 - 2016-10-05 02:06 - 00711680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-11 10:41 - 2016-10-05 02:05 - 03105792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-11 10:41 - 2016-10-05 02:05 - 00751104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 10:41 - 2016-10-04 17:01 - 00446124 ____C C:\WINDOWS\system32\ApnDatabase.xml
2016-10-10 13:54 - 2016-10-10 13:54 - 00000114 _____ C:\Users\fast\Desktop\photo.php.url
2016-10-10 02:34 - 2016-10-10 02:36 - 55709528 _____ C:\Users\fast\Desktop\Blue Bag find 10.08.16.webm
2016-10-10 01:16 - 2016-10-10 01:21 - 113487264 _____ C:\Users\fast\Desktop\Blue Bag drop (zoom) 10.06.16.webm
2016-10-10 01:10 - 2016-10-10 01:13 - 69983839 _____ C:\Users\fast\Desktop\Blue Bag drop 10.06.16.webm
2016-10-10 01:03 - 2016-10-10 01:03 - 00001192 _____ C:\Users\Public\Desktop\Icecream Screen Recorder.lnk
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Users\fast\AppData\Local\Icecream
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Users\fast\.Icecream Screen Recorder
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Program Files (x86)\Xiph.Org
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2016-10-10 01:02 - 2016-10-10 01:03 - 51423528 _____ (Icecream Apps ) C:\Users\fast\Downloads\screen_recorder_setup.exe
2016-10-10 01:02 - 2016-10-10 01:02 - 00013824 ___SH C:\Users\fast\Downloads\Thumbs.db
2016-10-09 12:22 - 2016-10-09 12:22 - 00019016 _____ C:\Users\fast\Desktop\ANONYMOUS-FAST.speccy
2016-10-08 19:03 - 2016-10-08 19:03 - 00372594 _____ C:\Users\fast\Downloads\syslog (7).txt
2016-10-08 19:02 - 2016-10-08 19:02 - 00372594 _____ C:\Users\fast\Downloads\syslog (6).txt
2016-10-08 18:40 - 2016-10-08 18:40 - 00003266 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2016-10-08 18:40 - 2016-10-08 18:40 - 00000000 ____D C:\Users\fast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2016-10-08 18:36 - 2016-10-08 18:36 - 00353250 _____ C:\Users\fast\Downloads\syslog (5).txt
2016-10-08 18:25 - 2016-10-08 18:25 - 00345575 _____ C:\Users\fast\Downloads\syslog (4).txt
2016-10-08 18:25 - 2016-10-08 18:25 - 00345374 _____ C:\Users\fast\Downloads\syslog (3).txt
2016-10-08 18:20 - 2016-10-08 18:20 - 00342566 _____ C:\Users\fast\Downloads\syslog (2).txt
2016-10-08 18:20 - 2016-10-08 18:20 - 00342566 _____ C:\Users\fast\Downloads\syslog (1).txt
2016-10-06 04:36 - 2016-10-06 04:36 - 00089432 _____ C:\Users\fast\Downloads\BKD-73615195948.pdf
2016-10-06 04:33 - 2016-10-06 04:34 - 00000000 ____D C:\Users\fast\Desktop\customer photos
2016-10-06 03:28 - 2016-10-06 03:29 - 00000000 ____D C:\Program Files\Speccy
2016-10-06 03:28 - 2016-10-06 03:28 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-10-06 03:28 - 2016-10-06 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-10-06 03:25 - 2016-10-06 03:26 - 16499104 _____ (Piriform Ltd) C:\Users\fast\Downloads\CCleanerBundle-1016-Setup.exe
2016-10-06 03:04 - 2016-10-06 03:05 - 08243736 _____ (Piriform Ltd) C:\Users\fast\Downloads\ccsetup522pro.exe
2016-10-06 02:59 - 2016-10-06 03:32 - 00000000 ____D C:\Program Files\Defraggler
2016-10-06 02:59 - 2016-10-06 03:27 - 00001765 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-10-06 02:59 - 2016-10-06 02:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-10-06 02:58 - 2016-10-06 02:59 - 03326496 _____ (Piriform Ltd) C:\Users\fast\Downloads\dfsetup221_pro.exe
2016-10-04 09:10 - 2016-10-04 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJI Product
2016-10-04 09:10 - 2016-10-04 09:10 - 00000000 ____D C:\Program Files (x86)\DJI Product
2016-10-04 09:08 - 2016-10-14 19:51 - 00001378 _____ C:\Users\Public\Desktop\DJI GimbalAssistant.lnk
2016-10-03 13:40 - 2016-10-03 13:40 - 00356056 _____ (Spotify Ltd) C:\Users\fast\Downloads\SpotifySetup.exe
2016-10-03 12:09 - 2016-10-03 12:09 - 00000000 ____D C:\Users\fast\Documents\Intuit
2016-10-03 12:09 - 2016-10-03 12:09 - 00000000 ____D C:\Users\fast\AppData\Roaming\Nuance
2016-10-03 11:06 - 2016-10-03 11:06 - 00001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-10-03 11:06 - 2016-10-03 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-10-03 11:06 - 2016-10-03 11:06 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-03 11:03 - 2016-10-03 11:05 - 11579432 _____ (SurfRight B.V.) C:\Users\fast\Downloads\hitmanpro_x64.exe
2016-10-01 20:06 - 2016-09-15 10:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-10-01 20:06 - 2016-09-15 10:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-01 20:06 - 2016-09-15 10:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-10-01 20:06 - 2016-09-15 10:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-10-01 20:06 - 2016-09-15 10:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-10-01 20:06 - 2016-09-15 10:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-01 20:06 - 2016-09-15 10:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-10-01 20:06 - 2016-09-15 10:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-10-01 20:06 - 2016-09-15 10:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-10-01 20:06 - 2016-09-15 10:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-10-01 20:06 - 2016-09-15 10:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-10-01 20:06 - 2016-09-15 10:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-01 20:06 - 2016-09-15 10:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-10-01 20:06 - 2016-09-15 10:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-10-01 20:06 - 2016-09-15 10:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-01 20:06 - 2016-09-15 10:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-01 20:06 - 2016-09-15 10:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-10-01 20:06 - 2016-09-15 10:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-10-01 20:06 - 2016-09-15 10:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-10-01 20:06 - 2016-09-15 10:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-10-01 20:06 - 2016-09-15 10:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-01 20:06 - 2016-09-15 10:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-10-01 20:06 - 2016-09-15 09:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-10-01 20:06 - 2016-09-15 09:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-10-01 20:06 - 2016-09-15 09:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-01 20:06 - 2016-09-15 09:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-01 20:06 - 2016-09-15 09:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-10-01 20:06 - 2016-09-15 09:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-10-01 20:06 - 2016-09-15 09:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-01 20:06 - 2016-09-15 09:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-10-01 20:06 - 2016-09-15 09:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-10-01 20:06 - 2016-09-15 09:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-10-01 20:06 - 2016-09-15 09:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-01 20:06 - 2016-09-15 09:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-10-01 20:06 - 2016-09-15 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-01 20:06 - 2016-09-15 09:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-10-01 20:06 - 2016-09-15 09:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-10-01 20:06 - 2016-09-15 09:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-10-01 20:06 - 2016-09-15 09:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-10-01 20:06 - 2016-09-15 09:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-10-01 20:06 - 2016-09-15 09:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-10-01 20:06 - 2016-09-15 09:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-10-01 20:06 - 2016-09-15 09:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-10-01 20:06 - 2016-09-15 09:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-01 20:06 - 2016-09-15 09:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-10-01 20:06 - 2016-09-15 09:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-01 20:06 - 2016-09-15 09:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-10-01 20:06 - 2016-09-15 09:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-10-01 20:06 - 2016-09-15 09:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-10-01 20:06 - 2016-09-15 09:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-10-01 20:06 - 2016-09-15 09:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-10-01 20:06 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-10-01 20:06 - 2016-09-15 09:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-10-01 20:06 - 2016-09-15 09:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-10-01 20:06 - 2016-09-15 09:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-10-01 20:06 - 2016-09-15 09:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-10-01 20:06 - 2016-09-15 09:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-10-01 20:06 - 2016-09-15 09:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-10-01 20:06 - 2016-09-15 09:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-10-01 20:06 - 2016-09-15 09:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-10-01 20:06 - 2016-09-15 09:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-10-01 20:06 - 2016-09-15 09:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-10-01 20:06 - 2016-09-15 09:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-10-01 20:06 - 2016-09-15 09:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-10-01 20:06 - 2016-09-15 09:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-10-01 20:06 - 2016-09-15 09:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-10-01 20:06 - 2016-09-15 09:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-10-01 20:06 - 2016-09-15 09:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-10-01 20:06 - 2016-09-15 09:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-10-01 20:06 - 2016-09-15 09:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-10-01 20:06 - 2016-09-15 09:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-10-01 20:06 - 2016-09-15 09:16 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2016-10-01 20:06 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-10-01 20:05 - 2016-09-15 11:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-01 20:05 - 2016-09-15 10:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-10-01 20:05 - 2016-09-15 10:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-01 20:05 - 2016-09-15 10:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-10-01 20:05 - 2016-09-15 10:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-01 20:05 - 2016-09-15 10:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-01 20:05 - 2016-09-15 10:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-10-01 20:05 - 2016-09-15 10:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-01 20:05 - 2016-09-15 10:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-01 20:05 - 2016-09-15 10:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-01 20:05 - 2016-09-15 10:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-01 20:05 - 2016-09-15 10:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-10-01 20:05 - 2016-09-15 10:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-01 20:05 - 2016-09-15 10:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-01 20:05 - 2016-09-15 10:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-01 20:05 - 2016-09-15 10:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-01 20:05 - 2016-09-15 10:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-01 20:05 - 2016-09-15 10:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-01 20:05 - 2016-09-15 10:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-10-01 20:05 - 2016-09-15 10:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-10-01 20:05 - 2016-09-15 09:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-10-01 20:05 - 2016-09-15 09:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-10-01 20:05 - 2016-09-15 09:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-01 20:05 - 2016-09-15 09:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-10-01 20:05 - 2016-09-15 09:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-10-01 20:05 - 2016-09-15 09:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-10-01 20:05 - 2016-09-15 09:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-10-01 20:05 - 2016-09-15 09:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-10-01 20:05 - 2016-09-15 09:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-10-01 20:05 - 2016-09-15 09:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-10-01 20:05 - 2016-09-15 09:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-10-01 20:05 - 2016-09-15 09:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-10-01 20:05 - 2016-09-15 09:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-01 20:05 - 2016-09-15 09:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-10-01 20:05 - 2016-09-15 09:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-10-01 20:05 - 2016-09-15 09:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-10-01 20:05 - 2016-09-15 09:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-10-01 20:05 - 2016-09-15 09:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-10-01 20:05 - 2016-09-15 09:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-01 20:05 - 2016-09-15 09:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-10-01 20:05 - 2016-09-15 09:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-01 20:05 - 2016-09-15 09:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-01 20:05 - 2016-09-15 09:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-10-01 20:05 - 2016-09-15 09:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-01 20:05 - 2016-09-15 09:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-10-01 20:05 - 2016-09-15 09:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-10-01 20:05 - 2016-09-15 09:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-10-01 20:05 - 2016-09-15 09:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-01 20:05 - 2016-09-15 09:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-01 20:05 - 2016-09-15 09:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-10-01 20:05 - 2016-09-15 09:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-10-01 20:05 - 2016-09-15 09:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-10-01 20:05 - 2016-09-15 09:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-01 20:05 - 2016-09-15 09:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-01 20:05 - 2016-09-15 09:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-10-01 20:05 - 2016-09-15 09:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-10-01 20:05 - 2016-09-15 09:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-10-01 20:05 - 2016-09-15 09:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-10-01 20:05 - 2016-09-15 09:28 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-10-01 20:05 - 2016-09-15 09:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-10-01 20:05 - 2016-09-15 09:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-10-01 20:05 - 2016-09-15 09:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-10-01 20:05 - 2016-09-15 09:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-10-01 20:05 - 2016-09-15 09:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-10-01 20:05 - 2016-09-15 09:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-10-01 20:05 - 2016-09-15 09:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-10-01 20:05 - 2016-09-15 09:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-10-01 20:05 - 2016-09-15 09:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-10-01 20:05 - 2016-09-15 09:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-01 20:05 - 2016-09-15 09:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-10-01 20:05 - 2016-09-15 09:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-10-01 20:05 - 2016-09-15 09:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-01 20:05 - 2016-09-15 09:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-01 20:05 - 2016-09-15 09:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-01 20:05 - 2016-09-15 09:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-10-01 20:05 - 2016-09-15 09:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-10-01 20:04 - 2016-09-15 10:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-01 20:04 - 2016-09-15 10:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-10-01 20:04 - 2016-09-15 10:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-01 20:04 - 2016-09-15 10:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-10-01 20:04 - 2016-09-15 10:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-10-01 20:04 - 2016-09-15 10:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-10-01 20:04 - 2016-09-15 10:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-01 20:04 - 2016-09-15 10:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-10-01 20:04 - 2016-09-15 10:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-10-01 20:04 - 2016-09-15 10:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-10-01 20:04 - 2016-09-15 10:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-10-01 20:04 - 2016-09-15 10:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-10-01 20:04 - 2016-09-15 10:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-10-01 20:04 - 2016-09-15 10:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-01 20:04 - 2016-09-15 10:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-10-01 20:04 - 2016-09-15 10:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-10-01 20:04 - 2016-09-15 10:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-01 20:04 - 2016-09-15 10:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-01 20:04 - 2016-09-15 10:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-10-01 20:04 - 2016-09-15 10:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-10-01 20:04 - 2016-09-15 10:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-01 20:04 - 2016-09-15 10:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-10-01 20:04 - 2016-09-15 10:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-10-01 20:04 - 2016-09-15 10:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-01 20:04 - 2016-09-15 10:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-01 20:04 - 2016-09-15 09:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-01 20:04 - 2016-09-15 09:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-10-01 20:04 - 2016-09-15 09:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-10-01 20:04 - 2016-09-15 09:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-10-01 20:04 - 2016-09-15 09:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-10-01 20:04 - 2016-09-15 09:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-10-01 20:04 - 2016-09-15 09:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-01 20:04 - 2016-09-15 09:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-10-01 20:04 - 2016-09-15 09:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-10-01 20:04 - 2016-09-15 09:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-10-01 20:04 - 2016-09-15 09:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-10-01 20:04 - 2016-09-15 09:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-10-01 20:04 - 2016-09-15 09:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-01 20:04 - 2016-09-15 09:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-10-01 20:04 - 2016-09-15 09:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-10-01 20:04 - 2016-09-15 09:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-01 20:04 - 2016-09-15 09:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-10-01 20:04 - 2016-09-15 09:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-10-01 20:04 - 2016-09-15 09:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-10-01 20:04 - 2016-09-15 09:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-10-01 20:04 - 2016-09-15 09:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-10-01 20:04 - 2016-09-15 09:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-01 20:04 - 2016-09-15 09:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-10-01 20:04 - 2016-09-15 09:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-10-01 20:04 - 2016-09-15 09:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-10-01 20:04 - 2016-09-15 09:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-10-01 20:04 - 2016-09-15 09:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-10-01 20:04 - 2016-09-15 09:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-01 20:04 - 2016-09-15 09:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-10-01 20:04 - 2016-09-15 09:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-10-01 20:04 - 2016-09-15 09:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-10-01 20:04 - 2016-09-15 09:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-10-01 20:04 - 2016-09-15 09:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-10-01 20:04 - 2016-09-15 09:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-10-01 20:04 - 2016-09-15 09:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-10-01 20:04 - 2016-09-15 09:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-01 20:04 - 2016-09-15 09:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-01 20:04 - 2016-09-15 09:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-01 20:04 - 2016-09-15 09:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-10-01 20:04 - 2016-09-15 09:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-01 20:04 - 2016-09-15 09:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-10-01 20:04 - 2016-09-15 09:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-01 20:04 - 2016-09-15 09:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-10-01 20:04 - 2016-09-15 09:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-01 20:04 - 2016-09-15 09:28 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-10-01 20:04 - 2016-09-15 09:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-10-01 20:04 - 2016-09-15 09:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-01 20:04 - 2016-09-15 09:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-10-01 20:04 - 2016-09-15 09:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-01 20:04 - 2016-09-15 09:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-10-01 20:04 - 2016-09-15 09:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-01 20:04 - 2016-09-15 09:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-10-01 20:04 - 2016-09-15 09:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-01 20:04 - 2016-09-15 09:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-10-01 20:04 - 2016-09-15 09:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-10-01 20:04 - 2016-09-15 09:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-10-01 20:04 - 2016-09-15 09:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-10-01 20:04 - 2016-09-15 09:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-10-01 20:04 - 2016-09-15 09:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-10-01 20:03 - 2016-09-15 10:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-01 20:03 - 2016-09-15 10:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-10-01 20:03 - 2016-09-15 10:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-10-01 20:03 - 2016-09-15 10:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-01 20:03 - 2016-09-15 10:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-10-01 20:03 - 2016-09-15 10:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-10-01 20:03 - 2016-09-15 10:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-10-01 20:03 - 2016-09-15 10:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-01 20:03 - 2016-09-15 10:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-10-01 20:03 - 2016-09-15 10:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-01 20:03 - 2016-09-15 10:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-10-01 20:03 - 2016-09-15 10:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-10-01 20:03 - 2016-09-15 10:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-10-01 20:03 - 2016-09-15 10:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-10-01 20:03 - 2016-09-15 10:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-01 20:03 - 2016-09-15 10:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-01 20:03 - 2016-09-15 10:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-10-01 20:03 - 2016-09-15 10:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-10-01 20:03 - 2016-09-15 10:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-10-01 20:03 - 2016-09-15 09:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-10-01 20:03 - 2016-09-15 09:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-10-01 20:03 - 2016-09-15 09:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-10-01 20:03 - 2016-09-15 09:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-10-01 20:03 - 2016-09-15 09:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-10-01 20:03 - 2016-09-15 09:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-10-01 20:03 - 2016-09-15 09:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-10-01 20:03 - 2016-09-15 09:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-10-01 20:03 - 2016-09-15 09:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-10-01 20:03 - 2016-09-15 09:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-10-01 20:03 - 2016-09-15 09:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-10-01 20:03 - 2016-09-15 09:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-10-01 20:03 - 2016-09-15 09:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-01 20:03 - 2016-09-15 09:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-01 20:03 - 2016-09-15 09:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-10-01 20:03 - 2016-09-15 09:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-10-01 20:03 - 2016-09-15 09:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-01 20:03 - 2016-09-15 09:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-10-01 20:03 - 2016-09-15 09:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-10-01 20:03 - 2016-09-15 09:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-10-01 20:03 - 2016-09-15 09:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-10-01 20:03 - 2016-09-15 09:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-10-01 20:03 - 2016-09-15 09:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-10-01 20:03 - 2016-09-15 09:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-10-01 20:03 - 2016-09-15 09:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-10-01 20:03 - 2016-09-15 09:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-10-01 20:03 - 2016-09-15 09:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-10-01 20:03 - 2016-09-15 09:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-10-01 20:03 - 2016-09-15 09:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-01 20:03 - 2016-09-15 09:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-10-01 20:03 - 2016-09-15 09:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-10-01 20:03 - 2016-09-15 09:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-01 20:03 - 2016-09-15 09:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-01 20:03 - 2016-09-15 09:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-10-01 20:03 - 2016-09-15 09:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-01 20:03 - 2016-09-15 09:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-10-01 20:03 - 2016-09-15 09:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-01 20:03 - 2016-09-15 09:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-10-01 20:03 - 2016-09-15 09:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-10-01 20:03 - 2016-09-15 09:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-10-01 20:03 - 2016-09-15 09:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-10-01 20:03 - 2016-09-15 09:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-10-01 20:03 - 2016-08-05 20:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-10-01 20:03 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-10-01 20:02 - 2016-09-15 10:29 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-10-01 20:02 - 2016-09-15 10:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-10-01 20:02 - 2016-09-15 10:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-10-01 20:02 - 2016-09-15 10:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-10-01 20:02 - 2016-09-15 10:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-01 20:02 - 2016-09-15 10:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-10-01 20:02 - 2016-09-15 10:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-01 20:02 - 2016-09-15 10:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-01 20:02 - 2016-09-15 10:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-10-01 20:02 - 2016-09-15 10:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-10-01 20:02 - 2016-09-15 10:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-01 20:02 - 2016-09-15 10:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-10-01 20:02 - 2016-09-15 10:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-01 20:02 - 2016-09-15 10:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-10-01 20:02 - 2016-09-15 10:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-10-01 20:02 - 2016-09-15 10:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-10-01 20:02 - 2016-09-15 09:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-10-01 20:02 - 2016-09-15 09:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-10-01 20:02 - 2016-09-15 09:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-10-01 20:02 - 2016-09-15 09:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-01 20:02 - 2016-09-15 09:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-10-01 20:02 - 2016-09-15 09:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-10-01 20:02 - 2016-09-15 09:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-10-01 20:02 - 2016-09-15 09:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-10-01 20:02 - 2016-09-15 09:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-10-01 20:02 - 2016-09-15 09:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-10-01 20:02 - 2016-09-15 09:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-10-01 20:02 - 2016-09-15 09:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-10-01 20:02 - 2016-09-15 09:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-10-01 20:02 - 2016-09-15 09:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-10-01 20:02 - 2016-09-15 09:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-10-01 20:02 - 2016-09-15 09:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-10-01 20:02 - 2016-09-15 09:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-10-01 20:02 - 2016-09-15 09:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-10-01 20:02 - 2016-09-15 09:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-10-01 20:02 - 2016-09-15 09:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-10-01 20:02 - 2016-09-15 09:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-10-01 20:02 - 2016-09-15 09:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-10-01 20:02 - 2016-09-15 09:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-01 20:02 - 2016-09-15 09:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-10-01 20:02 - 2016-09-15 09:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-01 20:02 - 2016-09-15 09:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-01 20:02 - 2016-09-15 09:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-10-01 20:02 - 2016-09-15 09:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-01 20:02 - 2016-09-15 09:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-10-01 20:02 - 2016-09-15 09:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-10-01 20:02 - 2016-09-15 09:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-10-01 20:02 - 2016-09-15 09:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-01 20:02 - 2016-09-15 09:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-10-01 20:02 - 2016-09-15 09:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-10-01 20:02 - 2016-09-15 09:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-10-01 20:02 - 2016-09-15 09:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-01 20:02 - 2016-09-15 09:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-10-01 20:02 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-10-01 20:02 - 2016-09-15 09:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-10-01 20:02 - 2016-09-15 09:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-10-01 20:02 - 2016-09-15 09:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-10-01 20:02 - 2016-09-15 09:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-01 20:02 - 2016-09-15 09:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-10-01 20:02 - 2016-09-15 09:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-01 20:02 - 2016-09-15 09:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-10-01 20:02 - 2016-09-15 09:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-10-01 20:02 - 2016-09-15 09:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-01 20:02 - 2016-09-15 09:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-10-01 20:02 - 2016-09-15 09:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-10-01 20:02 - 2016-09-15 09:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-10-01 20:02 - 2016-09-15 09:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-10-01 20:02 - 2016-09-15 09:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-10-01 20:02 - 2016-09-15 09:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-10-01 20:02 - 2016-09-15 09:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-10-01 20:02 - 2016-09-15 09:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-10-01 20:02 - 2016-09-15 09:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-10-01 20:02 - 2016-09-15 09:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-10-01 20:02 - 2016-09-15 09:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-10-01 20:02 - 2016-09-15 09:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-01 20:02 - 2016-09-15 09:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-10-01 20:02 - 2016-08-05 20:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-10-01 19:53 - 2016-10-01 19:53 - 00001346 ____R C:\Users\fast\Desktop\BitLocker Recovery Key 8CC80D31-95D7-4444-B954-6C52A8299452.TXT
2016-10-01 19:15 - 2016-10-01 19:15 - 00000000 ___HD C:\$SysReset
2016-10-01 03:55 - 2016-10-01 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-01 03:55 - 2016-10-01 20:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-30 22:03 - 2016-10-01 20:44 - 00000000 ____D C:\Users\fast\Desktop\Clausing
2016-09-30 14:09 - 2016-09-30 14:09 - 01474527 _____ C:\Users\fast\Downloads\he7210 (1).pdf
2016-09-30 14:08 - 2016-09-30 16:47 - 02188607 _____ C:\Users\fast\Downloads\he7210.pdf
2016-09-28 23:04 - 2016-10-01 20:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-27 17:48 - 2016-09-27 17:48 - 00000000 _____ C:\WINDOWS\SysWOW64\SBRC.dat
2016-09-26 05:59 - 2016-10-23 23:10 - 00000000 ____D C:\Program Files (x86)\EvLog 3.0
2016-09-26 05:58 - 2016-09-26 05:59 - 09977856 _____ C:\Users\fast\Downloads\EvLog3.msi
2016-09-26 04:39 - 2016-09-26 04:39 - 00089766 _____ C:\Users\fast\Downloads\viscosities.pdf
2016-09-25 23:40 - 2016-09-25 23:40 - 00148560 _____ C:\Users\fast\Downloads\May 31, 2016.pdf
2016-09-25 22:26 - 2016-09-25 22:38 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2016-09-25 21:45 - 2016-09-25 21:48 - 59955885 _____ C:\Users\fast\Downloads\installer_win.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-24 01:54 - 2015-06-26 04:09 - 00000000 ____D C:\FRST
2016-10-24 00:48 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-24 00:48 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-24 00:48 - 2016-04-27 23:01 - 00000000 ____D C:\Users\fast\AppData\Local\Packages
2016-10-23 23:55 - 2016-09-21 17:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-23 23:24 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-23 23:09 - 2016-05-27 04:14 - 00000000 ____D C:\Program Files\CCleaner
2016-10-23 02:00 - 2016-04-28 08:43 - 00000000 ____D C:\Users\fast\AppData\Local\Adobe
2016-10-22 23:18 - 2016-04-27 23:05 - 01348360 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-22 13:07 - 2016-05-02 15:45 - 01593856 ___SH C:\Users\fast\Desktop\Thumbs.db
2016-10-22 02:27 - 2016-04-28 00:13 - 00000000 ____D C:\Users\fast\AppData\Roaming\Video Client
2016-10-21 12:39 - 2016-09-23 04:30 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-21 12:39 - 2016-09-23 04:30 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-18 02:37 - 2016-09-23 07:19 - 00002434 _____ C:\Users\fast\Desktop\Kris - Chrome.lnk
2016-10-17 14:29 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-16 14:54 - 2016-05-27 04:14 - 00000000 ____D C:\Program Files\Recuva
2016-10-16 00:29 - 2016-04-28 18:37 - 00000000 ____D C:\Users\fast\AppData\Local\ElevatedDiagnostics
2016-10-16 00:24 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-14 15:46 - 2016-09-21 17:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-10-14 15:46 - 2015-06-12 00:16 - 00000000 __SHD C:\Users\fast\IntelGraphicsProfiles
2016-10-14 15:29 - 2016-09-21 18:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-14 07:37 - 2016-09-21 17:57 - 00000000 ____D C:\Users\fast
2016-10-14 05:02 - 2016-04-27 23:06 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 18:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-11 16:03 - 2016-05-31 05:10 - 00000000 ____D C:\Program Files\pia_manager
2016-10-11 15:50 - 2016-09-21 18:02 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-11 15:50 - 2016-07-18 11:58 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-10-11 15:50 - 2016-07-18 11:58 - 00001531 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-10-11 15:50 - 2016-04-28 08:43 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-10-11 15:50 - 2016-04-28 08:43 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-10-11 15:37 - 2015-09-10 09:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-11 15:33 - 2016-09-21 17:56 - 04975256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-11 15:32 - 2016-07-15 23:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-10-11 11:07 - 2016-04-27 23:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-11 10:34 - 2016-07-16 04:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 10:34 - 2016-07-16 04:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-08 03:37 - 2016-06-30 13:30 - 08519680 _____ C:\Users\fast\Documents\Database1.accdb
2016-10-08 03:19 - 2015-09-08 00:48 - 00136192 ___SH C:\Users\fast\Documents\Thumbs.db
2016-10-07 11:10 - 2016-05-23 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2016-10-07 11:10 - 2016-05-23 15:11 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-10-07 11:10 - 2016-04-30 15:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-07 10:58 - 2016-09-21 18:56 - 00000000 ____D C:\WINDOWS\Panther
2016-10-06 03:28 - 2016-05-27 04:14 - 00001699 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-10-06 03:26 - 2016-05-27 04:14 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-06 02:47 - 2016-06-13 14:40 - 00000000 ____D C:\Program Files (x86)\HP
2016-10-04 12:56 - 2016-04-30 08:04 - 00000000 ____D C:\Users\fast\Desktop\628. Speedy Trial Act of 1974 _ USAM _ Department of Justice_files
2016-10-03 15:12 - 2015-06-13 16:01 - 00000000 ____D C:\Users\fast\AppData\LocalLow\LastPass
2016-10-03 13:09 - 2016-07-16 04:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 13:09 - 2016-07-16 04:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-03 12:09 - 2016-05-03 19:24 - 00000000 ____D C:\ProgramData\Nuance
2016-10-03 02:59 - 2016-06-24 00:39 - 00000000 ____D C:\Users\fast\Desktop\AUTEL Vid
2016-10-02 23:09 - 2016-07-16 07:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-02 23:09 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-02 23:09 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-02 23:09 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-01 20:29 - 2016-07-18 05:30 - 00000000 ____D C:\Users\fast\AppData\Roaming\vlc
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\DDFs
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-10-01 20:29 - 2016-04-28 00:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-01 20:28 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\registration
2016-10-01 20:28 - 2016-05-06 17:41 - 00000000 ____D C:\Users\fast\AppData\Roaming\Skype
2016-10-01 20:28 - 2016-05-06 17:41 - 00000000 ____D C:\ProgramData\Skype
2016-10-01 19:53 - 2016-06-03 14:05 - 00000000 ____D C:\Users\fast\Desktop\jenny
2016-10-01 14:10 - 2016-09-09 22:53 - 00000000 ____D C:\Users\fast\Desktop\liz
2016-09-27 23:12 - 2016-03-31 20:03 - 00000000 ____D C:\Users\fast\Desktop\New folder
2016-09-27 22:39 - 2015-06-29 06:50 - 00000000 ____D C:\VIPRERESCUE
2016-09-27 21:43 - 2016-07-16 04:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-27 10:07 - 2016-07-30 12:50 - 00000000 ____D C:\Users\fast\Desktop\Newberg OFD
2016-09-26 13:35 - 2016-09-23 04:34 - 00000000 ____D C:\Users\fast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2016-09-26 10:42 - 2016-06-01 11:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-26 05:50 - 2016-07-19 23:09 - 00000000 ____D C:\Program Files\Sublime Text 3
2016-09-26 05:43 - 2016-07-16 04:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-09-26 05:43 - 2016-07-16 04:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-09-26 05:43 - 2016-07-16 04:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-09-26 05:43 - 2016-07-16 04:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-09-26 05:43 - 2016-07-16 04:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
 
==================== Files in the root of some directories =======
 
2016-06-01 11:27 - 2016-06-01 11:27 - 21737496 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-06-13 02:53 - 2016-06-15 01:24 - 0000132 _____ () C:\Users\fast\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-04-28 03:44 - 2016-09-23 09:15 - 0007636 _____ () C:\Users\fast\AppData\Local\resmon.resmoncfg
2016-06-13 14:40 - 2016-06-13 14:40 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Files to move or delete:
====================
C:\Users\fast\lastpass_x64 (1).exe
C:\Users\fast\lastpass_x64.exe
 
 
Some files in TEMP:
====================
C:\Users\fast\AppData\Local\Temp\Procmon64.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-23 20:25
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by fast (24-10-2016 01:55:13)
Running from C:\Users\fast\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-22 01:03:13)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3271275025-2158743644-2568987073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3271275025-2158743644-2568987073-503 - Limited - Disabled)
fast (S-1-5-21-3271275025-2158743644-2568987073-1000 - Administrator - Enabled) => C:\Users\fast
Guest (S-1-5-21-3271275025-2158743644-2568987073-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3271275025-2158743644-2568987073-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AlignmentUtility (x32 Version: 19.00.0000 - UPS) Hidden
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
CCC (x32 Version: 19.00.0000 - United Parcel Service, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DJI GimbalAssistant version 2.4 (HKLM-x32\...\{03687077-4227-48FC-BCF6-35CBB636D5FB}_is1) (Version: 2.4 - DJI)
DraftSight 2016 SP1 x64 (HKLM\...\{2FB54525-FF66-4482-84B9-7B8AB671686D}) (Version: 16.1.4089 - Dassault Systemes)
DvrClient (HKLM-x32\...\{3B25FE53-D528-42E7-83D8-226C8D81A276}) (Version: 1.2.43 - DVR Soft)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
FormsComponent (x32 Version: 19.00.0000 - UPS) Hidden
FOSS (x32 Version: 19.00.0000 - UPS) Hidden
GDR 5343 for SQL Server 2012 (KB3045321) (HKLM-x32\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.280 - SurfRight B.V.)
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICCHelp (HKLM-x32\...\{A5763105-D1D5-4862-A3FE-EC058F9AA73E}) (Version: 19.00.0000 - UPS)
Icecream Screen Recorder version 4.33 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 4.33 - Icecream Apps)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Office 365 Business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (HKLM-x32\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{9D662DE9-690E-4748-8EE5-02DD6758221E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{3965C9F9-9B9A-4391-AC4B-8388210D3AA0}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM-x32\...\{11778632-197C-4D05-8AF3-4C4626019712}) (Version: 11.2.5343.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{06E783ED-91B4-4BB3-9913-8D608E7B0702}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MSIChecker (x32 Version: 19.00.0000 - UPS) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NA1Messenger (x32 Version: 19.00.0000 - Your Company Name) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NRF (x32 Version: 19.00.0000 - UPS) Hidden
NVIDIA 3D Vision Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.91 - NVIDIA Corporation)
NVIDIA Graphics Driver 358.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.91 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PolicyManager (x32 Version: 19.00.0000 - UPS) Hidden
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickBooks (x32 Version: 22.0.4016.2206 - Intuit Inc.) Hidden
QuickBooks Premier: Mfg and Whsle Edition 2012 (HKLM-x32\...\{27608481-8856-409A-A307-D62D9B84E33E}) (Version: 22.0.4016.2206 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Reconciler (x32 Version: 19.00.0000 - UPS) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
ReportServer (x32 Version: 18.00.0000 - Your Company Name) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (HKLM-x32\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SQL Server 2012 Common Files (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (x32 Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SupportUtility (x32 Version: 19.00.0000 - UPS) Hidden
System (x32 Version: 19.00.0000 - UPS) Hidden
TouchCopy 12 (x64) (HKLM\...\{1B6C9AEB-1FDE-4873-8420-1ACB5F2E0EA9}) (Version: 12.90 - Wide Angle Software)
UnifiedPrinting (x32 Version: 19.00.0000 - UPS) Hidden
UPS WorldShip (HKLM-x32\...\UPS WorldShip) (Version: 19.0 - UPS)
UPSDB (x32 Version: 19.00.0000 - UPS) Hidden
UPSICC (x32 Version: 19.00.0000 - UPS) Hidden
UPSlinkHTTP (x32 Version: 19.00.0000 - UPS) Hidden
UPSVC2013MM (x32 Version: 19.00.0000 - Your Company Name) Hidden
VLC media player 1.1.8 (HKLM-x32\...\VLC media player) (Version: 1.1.8 - VideoLAN)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WebHelp (HKLM-x32\...\{8C5BD501-AD5D-4A75-9321-076509B438FC}) (Version: 19.00.0000 - UPS)
WebM Project Directshow Filters (HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WorldShip (x32 Version: 19.00.0000 - UPS) Hidden
WSShared (x32 Version: 19.00.0000 - UPS) Hidden
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3271275025-2158743644-2568987073-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\fast\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {20D1A017-A624-40E8-AED8-878C5E71D2BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-27] (Google Inc.)
Task: {2D580928-9DAA-446C-859A-31ECC4DA49F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {3AF990DB-AB82-4DDD-8C04-7AB823E9A1F7} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2016-10-11] ()
Task: {81A90A27-9B98-47FD-9DC3-99D8A1CCBF09} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {8BFF83A1-348F-4C39-8702-2967806C7DB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {9EABC9C3-BD20-4A53-AC7B-441850CCCD47} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-09-20] (Microsoft Corporation)
Task: {D6C0833C-E1C0-4715-AB14-6F7ADD95461D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {E6CEF734-7CF7-4CF9-BA25-1264F42D76FE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-27] (Google Inc.)
Task: {E9F2B560-4C2A-493C-B216-5B3859FD5913} - System32\Tasks\AdobeAAMUpdater-1.0-ANONYMOUS-FAST-fast => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {FE2CA13D-BDB1-4B54-B48C-B54966C720FD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\fast\Desktop\Kris - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\fast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\fast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\File System for OneDrive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=jbfdfcehgafdbfpniaimfbfomafoadgo
ShortcutWithArgument: C:\Users\fast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Lucidchart Diagrams - Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=djejicklhojeokkfmdelnempiecmdomj
ShortcutWithArgument: C:\Users\fast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Kristof - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 04:42 - 2016-07-16 04:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-01 20:05 - 2016-09-15 10:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-21 17:57 - 2016-08-01 05:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-01 20:05 - 2016-09-15 10:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-01 20:05 - 2016-09-15 10:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-21 18:07 - 2016-09-21 18:07 - 00959168 _____ () C:\Users\fast\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-06-19 19:25 - 2016-09-20 05:18 - 08921800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-07-16 04:42 - 2016-07-16 04:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-21 18:54 - 2016-09-21 18:54 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 10:41 - 2016-10-05 02:35 - 00474112 ____C () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-11 10:41 - 2016-10-05 02:34 - 00693248 ____C () C:\Windows\ShellExperiences\MtcUvc.dll
2016-10-11 10:41 - 2016-10-05 02:21 - 09760256 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 01401344 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 00757248 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 01033216 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 02424832 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 04853760 ____C () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-03 19:39 - 2016-09-24 23:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-03 19:39 - 2016-09-24 23:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2016-10-11 15:58 - 2016-10-11 15:58 - 31064768 _____ () C:\Users\fast\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.185\pepflashplayer.dll
2013-03-23 10:14 - 2013-03-23 10:14 - 02993664 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\DvrClient.exe
2016-10-08 18:40 - 2016-10-11 16:03 - 07711966 _____ () C:\Program Files\pia_manager\pia_manager.exe
2016-07-16 04:42 - 2016-07-16 04:42 - 00130048 _____ () C:\WINDOWS\system32\CHARTV.dll
2016-01-06 09:41 - 2016-01-06 09:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-10-08 18:40 - 2016-10-11 16:03 - 00693760 _____ () C:\Program Files\pia_manager\openvpn.exe
2016-10-08 18:40 - 2016-10-11 16:03 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2016-10-08 18:40 - 2016-10-11 16:03 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2016-10-08 18:40 - 2016-10-11 16:03 - 00144896 _____ () C:\Program Files\pia_manager\pia-openvpn.dll
2013-03-22 18:11 - 2013-03-22 18:11 - 00177664 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\RSNet.dll
2013-03-22 18:12 - 2013-03-22 18:12 - 00528384 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\RSPlay.dll
2013-01-15 16:31 - 2013-01-15 16:31 - 00802866 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\HCNetSDK.dll
2013-01-15 16:31 - 2013-01-15 16:31 - 01089630 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\PlayCtrl.dll
2013-01-15 16:31 - 2013-01-15 16:31 - 00151607 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\hpr.dll
2013-01-15 16:31 - 2013-01-15 16:31 - 00376832 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\hi_h264dec_w1.dll
2013-01-15 16:31 - 2013-01-15 16:31 - 00100366 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\avutil-51.dll
2013-01-15 16:31 - 2013-01-15 16:31 - 01053198 _____ () C:\Program Files (x86)\DVR Soft\DvrClient\avcodec-53.dll
2016-10-22 13:04 - 2016-10-22 13:04 - 00012800 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00009728 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00014848 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00094208 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\src\rgloader\rgloader193.mswin.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00009216 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00094208 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00126976 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00087552 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00016384 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00127316 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\bin\libffi-6.dll
2016-10-22 13:04 - 2016-10-22 13:04 - 00008704 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00013312 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00095744 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00026624 _____ () C:\Users\fast\AppData\Local\Temp\ocrE6BD.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00012800 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00009728 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00014848 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00094208 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\src\rgloader\rgloader193.mswin.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00094208 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00118784 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00069120 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00083968 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\bin\zlib1.dll
2016-10-22 13:04 - 2016-10-22 13:04 - 00026624 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00275968 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00015360 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00008192 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00009216 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00023552 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00008704 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00008704 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00008704 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00008704 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00036352 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00126976 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00087552 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00016384 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00127316 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\bin\libffi-6.dll
2016-10-22 13:04 - 2016-10-22 13:04 - 00013312 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00095744 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2016-10-22 13:04 - 2016-10-22 13:04 - 00026624 _____ () C:\Users\fast\AppData\Local\Temp\ocrEA57.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2016-10-08 18:40 - 2016-10-11 16:03 - 00939520 _____ () C:\Program Files\pia_manager\pia_tray_bin\nw-win\ffmpeg.dll
2016-10-08 18:40 - 2016-10-11 16:03 - 03115520 _____ () C:\Program Files\pia_manager\pia_tray_bin\nw-win\node.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\fast\AppData\Local\0L2VQURo:1JGpo4JofK1mMUuAoR5zhtHF9m8 [1984]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-04-27 23:51 - 2016-04-27 23:51 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1 - 209.222.18.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeActiveFileMonitor11.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: DraftSight API Service => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: QBCFMonitorService => 2
MSCONFIG\Services: QBFCService => 3
MSCONFIG\Services: QBVSS => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\StartupFolder: => "UPS WorldShip PLD Reminder Utility.lnk"
HKLM\...\StartupApproved\StartupFolder: => "UPS WorldShip Messaging Utility.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Intuit Data Protect.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk"
HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass IE RunOnce.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Install LastPass FF RunOnce.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "WSUpdater"
HKLM\...\StartupApproved\Run32: => "NA1Messenger"
HKLM\...\StartupApproved\Run32: => "Intuit SyncManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_23E43E3C36DDE0630C2BD1E0DE7890D8"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "HP Officejet Pro 8620 (NET)"
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\StartupApproved\Run: => "CAHeadless"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C497A226-C359-4E16-8079-ED2A3EC27169}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{307340D1-1628-4FF3-A968-0AB231E005B2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65451DBA-B2CC-4E68-A407-9D52EC853985}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DFAC12D5-860B-4A76-B643-3DD90C476DBF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{17158EAB-A059-485B-A49B-039815C6AB02}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{9E4AC87C-4CA4-4AE3-8946-B7FF098B8C0F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{4FD305F1-F155-46F5-9CF4-01F20AF592BB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{E154F284-A287-4604-AEF2-2F91F96527AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{87DF59B5-9B95-4077-AB0A-5D7605C19D9C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E0D4C092-C33E-4DE5-99A4-C97D61DCF19C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{00BD750C-E3BD-4399-A984-A46F04081147}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{ED4137C4-ED21-43D9-8E74-6BD97D6132D2}] => (Allow) C:\Program Files (x86)\ASUS\Download Master Utility\DM2.2.exe
FirewallRules: [{C202AACD-57B9-4121-9D43-47C96404B870}] => (Allow) C:\Program Files (x86)\ASUS\Download Master Utility\DM2.2.exe
FirewallRules: [{82557C85-37A4-43EA-BD4A-9347A8A71194}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
FirewallRules: [{8422A7E8-95D8-4411-801F-CAAC7D2B1C0F}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Firmware Restoration\Rescue.exe
FirewallRules: [{3132CC09-84B4-4FEC-98B3-59150706D407}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D5295AEC-7D53-4E59-89F1-F25548F3CE54}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
07-10-2016 11:07:47 Removed Bonjour
11-10-2016 11:03:05 Windows Update
11-10-2016 11:03:20 Windows Update
14-10-2016 04:47:57 Removed Apple Software Update
14-10-2016 04:56:15 Windows Backup
17-10-2016 14:29:08 Windows Update
17-10-2016 22:24:23 Windows Backup
18-10-2016 15:52:01 Windows Backup
20-10-2016 16:02:34 Windows Backup
23-10-2016 19:00:09 Windows Backup
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/24/2016 12:50:03 AM) (Source: MsiInstaller) (EventID: 11721) (User: ANONYMOUS-FAST)
Description: Product: Apple Software Update -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: SoftwareUpdate_UnregServer, location: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe, command: /UnregServer
 
Error: (10/23/2016 09:18:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Manufacturing and Wholesale Edition 2012":
DB error -85 ErrorMessage:'Communication error' from file:'.\.\src\DMSQLPrefAttribute.cpp' at line 153 from function:'DMPrefAttribute::IDBPrefAttribute::DBLoad'
 
Error: (10/23/2016 09:18:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Manufacturing and Wholesale Edition 2012":
DB error -101 ErrorMessage:'Not connected to a database' from file:'.\.\src\DMSQLTransaction.cpp' at line 175 from function:'DBMgr::SADMTransaction::DBSQLCommit'
 
Error: (10/23/2016 09:18:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Manufacturing and Wholesale Edition 2012":
DQE execution failed. Could not retrieve COUNT(user name).
 
Error: (10/23/2016 09:18:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Manufacturing and Wholesale Edition 2012":
ExecuteQuery failed (DETAIL AVAILABLE), error id: -6019, sub id: 0, 'Succeeded', ''
 
Error: (10/23/2016 09:18:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Manufacturing and Wholesale Edition 2012":
DB error -85 ErrorMessage:'Communication error' from file:'.\.\src\SQLDynamicQuery.cpp' at line 274 from function:'DQE::DMDQEDynamicQuery::DBDoQuery'
 
Error: (10/23/2016 09:16:44 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks: Premier Manufacturing and Wholesale Edition 2012":
DB error -304 ErrorMessage:'Disk full 'Fatal error:  disk full when writing to "\\192.168.1.4\work\Quick Books\TitanReady.qbw"' -- transaction rolled back' from file:'.\.\src\DMSQLPrefAttribute.cpp' at line 153 from function:'DMPrefAttribute::IDBPrefAttribute::DBLoad'
 
Error: (10/23/2016 09:01:53 PM) (Source: SQLANY 11.0) (EventID: 1) (User: )
Description: Event-ID 1
 
Error: (10/23/2016 07:06:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (10/23/2016 07:01:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
 
System errors:
=============
Error: (10/23/2016 04:10:03 PM) (Source: DCOM) (EventID: 10010) (User: ANONYMOUS-FAST)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (10/23/2016 04:08:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
Error: (10/23/2016 03:56:58 PM) (Source: DCOM) (EventID: 10010) (User: ANONYMOUS-FAST)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (10/23/2016 03:54:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
Error: (10/22/2016 08:22:05 PM) (Source: DCOM) (EventID: 10010) (User: ANONYMOUS-FAST)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (10/22/2016 08:20:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
Error: (10/22/2016 11:07:28 AM) (Source: DCOM) (EventID: 10010) (User: ANONYMOUS-FAST)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (10/22/2016 11:05:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
Error: (10/22/2016 10:07:06 AM) (Source: DCOM) (EventID: 10010) (User: ANONYMOUS-FAST)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (10/22/2016 10:05:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
 
CodeIntegrity:
===================================
  Date: 2016-10-03 13:41:23.304
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-03 13:41:23.303
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-03 13:40:58.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-03 13:40:58.537
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-03 11:07:10.598
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-03 11:07:10.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-01 14:15:32.676
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-01 14:15:32.675
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 45%
Total physical RAM: 32653.63 MB
Available physical RAM: 17863.95 MB
Total Virtual: 65421.63 MB
Available Virtual: 43405.55 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.22 GB) (Free:13.49 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:1863.01 GB) (Free:503.57 GB) NTFS
Drive e: () (CDROM) (Total:4.38 GB) (Free:4.15 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D0687E57)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 71618412)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:16 AM

Posted 30 October 2016 - 05:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/630525 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Titan-man

Titan-man
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 30 October 2016 - 09:22 AM

More details as they keep coming up. Best guess is this came in on a laptop and is throughout LAN. Even unusual web traffic by printers and a time clock. Goggle blocks certain sites of itself, reason being unusual traffic detected. This computer had no configuration for firewall and will not recognize backup drive, back itself up or keep logs. The logs I get or find elsewhere are noteworthy and I have files for you. Please advise as too removing personal info before posting. Thanks again!

 

 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016

Ran by fast (administrator) on ANONYMOUS-FAST (30-10-2016 05:49:53)
Running from C:\Users\fast\Desktop
Loaded Profiles: fast (Available Profiles: fast)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\UPS\WSTD\WSDB\MSSQL11.UPSWS2012SERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(hxxp://www.ruby-lang.org/) C:\Users\fast\AppData\Local\Temp\ocrA246.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(hxxp://www.ruby-lang.org/) C:\Users\fast\AppData\Local\Temp\ocrBD9E.tmp\bin\rubyw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
(The NWJS Community) C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe
() C:\Program Files\pia_manager\openvpn.exe
() C:\Program Files (x86)\DVR Soft\DvrClient\DvrClient.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\fast\Desktop\FRST64 (6).exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-21] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1868472 2016-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WSUpdater] => C:\PROGRAM FILES (X86)\UPS\WSTD\CF\WorldShipCF.exe [238336 2016-03-02] (UPS)
HKLM-x32\...\Run: [NA1Messenger] => C:\PROGRAM FILES (X86)\UPS\WSTD\UPSNA1Msgr.exe [29952 2016-03-02] ()
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-02-27] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\Run: [GoogleChromeAutoLaunch_23E43E3C36DDE0630C2BD1E0DE7890D8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1083496 2016-10-20] (Google Inc.)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe [1260544 2016-10-11] (The NWJS Community)
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1083496 2016-10-20] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-06-01]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-06-01]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2016-06-15]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2016-06-15]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2016-06-15]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2012\QBW32.EXE (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip Messaging Utility.lnk [2016-04-30]
ShortcutTarget: UPS WorldShip Messaging Utility.lnk -> C:\Program Files (x86)\UPS\WSTD\WSTDMessaging.exe (United Parcel Service, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UPS WorldShip PLD Reminder Utility.lnk [2016-04-30]
ShortcutTarget: UPS WorldShip PLD Reminder Utility.lnk -> C:\Program Files (x86)\UPS\WSTD\wstdPldReminder.exe (UPS)
GroupPolicy: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218
Tcpip\..\Interfaces\{21a826f8-8044-4596-b760-d99ad2b9ec82}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{97f62454-dc5c-4558-ab3f-35b9a4171b41}: [DhcpNameServer] 209.222.18.222 209.222.18.218
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3271275025-2158743644-2568987073-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-3271275025-2158743644-2568987073-1000 -> {0C59C728-CBA0-442A-9B9B-BF8DD0F3D760} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-06-01] (LastPass)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-07] (Microsoft Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-06-01] (LastPass)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-07] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-06-01] (LastPass)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-06-01] (LastPass)
IE Session Restore: HKU\S-1-5-21-3271275025-2158743644-2568987073-1000 -> is enabled.
Handler-x32: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll [2015-02-27] (Intuit, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-21] (Microsoft Corporation)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: mpvptqmz.default
FF ProfilePath: C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default [2016-10-29]
FF Extension: (Bing Search) - C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-09-28]
FF Extension: (LastPass) - C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default\Extensions\support@lastpass.com [2016-09-26]
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-04-28]
FF SearchPlugin: C:\Users\fast\AppData\Roaming\Mozilla\Firefox\Profiles\mpvptqmz.default\searchplugins\bing-.xml [2016-09-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-06-01] (LastPass)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-06-01] (LastPass)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Profile 1 -> "hxxp://mysearch.avg.com?cid={9F43CA9C-A693-4238-B11E-3DD90028EAB9}&mid=7d3da297d4a347d2a2ecd15aef150dac-ee1b55af0bb211f190d65bc7732d76a695e2d292&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-05-29 13:10:53&v=3.0.0.2&pid=wtu&sg=&sap=hp","hxxp://mysearch.avg.com?cid={9F43CA9C-A693-4238-B11E-3DD90028EAB9}&mid=7d3da297d4a347d2a2ecd15aef150dac-ee1b55af0bb211f190d65bc7732d76a695e2d292&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-05-29 13:10:53&v=3.2.0.15&pid=wtu&sg=&sap=hp","hxxp://www.google.com"
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Profile 1 -> Yahoo
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default [2016-10-26]
CHR Extension: (Google Slides) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-23]
CHR Extension: (Google Docs) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-23]
CHR Extension: (Google Drive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-23]
CHR Extension: (YouTube) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-23]
CHR Extension: (Galaxy-View) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-09-23]
CHR Extension: (Adobe Acrobat) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-25]
CHR Extension: (Google Sheets) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-23]
CHR Extension: (Chrome Remote Desktop) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-09-23]
CHR Extension: (Google Docs Offline) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-25]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-10-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-23]
CHR Extension: (Gmail) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR Profile: C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-30]
CHR Extension: (Google Slides) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-23]
CHR Extension: (Website and SEO Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajkomeiemllejmopbbjjngpmmikfedad [2016-09-23]
CHR Extension: (Google Docs) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-23]
CHR Extension: (Google Drive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-23]
CHR Extension: (MindMeister) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdehgigffdnkjpaindemkaniebfaepjm [2016-09-23]
CHR Extension: (Google Docs Quick Create) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bldgenmjegcnjebiongilahhcjldgmlm [2016-09-23]
CHR Extension: (YouTube) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-23]
CHR Extension: (Alexa Traffic Rank) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cknebhggccemgcnbidipinkifmmegdel [2016-09-23]
CHR Extension: (TypingWeb Typing Tutor) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clcgempicojkfhpnepfecmklndooebjk [2016-09-23]
CHR Extension: (Site SEO Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgbkldehhidnhpecibnmabmbclnokikd [2016-09-23]
CHR Extension: (Lucidchart Diagrams - Desktop) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djejicklhojeokkfmdelnempiecmdomj [2016-10-13]
CHR Extension: (Chromebleed) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2016-09-23]
CHR Extension: (Adobe Acrobat) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-23]
CHR Extension: (MailChimp) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\einnfnfpkbbebamphappjlmbedgjbnoe [2016-09-23]
CHR Extension: (Google Sheets) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-23]
CHR Extension: (SEO Site Tools, Site Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\femogmcmjpjkokoojcljkpfdifkpbbpp [2016-09-23]
CHR Extension: (Weebly Dashboard Extension) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkhpeihpgdipchpfmddkfcigllaaiaki [2016-09-23]
CHR Extension: (Page Analytics (by Google)) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fnbdnhhicmebfgdgglcdacdapkcihcoh [2016-09-23]
CHR Extension: (Google Analytics URL Builder) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gaidpiakchgkapdgbnoglpnbccdepnpk [2016-09-23]
CHR Extension: (HTTPS Everywhere) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-25]
CHR Extension: (AdBlock) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-24]
CHR Extension: (In-Page SEO Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdeoafjegchjkmadbbjlbhiooliinkja [2016-09-23]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-10-26]
CHR Extension: (HTML5 Banner Creator) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hioegghdmpcchhfdcbkldeiobkahllhg [2016-09-23]
CHR Extension: (SEO & Website Analysis) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hlngmmdolgbdnnimbmblfhhndibdipaf [2016-09-23]
CHR Extension: (ONLYOFFICE Personal) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iohfebkcjhlelaoibebeohcgkohkcgpn [2016-09-23]
CHR Extension: (File System for OneDrive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbfdfcehgafdbfpniaimfbfomafoadgo [2016-09-23]
CHR Extension: (Free SEO Deal of the Week) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jgnekndlomccgljphjjcmhgmbbbeeklm [2016-09-23]
CHR Extension: (Google Forms) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2016-09-23]
CHR Extension: (Google Analytics Debugger) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jnkmfdileelhofjcijamephohjechhna [2016-09-23]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-09-23]
CHR Extension: (Google Maps) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-23]
CHR Extension: (Google Drawings) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2016-09-23]
CHR Extension: (Easy SEO Tools) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnlboglefdlldiioafkgbbdfihdoicam [2016-09-23]
CHR Extension: (Office Online) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2016-10-12]
CHR Extension: (OneDrive) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-09-23]
CHR Extension: (Website Analysis & SEO Tool) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nglkdkpdncleifbbjhhlfpakclhahhkn [2016-09-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-23]
CHR Extension: (PowToon Presentations Edu) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ogodblbnhpbcmcjcoopbalconhnloagl [2016-09-23]
CHR Extension: (ScriptSafe) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2016-10-14]
CHR Extension: (Gmail) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\fast\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-24]
CHR Profile: C:\Users\fast\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-25]
CHR HKLM-x32\...\Chrome\Extension: [bhfhojbhbnajajgihpicejdalbjlpcep] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-03-17] (Dassault Systèmes) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-10-03] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [374360 2016-05-27] (Intel Corporation)
R2 MSSQL$UPSWS2012SERVER; C:\PROGRAM FILES (X86)\UPS\WSTD\WSDB\MSSQL11.UPSWS2012SERVER\MSSQL\Binn\sqlservr.exe [163008 2015-05-05] (Microsoft Corporation)
S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-02-27] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2011-08-19] (Intuit Inc.) [File not signed]
S4 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-08-19] (Intuit Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S4 SQLAgent$UPSWS2012SERVER; C:\PROGRAM FILES (X86)\UPS\WSTD\WSDB\MSSQL11.UPSWS2012SERVER\MSSQL\Binn\SQLAGENT.EXE [448704 2015-05-05] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 gfiark; C:\WINDOWS\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\WINDOWS\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [47008 2013-07-30] ()
R3 Ke2200; C:\WINDOWS\System32\drivers\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-25] (Malwarebytes)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NMgamingmsFltr; C:\WINDOWS\system32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-27] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [84792 2016-10-14] (Sysinternals - www.sysinternals.com)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-08-13] (Oracle Corporation)
S3 vuhub; C:\WINDOWS\System32\drivers\vuhub.sys [47616 2007-12-16] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-30 05:49 - 2016-10-30 05:49 - 02408448 _____ (Farbar) C:\Users\fast\Desktop\FRST64 (6).exe
2016-10-30 05:47 - 2016-10-30 05:47 - 02408448 _____ (Farbar) C:\Users\fast\Desktop\FRST64 (5).exe
2016-10-30 05:46 - 2016-10-30 05:46 - 02408448 _____ (Farbar) C:\Users\fast\Desktop\FRST64 (4).exe
2016-10-27 17:44 - 2016-10-14 21:48 - 00498952 ____C (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-27 17:44 - 2016-10-14 21:26 - 04129928 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-27 17:44 - 2016-10-14 21:26 - 01990648 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-27 17:44 - 2016-10-14 21:26 - 01472536 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-27 17:44 - 2016-10-14 21:26 - 01062480 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-27 17:44 - 2016-10-14 21:15 - 01557808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-27 17:44 - 2016-10-14 21:11 - 01263848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-27 17:44 - 2016-10-14 20:41 - 12174848 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-27 17:44 - 2016-10-14 20:36 - 01880576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-27 17:43 - 2016-10-14 22:11 - 00484584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 02186896 ____C (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 01637728 ____C (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 01235296 ____C (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 01051112 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-27 17:43 - 2016-10-14 21:51 - 00894088 ____C (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-27 17:43 - 2016-10-14 21:51 - 00595296 ____C (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 00590960 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 00584032 ____C (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 00322912 ____C (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 00283488 ____C (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-27 17:43 - 2016-10-14 21:51 - 00232800 ____C (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 00137568 ____C (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-27 17:43 - 2016-10-14 21:51 - 00078688 ____C (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-27 17:43 - 2016-10-14 21:48 - 07817568 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-27 17:43 - 2016-10-14 21:48 - 01354320 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-27 17:43 - 2016-10-14 21:48 - 01173496 ____C (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-27 17:43 - 2016-10-14 21:48 - 00773712 ____C (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-27 17:43 - 2016-10-14 21:47 - 01883784 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-27 17:43 - 2016-10-14 21:43 - 01356352 ____C (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-27 17:43 - 2016-10-14 21:41 - 05622088 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-27 17:43 - 2016-10-14 21:38 - 00500064 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-27 17:43 - 2016-10-14 21:38 - 00409952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-27 17:43 - 2016-10-14 21:37 - 00063328 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-27 17:43 - 2016-10-14 21:34 - 01969912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-27 17:43 - 2016-10-14 21:33 - 00455040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-27 17:43 - 2016-10-14 21:32 - 01570680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-27 17:43 - 2016-10-14 21:32 - 00601712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-27 17:43 - 2016-10-14 21:31 - 02827864 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-27 17:43 - 2016-10-14 21:31 - 02750384 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-27 17:43 - 2016-10-14 21:31 - 02190688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-27 17:43 - 2016-10-14 21:31 - 00658272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-27 17:43 - 2016-10-14 21:31 - 00402272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-27 17:43 - 2016-10-14 21:30 - 01851696 ____C (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-27 17:43 - 2016-10-14 21:30 - 00682816 ____C (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-27 17:43 - 2016-10-14 21:30 - 00557408 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-27 17:43 - 2016-10-14 21:30 - 00509280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-27 17:43 - 2016-10-14 21:30 - 00341936 ____C (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-27 17:43 - 2016-10-14 21:30 - 00238056 ____C (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-27 17:43 - 2016-10-14 21:29 - 02913104 ____C (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-27 17:43 - 2016-10-14 21:29 - 01267504 ____C (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-27 17:43 - 2016-10-14 21:29 - 00908640 ____C (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-27 17:43 - 2016-10-14 21:29 - 00335712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-27 17:43 - 2016-10-14 21:29 - 00079200 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-27 17:43 - 2016-10-14 21:26 - 22224480 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 04673304 ____C (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-27 17:43 - 2016-10-14 21:26 - 01694712 ____C (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 01600632 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 01274712 ____C (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 00811416 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 00691080 ____C (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 00534096 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-27 17:43 - 2016-10-14 21:26 - 00160096 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-27 17:43 - 2016-10-14 21:25 - 00882680 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-27 17:43 - 2016-10-14 21:25 - 00742704 ____C (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-27 17:43 - 2016-10-14 21:22 - 01608896 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-27 17:43 - 2016-10-14 21:22 - 01461200 ____C (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-27 17:43 - 2016-10-14 21:22 - 01418312 ____C (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-27 17:43 - 2016-10-14 21:22 - 00628040 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-27 17:43 - 2016-10-14 21:21 - 02537824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-27 17:43 - 2016-10-14 21:21 - 01100128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-27 17:43 - 2016-10-14 21:21 - 00584032 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-27 17:43 - 2016-10-14 21:21 - 00292872 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-27 17:43 - 2016-10-14 21:20 - 02276736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-27 17:43 - 2016-10-14 21:19 - 02256592 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-27 17:43 - 2016-10-14 21:19 - 00272720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-27 17:43 - 2016-10-14 21:18 - 02166232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-27 17:43 - 2016-10-14 21:18 - 01556712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-27 17:43 - 2016-10-14 21:18 - 00846560 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-27 17:43 - 2016-10-14 21:18 - 00749920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-27 17:43 - 2016-10-14 21:18 - 00576400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-27 17:43 - 2016-10-14 21:18 - 00186424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 20969928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 03892352 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 01853776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 01123368 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 00959112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 00952416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-27 17:43 - 2016-10-14 21:15 - 00687936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-27 17:43 - 2016-10-14 21:14 - 04311736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-27 17:43 - 2016-10-14 21:11 - 01435896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-27 17:43 - 2016-10-14 21:11 - 01424488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-27 17:43 - 2016-10-14 21:11 - 00545944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-27 17:43 - 2016-10-14 21:10 - 00254656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-27 17:43 - 2016-10-14 21:06 - 05685760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-27 17:43 - 2016-10-14 21:05 - 07216640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-27 17:43 - 2016-10-14 21:02 - 22568960 ____C (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-27 17:43 - 2016-10-14 21:01 - 01631232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-27 17:43 - 2016-10-14 21:00 - 01631232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-27 17:43 - 2016-10-14 21:00 - 00323584 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-27 17:43 - 2016-10-14 21:00 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-27 17:43 - 2016-10-14 21:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-27 17:43 - 2016-10-14 20:59 - 00272384 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-27 17:43 - 2016-10-14 20:59 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-27 17:43 - 2016-10-14 20:59 - 00130560 ____C (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-27 17:43 - 2016-10-14 20:59 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-27 17:43 - 2016-10-14 20:58 - 00258560 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-27 17:43 - 2016-10-14 20:58 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-27 17:43 - 2016-10-14 20:58 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-27 17:43 - 2016-10-14 20:57 - 00217600 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-27 17:43 - 2016-10-14 20:57 - 00186880 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-27 17:43 - 2016-10-14 20:57 - 00175104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-27 17:43 - 2016-10-14 20:57 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-27 17:43 - 2016-10-14 20:57 - 00039424 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-27 17:43 - 2016-10-14 20:56 - 00339968 ____C (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-27 17:43 - 2016-10-14 20:56 - 00327680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00306688 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-27 17:43 - 2016-10-14 20:56 - 00227328 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00219648 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00120832 ____C (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00098816 ____C (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00095232 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-27 17:43 - 2016-10-14 20:56 - 00065024 ____C (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00635904 ____C (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00567296 ____C (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00329216 ____C (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00265728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00236544 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00182784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-27 17:43 - 2016-10-14 20:55 - 00142336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-27 17:43 - 2016-10-14 20:55 - 00126464 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00717312 ____C (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00555008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00463872 ____C (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00410112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00314880 ____C (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00296960 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00241152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00217088 ____C (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00211456 ____C (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-27 17:43 - 2016-10-14 20:54 - 00179712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-27 17:43 - 2016-10-14 20:54 - 00152064 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00102912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-27 17:43 - 2016-10-14 20:54 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00566784 ____C (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00549376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00313856 ____C (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00270336 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00240640 ____C (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00222720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-27 17:43 - 2016-10-14 20:53 - 00198144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-27 17:43 - 2016-10-14 20:53 - 00147456 ____C (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 06285312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00690176 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00632832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00523776 ____C (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00506880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00432128 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00410624 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00339456 ____C (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00306176 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00288256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00274432 ____C (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00163328 ____C (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00115200 ____C (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-27 17:43 - 2016-10-14 20:52 - 00088576 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-27 17:43 - 2016-10-14 20:51 - 13868544 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-27 17:43 - 2016-10-14 20:51 - 00429568 ____C (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-27 17:43 - 2016-10-14 20:51 - 00261632 ____C (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-27 17:43 - 2016-10-14 20:51 - 00226304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 17188352 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 02716672 ____C (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 02333184 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00896512 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00509440 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00438784 ____C (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00310272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00198656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00090112 ____C (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-27 17:43 - 2016-10-14 20:50 - 00074752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 09131008 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 01913344 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 00838144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 00495104 ____C (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 00388608 ____C (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 00348672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-27 17:43 - 2016-10-14 20:49 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-27 17:43 - 2016-10-14 20:49 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-27 17:43 - 2016-10-14 20:49 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-27 17:43 - 2016-10-14 20:48 - 23680000 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-27 17:43 - 2016-10-14 20:48 - 03778560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-27 17:43 - 2016-10-14 20:48 - 01554944 ____C (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-27 17:43 - 2016-10-14 20:48 - 01323008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-27 17:43 - 2016-10-14 20:48 - 01054208 ____C (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 07792640 ____C (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 07626752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 04612608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 01113600 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 00720896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 00558080 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-27 17:43 - 2016-10-14 20:47 - 00369664 ____C (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-27 17:43 - 2016-10-14 20:46 - 19418112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-27 17:43 - 2016-10-14 20:46 - 19416576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-27 17:43 - 2016-10-14 20:46 - 03287552 ____C (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-27 17:43 - 2016-10-14 20:46 - 00718848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 17:43 - 2016-10-14 20:46 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-27 17:43 - 2016-10-14 20:46 - 00336896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-27 17:43 - 2016-10-14 20:45 - 01790464 ____C (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-27 17:43 - 2016-10-14 20:45 - 00942080 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-27 17:43 - 2016-10-14 20:45 - 00702464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 17:43 - 2016-10-14 20:45 - 00406016 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-27 17:43 - 2016-10-14 20:45 - 00337920 ____C (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-27 17:43 - 2016-10-14 20:44 - 03307520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-27 17:43 - 2016-10-14 20:44 - 00747008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-27 17:43 - 2016-10-14 20:44 - 00636928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-27 17:43 - 2016-10-14 20:44 - 00470016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-27 17:43 - 2016-10-14 20:44 - 00465920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-27 17:43 - 2016-10-14 20:44 - 00090112 ____C (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-27 17:43 - 2016-10-14 20:43 - 02748928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-27 17:43 - 2016-10-14 20:43 - 01365504 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-27 17:43 - 2016-10-14 20:43 - 00574976 ____C (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-27 17:43 - 2016-10-14 20:43 - 00078336 ____C (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 12349440 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 06108672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00956416 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00805376 ____C (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00539136 ____C (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00467968 ____C (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00459776 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00130560 ____C (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00090624 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-27 17:43 - 2016-10-14 20:42 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-27 17:43 - 2016-10-14 20:41 - 07654912 ____C (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 05376000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 00945664 ____C (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 00940032 ____C (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 00655872 ____C (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 00496128 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 00161792 ____C (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-27 17:43 - 2016-10-14 20:41 - 00067584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-27 17:43 - 2016-10-14 20:40 - 13081600 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-27 17:43 - 2016-10-14 20:40 - 01690112 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-27 17:43 - 2016-10-14 20:40 - 00779776 ____C (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 04749312 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 04474368 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 03400192 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 02266624 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 01228288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 01060864 ____C (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 01005568 ____C (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00982528 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00869888 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00817664 ____C (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00806400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00631296 ____C (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00357376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00243712 ____C (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00109568 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-27 17:43 - 2016-10-14 20:39 - 00079360 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 13441024 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 07468032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 02458112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 01993216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 00913920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 00828416 ____C (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-27 17:43 - 2016-10-14 20:38 - 00675840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-27 17:43 - 2016-10-14 20:38 - 00579072 ____C (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 08075776 ____C (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 04708864 ____C (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 03733504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 02611200 ____C (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 02256896 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 01980416 ____C (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 01643008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 01029632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 00884224 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 00715264 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 00712192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 00709120 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-27 17:43 - 2016-10-14 20:37 - 00093184 ____C (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 04423680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 03617792 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-27 17:43 - 2016-10-14 20:36 - 02512384 ____C (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 02484736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 02290176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 01637888 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 01595392 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 01556992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 01492480 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 01359360 ____C (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 01170944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00983040 ____C (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00909824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00881664 ____C (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00792064 ____C (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-27 17:43 - 2016-10-14 20:36 - 00673792 ____C (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-27 17:43 - 2016-10-14 20:36 - 00629248 ____C (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00580608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00542208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00358912 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00347136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00338944 ____C (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-27 17:43 - 2016-10-14 20:36 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 03054080 ____C (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 02999808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-27 17:43 - 2016-10-14 20:35 - 02708992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 02670592 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 02315264 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 02005504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 01779712 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 01512960 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-27 17:43 - 2016-10-14 20:35 - 01509376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00905216 ____C (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00798208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00772608 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00760832 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00701952 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00483328 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00422400 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00391168 ____C (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-27 17:43 - 2016-10-14 20:35 - 00389632 ____C (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-27 17:43 - 2016-10-14 20:34 - 02688512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-27 17:43 - 2016-10-14 20:34 - 02476544 ____C (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-27 17:43 - 2016-10-14 20:34 - 01840640 ____C (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-27 17:43 - 2016-10-14 20:34 - 01726976 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-27 17:43 - 2016-10-14 20:34 - 00936448 ____C (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-27 17:43 - 2016-10-14 20:34 - 00842240 ____C (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-27 17:43 - 2016-10-14 20:32 - 00886784 ____C (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-27 17:43 - 2016-10-14 20:31 - 00227328 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-27 17:43 - 2016-09-10 06:21 - 00118272 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-27 17:43 - 2016-08-26 22:12 - 00244816 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-27 17:43 - 2016-08-05 21:17 - 00619368 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-27 02:04 - 2016-10-27 02:04 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-10-27 02:04 - 2016-10-27 02:04 - 00000000 ____D C:\Users\fast\AppData\Local\Apple Computer
2016-10-27 02:04 - 2016-10-27 02:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-10-27 02:03 - 2016-10-27 02:04 - 00000000 ____D C:\Program Files\iTunes
2016-10-27 02:03 - 2016-10-27 02:03 - 00000000 ____D C:\ProgramData\Apple Computer
2016-10-27 02:03 - 2016-10-27 02:03 - 00000000 ____D C:\ProgramData\Apple
2016-10-27 02:03 - 2016-10-27 02:03 - 00000000 ____D C:\Program Files\iPod
2016-10-27 02:03 - 2016-10-27 02:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-10-27 02:03 - 2016-10-27 02:03 - 00000000 ____D C:\Program Files\Bonjour
2016-10-27 02:03 - 2016-10-27 02:03 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-10-26 19:37 - 2016-10-27 02:03 - 174784840 _____ (Apple Inc.) C:\Users\fast\Desktop\iTunes6464Setup.exe
2016-10-26 17:09 - 2016-10-30 05:49 - 02407936 _____ (Farbar) C:\Users\fast\Desktop\FRST64 (3).exe
2016-10-26 12:03 - 2016-10-26 12:03 - 00382036 _____ C:\Users\fast\Desktop\bsns_license_directory (1).xls
2016-10-26 11:56 - 2016-10-26 11:56 - 00382036 _____ C:\Users\fast\Desktop\bsns_license_directory.xls
2016-10-25 04:59 - 2016-10-25 04:59 - 00043086 _____ C:\Users\fast\Desktop\Addition.txt
2016-10-25 04:58 - 2016-10-30 05:50 - 00030680 _____ C:\Users\fast\Desktop\FRST.txt
2016-10-25 04:58 - 2016-10-25 04:58 - 02407424 _____ (Farbar) C:\Users\fast\Desktop\FRST64 (2).exe
2016-10-25 00:48 - 2016-10-25 00:48 - 00001253 _____ C:\Users\fast\Desktop\111.PNG - Shortcut.lnk
2016-10-24 23:40 - 2016-10-25 02:55 - 00000000 ____D C:\Users\fast\Desktop\virus
2016-10-24 23:25 - 2016-10-25 02:06 - 00000000 ____D C:\Users\fast\Desktop\court
2016-10-24 03:13 - 2016-10-24 03:13 - 00007097 _____ C:\Users\fast\Desktop\WEBINER1invoice.pdf
2016-10-24 03:13 - 2016-10-24 03:13 - 00007086 _____ C:\Users\fast\Desktop\WEBINARinvoice.pdf
2016-10-24 02:45 - 2016-10-24 02:45 - 02407424 _____ (Farbar) C:\Users\fast\Desktop\FRST64 (1).exe
2016-10-24 02:29 - 2016-10-24 02:34 - 00001444 __RSH C:\ProgramData\ntuser.pol
2016-10-24 01:53 - 2016-10-24 01:53 - 02407424 _____ (Farbar) C:\Users\fast\Desktop\FRST64.exe
2016-10-24 00:50 - 2016-10-24 00:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-10-23 08:00 - 2016-10-23 08:00 - 00041370 _____ C:\evlog3-2016-10-23.htm
2016-10-22 08:00 - 2016-10-22 08:00 - 00028312 _____ C:\evlog3-2016-10-22.htm
2016-10-21 08:00 - 2016-10-21 08:00 - 00037232 _____ C:\evlog3-2016-10-21.htm
2016-10-20 08:00 - 2016-10-20 08:00 - 00029521 _____ C:\evlog3-2016-10-20.htm
2016-10-19 08:00 - 2016-10-19 08:00 - 00038972 _____ C:\evlog3-2016-10-19.htm
2016-10-18 08:00 - 2016-10-18 08:00 - 00050786 _____ C:\evlog3-2016-10-18.htm
2016-10-17 08:00 - 2016-10-17 08:00 - 00039446 _____ C:\evlog3-2016-10-17.htm
2016-10-16 08:00 - 2016-10-16 08:00 - 00035249 _____ C:\evlog3-2016-10-16.htm
2016-10-16 05:03 - 2016-10-16 05:03 - 00000000 ____D C:\Users\fast\Downloads\FW_RT_AC68U_30043803831
2016-10-16 05:02 - 2016-10-16 05:02 - 40280274 _____ C:\Users\fast\Downloads\FW_RT_AC68U_30043803831.zip
2016-10-15 08:00 - 2016-10-15 08:00 - 00101249 _____ C:\evlog3-2016-10-15.htm
2016-10-14 19:49 - 2016-10-14 19:49 - 00000000 ____D C:\Users\fast\Downloads\Ronin_Installer_v2.4_20160721 (2)
2016-10-14 16:18 - 2016-10-14 16:18 - 00038400 _____ C:\Users\fast\Downloads\970.xls
2016-10-14 08:08 - 2016-10-14 08:08 - 50110688 _____ (Microsoft Corporation) C:\Users\fast\Downloads\Windows-KB890830-x64-V5.41 (1).exe
2016-10-14 08:00 - 2016-10-14 08:06 - 00099393 _____ C:\evlog3-2016-10-14.htm
2016-10-14 05:02 - 2016-10-14 05:02 - 50110688 _____ (Microsoft Corporation) C:\Users\fast\Downloads\Windows-KB890830-x64-V5.41.exe
2016-10-14 03:38 - 2016-10-14 03:38 - 00084792 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
2016-10-13 12:52 - 2016-10-13 12:52 - 00058912 _____ C:\evlog3-2016-10-13.htm
2016-10-12 08:01 - 2016-10-12 08:01 - 00128904 _____ C:\evlog3-2016-10-12.htm
2016-10-12 02:20 - 2016-10-12 02:21 - 01065376 _____ (Google Inc.) C:\Users\fast\Downloads\ChromeSetup (2).exe
2016-10-11 20:20 - 2016-10-11 20:20 - 00000000 __SHD C:\Users\fast\wc
2016-10-11 20:20 - 2016-10-11 20:20 - 00000000 __SHD C:\Users\fast\AppData\Roaming\wyUpdate AU
2016-10-11 20:18 - 2016-10-11 20:18 - 62008080 _____ (Microsoft Corporation) C:\Users\fast\Downloads\NDP462-KB3151800-x86-x64-AllOS-ENU.exe
2016-10-11 20:09 - 2016-10-11 20:09 - 09977856 _____ C:\Users\fast\Downloads\EvLog3 (1).msi
2016-10-11 16:24 - 2016-10-11 16:24 - 00083949 _____ C:\Users\fast\Downloads\Emergency Preparedness Letter Invite.pdf
2016-10-11 16:02 - 2016-10-11 16:03 - 59955885 _____ C:\Users\fast\Downloads\pia-v65-win.exe
2016-10-11 10:42 - 2016-10-05 03:17 - 01322848 ____C (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-11 10:42 - 2016-10-05 03:13 - 01859264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-11 10:42 - 2016-10-05 03:13 - 00146784 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-11 10:42 - 2016-10-05 03:12 - 02446696 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-11 10:42 - 2016-10-05 03:09 - 00064352 ____C (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-11 10:42 - 2016-10-05 02:38 - 00237568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-11 10:42 - 2016-10-05 02:36 - 00113664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 10:42 - 2016-10-05 02:35 - 00196096 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-11 10:42 - 2016-10-05 02:35 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 10:42 - 2016-10-05 02:33 - 00651264 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-11 10:42 - 2016-10-05 02:33 - 00268800 ____C (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-11 10:42 - 2016-10-05 02:33 - 00157696 ____C (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-11 10:42 - 2016-10-05 02:32 - 00590336 ____C (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-11 10:42 - 2016-10-05 02:32 - 00146432 ____C (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-11 10:42 - 2016-10-05 02:31 - 00480768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-11 10:42 - 2016-10-05 02:31 - 00425472 ____C (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-11 10:42 - 2016-10-05 02:30 - 00396800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-11 10:42 - 2016-10-05 02:29 - 00368640 ____C (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-11 10:42 - 2016-10-05 02:28 - 00156672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00590848 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00137216 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-11 10:42 - 2016-10-05 02:26 - 00088576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 01589248 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00822784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00404992 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00299520 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-11 10:42 - 2016-10-05 02:25 - 00117760 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-11 10:42 - 2016-10-05 02:24 - 00483840 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 10:42 - 2016-10-05 02:24 - 00099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00431616 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00426496 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00284672 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00187904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-11 10:42 - 2016-10-05 02:23 - 00125952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-11 10:42 - 2016-10-05 02:21 - 03689984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-11 10:42 - 2016-10-05 02:21 - 00567808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-11 10:42 - 2016-10-05 02:20 - 00661504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-11 10:42 - 2016-10-05 02:20 - 00143872 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-11 10:42 - 2016-10-05 02:19 - 02390016 ____C (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-11 10:42 - 2016-10-05 02:18 - 00983040 ____C (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-11 10:42 - 2016-10-05 02:18 - 00858112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-11 10:42 - 2016-10-05 02:18 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-11 10:42 - 2016-10-05 02:17 - 08126464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-11 10:42 - 2016-10-05 02:17 - 02914304 ____C (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-11 10:42 - 2016-10-05 02:16 - 04747776 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-11 10:42 - 2016-10-05 02:16 - 00765440 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-11 10:42 - 2016-10-05 02:15 - 02800128 ____C (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-11 10:42 - 2016-10-05 02:15 - 00141312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-11 10:42 - 2016-10-05 02:14 - 01255936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 10:42 - 2016-10-05 02:13 - 00055808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-11 10:42 - 2016-10-05 02:12 - 01107456 ____C (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-11 10:42 - 2016-10-05 02:11 - 06043136 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-11 10:42 - 2016-10-05 02:11 - 00640000 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-11 10:42 - 2016-10-05 02:10 - 06474752 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-11 10:42 - 2016-10-05 02:09 - 00710144 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-11 10:42 - 2016-10-05 02:09 - 00691712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-11 10:42 - 2016-10-05 02:08 - 00873472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 03667456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 02682880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 02646016 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-11 10:42 - 2016-10-05 02:07 - 00566784 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-11 10:42 - 2016-10-05 02:06 - 00850944 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-11 10:42 - 2016-09-06 22:34 - 00360040 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-11 10:41 - 2016-10-05 03:35 - 00279904 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-11 10:41 - 2016-10-05 03:33 - 00128864 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-11 10:41 - 2016-10-05 03:31 - 02213248 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-11 10:41 - 2016-10-05 03:22 - 01181536 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-11 10:41 - 2016-10-05 03:16 - 00187232 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-11 10:41 - 2016-10-05 03:12 - 01112928 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-11 10:41 - 2016-10-05 03:09 - 01071728 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-11 10:41 - 2016-10-05 03:08 - 00241504 ____C (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-11 10:41 - 2016-10-05 03:03 - 01705976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-11 10:41 - 2016-10-05 02:51 - 01430720 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 10:41 - 2016-10-05 02:50 - 00116576 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 10:41 - 2016-10-05 02:49 - 01980768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-11 10:41 - 2016-10-05 02:48 - 01022304 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-11 10:41 - 2016-10-05 02:46 - 01360456 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-11 10:41 - 2016-10-05 02:46 - 00980824 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-11 10:41 - 2016-10-05 02:38 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-11 10:41 - 2016-10-05 02:36 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-11 10:41 - 2016-10-05 02:35 - 00352768 ____C (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-11 10:41 - 2016-10-05 02:35 - 00122880 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-11 10:41 - 2016-10-05 02:34 - 00144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-11 10:41 - 2016-10-05 02:32 - 00379904 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-11 10:41 - 2016-10-05 02:32 - 00223744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00837632 ____C (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00748544 ____C (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00561664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00176128 ____C (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-11 10:41 - 2016-10-05 02:31 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 10:41 - 2016-10-05 02:29 - 01145856 ____C (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 03059200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 00775168 ____C (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-11 10:41 - 2016-10-05 02:28 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-11 10:41 - 2016-10-05 02:28 - 00123904 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 10:41 - 2016-10-05 02:27 - 00945664 ____C (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-11 10:41 - 2016-10-05 02:27 - 00094208 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 10:41 - 2016-10-05 02:27 - 00087040 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 10:41 - 2016-10-05 02:23 - 01908224 ____C (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-11 10:41 - 2016-10-05 02:22 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-11 10:41 - 2016-10-05 02:21 - 00167936 ____C (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-11 10:41 - 2016-10-05 02:20 - 00936960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-11 10:41 - 2016-10-05 02:18 - 01656832 ____C (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-11 10:41 - 2016-10-05 02:17 - 04136960 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-11 10:41 - 2016-10-05 02:17 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-11 10:41 - 2016-10-05 02:16 - 06664192 ____C (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-11 10:41 - 2016-10-05 02:16 - 00771072 ____C (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-11 10:41 - 2016-10-05 02:16 - 00508416 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 00833024 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 00774656 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-11 10:41 - 2016-10-05 02:15 - 00716800 ____C (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 01456640 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-11 10:41 - 2016-10-05 02:14 - 01013760 ____C (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-11 10:41 - 2016-10-05 02:13 - 01328128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-11 10:41 - 2016-10-05 02:12 - 00998912 ____C (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-11 10:41 - 2016-10-05 02:12 - 00924672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 10:41 - 2016-10-05 02:11 - 03496960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-11 10:41 - 2016-10-05 02:09 - 03369984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-11 10:41 - 2016-10-05 02:08 - 02356736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-11 10:41 - 2016-10-05 02:08 - 00598528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-11 10:41 - 2016-10-05 02:07 - 00589312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-11 10:41 - 2016-10-05 02:06 - 01013248 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-11 10:41 - 2016-10-05 02:05 - 03105792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-11 10:41 - 2016-10-05 02:05 - 00751104 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 10:41 - 2016-10-04 17:01 - 00446124 ____C C:\WINDOWS\system32\ApnDatabase.xml
2016-10-10 13:54 - 2016-10-10 13:54 - 00000114 _____ C:\Users\fast\Desktop\photo.php.url
2016-10-10 02:34 - 2016-10-10 02:36 - 55709528 _____ C:\Users\fast\Desktop\Blue Bag find 10.08.16.webm
2016-10-10 01:16 - 2016-10-10 01:21 - 113487264 _____ C:\Users\fast\Desktop\Blue Bag drop (zoom) 10.06.16.webm
2016-10-10 01:10 - 2016-10-10 01:13 - 69983839 _____ C:\Users\fast\Desktop\Blue Bag drop 10.06.16.webm
2016-10-10 01:03 - 2016-10-10 01:03 - 00001192 _____ C:\Users\Public\Desktop\Icecream Screen Recorder.lnk
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Users\fast\AppData\Local\Icecream
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Users\fast\.Icecream Screen Recorder
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2016-10-10 01:03 - 2016-10-10 01:03 - 00000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2016-10-10 01:02 - 2016-10-10 01:03 - 51423528 _____ (Icecream Apps ) C:\Users\fast\Downloads\screen_recorder_setup.exe
2016-10-10 01:02 - 2016-10-10 01:02 - 00013824 ___SH C:\Users\fast\Downloads\Thumbs.db
2016-10-09 12:22 - 2016-10-09 12:22 - 00019016 _____ C:\Users\fast\Desktop\ANONYMOUS-FAST.speccy
2016-10-08 19:03 - 2016-10-08 19:03 - 00372594 _____ C:\Users\fast\Downloads\syslog (7).txt
2016-10-08 19:02 - 2016-10-08 19:02 - 00372594 _____ C:\Users\fast\Downloads\syslog (6).txt
2016-10-08 18:40 - 2016-10-08 18:40 - 00003266 _____ C:\WINDOWS\System32\Tasks\Private Internet Access Startup
2016-10-08 18:40 - 2016-10-08 18:40 - 00000000 ____D C:\Users\fast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Private Internet Access
2016-10-08 18:36 - 2016-10-08 18:36 - 00353250 _____ C:\Users\fast\Downloads\syslog (5).txt
2016-10-08 18:25 - 2016-10-08 18:25 - 00345575 _____ C:\Users\fast\Downloads\syslog (4).txt
2016-10-08 18:25 - 2016-10-08 18:25 - 00345374 _____ C:\Users\fast\Downloads\syslog (3).txt
2016-10-08 18:20 - 2016-10-08 18:20 - 00342566 _____ C:\Users\fast\Downloads\syslog (2).txt
2016-10-08 18:20 - 2016-10-08 18:20 - 00342566 _____ C:\Users\fast\Downloads\syslog (1).txt
2016-10-07 22:52 - 2016-10-07 22:52 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00394496 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00334608 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00089328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00085744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00639728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00244504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2016-10-07 22:45 - 2016-10-07 22:45 - 00271112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2016-10-06 04:36 - 2016-10-06 04:36 - 00089432 _____ C:\Users\fast\Downloads\BKD-73615195948.pdf
2016-10-06 04:33 - 2016-10-25 01:05 - 00000000 ____D C:\Users\fast\Desktop\customer photos
2016-10-06 03:28 - 2016-10-06 03:29 - 00000000 ____D C:\Program Files\Speccy
2016-10-06 03:28 - 2016-10-06 03:28 - 00000837 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-10-06 03:28 - 2016-10-06 03:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-10-06 03:25 - 2016-10-06 03:26 - 16499104 _____ (Piriform Ltd) C:\Users\fast\Downloads\CCleanerBundle-1016-Setup.exe
2016-10-06 03:04 - 2016-10-06 03:05 - 08243736 _____ (Piriform Ltd) C:\Users\fast\Downloads\ccsetup522pro.exe
2016-10-06 02:59 - 2016-10-06 03:32 - 00000000 ____D C:\Program Files\Defraggler
2016-10-06 02:59 - 2016-10-06 03:27 - 00001765 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-10-06 02:59 - 2016-10-06 02:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-10-06 02:58 - 2016-10-06 02:59 - 03326496 _____ (Piriform Ltd) C:\Users\fast\Downloads\dfsetup221_pro.exe
2016-10-04 09:10 - 2016-10-04 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJI Product
2016-10-04 09:10 - 2016-10-04 09:10 - 00000000 ____D C:\Program Files (x86)\DJI Product
2016-10-04 09:08 - 2016-10-14 19:51 - 00001378 _____ C:\Users\Public\Desktop\DJI GimbalAssistant.lnk
2016-10-03 13:40 - 2016-10-03 13:40 - 00356056 _____ (Spotify Ltd) C:\Users\fast\Downloads\SpotifySetup.exe
2016-10-03 12:09 - 2016-10-03 12:09 - 00000000 ____D C:\Users\fast\Documents\Intuit
2016-10-03 12:09 - 2016-10-03 12:09 - 00000000 ____D C:\Users\fast\AppData\Roaming\Nuance
2016-10-03 11:06 - 2016-10-03 11:06 - 00001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-10-03 11:06 - 2016-10-03 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-10-03 11:06 - 2016-10-03 11:06 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-03 11:03 - 2016-10-03 11:05 - 11579432 _____ (SurfRight B.V.) C:\Users\fast\Downloads\hitmanpro_x64.exe
2016-10-01 20:06 - 2016-09-15 10:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-10-01 20:06 - 2016-09-15 10:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-10-01 20:06 - 2016-09-15 10:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-10-01 20:06 - 2016-09-15 10:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-10-01 20:06 - 2016-09-15 10:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-10-01 20:06 - 2016-09-15 10:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-10-01 20:06 - 2016-09-15 10:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-10-01 20:06 - 2016-09-15 10:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-10-01 20:06 - 2016-09-15 10:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-10-01 20:06 - 2016-09-15 10:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-10-01 20:06 - 2016-09-15 10:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-10-01 20:06 - 2016-09-15 10:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-10-01 20:06 - 2016-09-15 10:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-10-01 20:06 - 2016-09-15 10:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-10-01 20:06 - 2016-09-15 10:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-10-01 20:06 - 2016-09-15 10:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-10-01 20:06 - 2016-09-15 10:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-10-01 20:06 - 2016-09-15 09:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-10-01 20:06 - 2016-09-15 09:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-10-01 20:06 - 2016-09-15 09:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-10-01 20:06 - 2016-09-15 09:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-10-01 20:06 - 2016-09-15 09:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-10-01 20:06 - 2016-09-15 09:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-10-01 20:06 - 2016-09-15 09:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-10-01 20:06 - 2016-09-15 09:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-10-01 20:06 - 2016-09-15 09:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-10-01 20:06 - 2016-09-15 09:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-10-01 20:06 - 2016-09-15 09:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-10-01 20:06 - 2016-09-15 09:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-10-01 20:06 - 2016-09-15 09:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-10-01 20:06 - 2016-09-15 09:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-10-01 20:06 - 2016-09-15 09:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-10-01 20:06 - 2016-09-15 09:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-10-01 20:06 - 2016-09-15 09:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-10-01 20:06 - 2016-09-15 09:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-10-01 20:06 - 2016-09-15 09:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-10-01 20:06 - 2016-09-15 09:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-10-01 20:06 - 2016-09-15 09:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-10-01 20:06 - 2016-09-15 09:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-10-01 20:06 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-10-01 20:06 - 2016-09-15 09:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-10-01 20:06 - 2016-09-15 09:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-10-01 20:06 - 2016-09-15 09:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-10-01 20:06 - 2016-09-15 09:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-10-01 20:06 - 2016-09-15 09:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-10-01 20:06 - 2016-09-15 09:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-10-01 20:06 - 2016-09-15 09:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-10-01 20:06 - 2016-09-15 09:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-10-01 20:06 - 2016-09-15 09:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-10-01 20:06 - 2016-09-15 09:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-10-01 20:06 - 2016-09-15 09:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-10-01 20:06 - 2016-09-15 09:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-10-01 20:06 - 2016-09-15 09:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-10-01 20:06 - 2016-09-15 09:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-10-01 20:06 - 2016-09-15 09:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-10-01 20:06 - 2016-09-15 09:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-10-01 20:06 - 2016-09-15 09:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-10-01 20:06 - 2016-09-15 09:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-10-01 20:06 - 2016-09-15 09:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-10-01 20:06 - 2016-09-15 09:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-10-01 20:06 - 2016-09-15 09:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-10-01 20:06 - 2016-09-15 09:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-10-01 20:06 - 2016-09-15 09:16 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2016-10-01 20:06 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-10-01 20:05 - 2016-09-15 10:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-10-01 20:05 - 2016-09-15 10:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-10-01 20:05 - 2016-09-15 10:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-01 20:05 - 2016-09-15 10:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-10-01 20:05 - 2016-09-15 10:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-10-01 20:05 - 2016-09-15 10:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-01 20:05 - 2016-09-15 10:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-10-01 20:05 - 2016-09-15 10:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-10-01 20:05 - 2016-09-15 10:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-10-01 20:05 - 2016-09-15 09:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-10-01 20:05 - 2016-09-15 09:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-10-01 20:05 - 2016-09-15 09:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-10-01 20:05 - 2016-09-15 09:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-10-01 20:05 - 2016-09-15 09:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-10-01 20:05 - 2016-09-15 09:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-10-01 20:05 - 2016-09-15 09:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-10-01 20:05 - 2016-09-15 09:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-10-01 20:05 - 2016-09-15 09:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-10-01 20:05 - 2016-09-15 09:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-10-01 20:05 - 2016-09-15 09:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-10-01 20:05 - 2016-09-15 09:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-10-01 20:05 - 2016-09-15 09:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-10-01 20:05 - 2016-09-15 09:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-10-01 20:05 - 2016-09-15 09:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-10-01 20:05 - 2016-09-15 09:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-10-01 20:05 - 2016-09-15 09:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-10-01 20:05 - 2016-09-15 09:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-10-01 20:05 - 2016-09-15 09:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-10-01 20:05 - 2016-09-15 09:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-10-01 20:05 - 2016-09-15 09:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-10-01 20:05 - 2016-09-15 09:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-10-01 20:05 - 2016-09-15 09:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-10-01 20:05 - 2016-09-15 09:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-10-01 20:05 - 2016-09-15 09:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-10-01 20:05 - 2016-09-15 09:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-10-01 20:05 - 2016-09-15 09:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-10-01 20:05 - 2016-09-15 09:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-10-01 20:05 - 2016-09-15 09:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-10-01 20:05 - 2016-09-15 09:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-10-01 20:05 - 2016-09-15 09:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-10-01 20:05 - 2016-09-15 09:28 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2016-10-01 20:05 - 2016-09-15 09:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-10-01 20:05 - 2016-09-15 09:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-10-01 20:05 - 2016-09-15 09:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-10-01 20:05 - 2016-09-15 09:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-10-01 20:05 - 2016-09-15 09:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-10-01 20:05 - 2016-09-15 09:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-10-01 20:05 - 2016-09-15 09:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-10-01 20:05 - 2016-09-15 09:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-10-01 20:05 - 2016-09-15 09:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-10-01 20:05 - 2016-09-15 09:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-10-01 20:05 - 2016-09-15 09:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-10-01 20:05 - 2016-09-15 09:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-10-01 20:05 - 2016-09-15 09:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-10-01 20:05 - 2016-09-15 09:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-10-01 20:05 - 2016-09-15 09:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-10-01 20:04 - 2016-09-15 10:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-10-01 20:04 - 2016-09-15 10:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-10-01 20:04 - 2016-09-15 10:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-10-01 20:04 - 2016-09-15 10:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-10-01 20:04 - 2016-09-15 10:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-10-01 20:04 - 2016-09-15 10:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-10-01 20:04 - 2016-09-15 10:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-10-01 20:04 - 2016-09-15 10:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-10-01 20:04 - 2016-09-15 10:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-10-01 20:04 - 2016-09-15 10:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-10-01 20:04 - 2016-09-15 10:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-10-01 20:04 - 2016-09-15 10:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-10-01 20:04 - 2016-09-15 10:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-10-01 20:04 - 2016-09-15 10:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-10-01 20:04 - 2016-09-15 10:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-10-01 20:04 - 2016-09-15 10:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-10-01 20:04 - 2016-09-15 10:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-10-01 20:04 - 2016-09-15 10:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-10-01 20:04 - 2016-09-15 09:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-01 20:04 - 2016-09-15 09:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-10-01 20:04 - 2016-09-15 09:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-10-01 20:04 - 2016-09-15 09:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-10-01 20:04 - 2016-09-15 09:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-10-01 20:04 - 2016-09-15 09:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-10-01 20:04 - 2016-09-15 09:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-10-01 20:04 - 2016-09-15 09:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-10-01 20:04 - 2016-09-15 09:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-10-01 20:04 - 2016-09-15 09:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-10-01 20:04 - 2016-09-15 09:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-10-01 20:04 - 2016-09-15 09:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-10-01 20:04 - 2016-09-15 09:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-10-01 20:04 - 2016-09-15 09:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-10-01 20:04 - 2016-09-15 09:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-10-01 20:04 - 2016-09-15 09:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-10-01 20:04 - 2016-09-15 09:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-10-01 20:04 - 2016-09-15 09:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-10-01 20:04 - 2016-09-15 09:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-10-01 20:04 - 2016-09-15 09:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-10-01 20:04 - 2016-09-15 09:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-10-01 20:04 - 2016-09-15 09:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-10-01 20:04 - 2016-09-15 09:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-10-01 20:04 - 2016-09-15 09:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-10-01 20:04 - 2016-09-15 09:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-10-01 20:04 - 2016-09-15 09:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-10-01 20:04 - 2016-09-15 09:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-10-01 20:04 - 2016-09-15 09:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-10-01 20:04 - 2016-09-15 09:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-10-01 20:04 - 2016-09-15 09:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-10-01 20:04 - 2016-09-15 09:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-10-01 20:04 - 2016-09-15 09:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-10-01 20:04 - 2016-09-15 09:30 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2016-10-01 20:04 - 2016-09-15 09:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-10-01 20:04 - 2016-09-15 09:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-10-01 20:04 - 2016-09-15 09:28 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2016-10-01 20:04 - 2016-09-15 09:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-10-01 20:04 - 2016-09-15 09:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-10-01 20:04 - 2016-09-15 09:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-10-01 20:04 - 2016-09-15 09:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-10-01 20:04 - 2016-09-15 09:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-10-01 20:04 - 2016-09-15 09:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-10-01 20:04 - 2016-09-15 09:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-10-01 20:04 - 2016-09-15 09:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-10-01 20:04 - 2016-09-15 09:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-10-01 20:04 - 2016-09-15 09:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-10-01 20:04 - 2016-09-15 09:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-10-01 20:04 - 2016-09-15 09:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-10-01 20:04 - 2016-09-15 09:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-10-01 20:03 - 2016-09-15 10:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-10-01 20:03 - 2016-09-15 10:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-10-01 20:03 - 2016-09-15 10:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-10-01 20:03 - 2016-09-15 10:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-10-01 20:03 - 2016-09-15 10:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-10-01 20:03 - 2016-09-15 10:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-10-01 20:03 - 2016-09-15 10:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-10-01 20:03 - 2016-09-15 10:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-10-01 20:03 - 2016-09-15 10:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-10-01 20:03 - 2016-09-15 10:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-10-01 20:03 - 2016-09-15 10:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-10-01 20:03 - 2016-09-15 10:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-01 20:03 - 2016-09-15 10:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-10-01 20:03 - 2016-09-15 10:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-10-01 20:03 - 2016-09-15 10:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-10-01 20:03 - 2016-09-15 09:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-10-01 20:03 - 2016-09-15 09:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-10-01 20:03 - 2016-09-15 09:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-10-01 20:03 - 2016-09-15 09:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-10-01 20:03 - 2016-09-15 09:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-10-01 20:03 - 2016-09-15 09:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-10-01 20:03 - 2016-09-15 09:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-10-01 20:03 - 2016-09-15 09:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-10-01 20:03 - 2016-09-15 09:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-10-01 20:03 - 2016-09-15 09:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-10-01 20:03 - 2016-09-15 09:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-10-01 20:03 - 2016-09-15 09:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-10-01 20:03 - 2016-09-15 09:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-10-01 20:03 - 2016-09-15 09:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-10-01 20:03 - 2016-09-15 09:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-10-01 20:03 - 2016-09-15 09:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-10-01 20:03 - 2016-09-15 09:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-10-01 20:03 - 2016-09-15 09:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-10-01 20:03 - 2016-09-15 09:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-10-01 20:03 - 2016-09-15 09:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-10-01 20:03 - 2016-09-15 09:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-10-01 20:03 - 2016-09-15 09:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-10-01 20:03 - 2016-09-15 09:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-10-01 20:03 - 2016-09-15 09:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-10-01 20:03 - 2016-09-15 09:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-10-01 20:03 - 2016-09-15 09:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-10-01 20:03 - 2016-09-15 09:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-10-01 20:03 - 2016-09-15 09:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-10-01 20:03 - 2016-09-15 09:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-10-01 20:03 - 2016-09-15 09:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-10-01 20:03 - 2016-09-15 09:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-10-01 20:03 - 2016-09-15 09:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-10-01 20:03 - 2016-09-15 09:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-10-01 20:03 - 2016-09-15 09:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-10-01 20:03 - 2016-09-15 09:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-10-01 20:03 - 2016-09-15 09:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-10-01 20:03 - 2016-09-15 09:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-10-01 20:03 - 2016-09-15 09:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-10-01 20:03 - 2016-09-15 09:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-10-01 20:03 - 2016-09-15 09:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-10-01 20:03 - 2016-09-15 09:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-10-01 20:03 - 2016-09-15 09:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-10-01 20:03 - 2016-09-15 09:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-10-01 20:03 - 2016-08-05 20:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-10-01 20:03 - 2016-08-05 01:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2016-10-01 20:02 - 2016-09-15 10:29 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-10-01 20:02 - 2016-09-15 10:29 - 00127328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2016-10-01 20:02 - 2016-09-15 10:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-10-01 20:02 - 2016-09-15 10:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-10-01 20:02 - 2016-09-15 10:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-10-01 20:02 - 2016-09-15 10:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-10-01 20:02 - 2016-09-15 10:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-10-01 20:02 - 2016-09-15 10:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-10-01 20:02 - 2016-09-15 10:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-10-01 20:02 - 2016-09-15 10:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-10-01 20:02 - 2016-09-15 10:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-10-01 20:02 - 2016-09-15 10:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-10-01 20:02 - 2016-09-15 09:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-10-01 20:02 - 2016-09-15 09:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-10-01 20:02 - 2016-09-15 09:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-10-01 20:02 - 2016-09-15 09:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-10-01 20:02 - 2016-09-15 09:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-10-01 20:02 - 2016-09-15 09:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-10-01 20:02 - 2016-09-15 09:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-10-01 20:02 - 2016-09-15 09:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-10-01 20:02 - 2016-09-15 09:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-10-01 20:02 - 2016-09-15 09:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-10-01 20:02 - 2016-09-15 09:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-10-01 20:02 - 2016-09-15 09:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-10-01 20:02 - 2016-09-15 09:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-10-01 20:02 - 2016-09-15 09:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-10-01 20:02 - 2016-09-15 09:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-10-01 20:02 - 2016-09-15 09:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-10-01 20:02 - 2016-09-15 09:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-10-01 20:02 - 2016-09-15 09:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-10-01 20:02 - 2016-09-15 09:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-10-01 20:02 - 2016-09-15 09:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-10-01 20:02 - 2016-09-15 09:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-10-01 20:02 - 2016-09-15 09:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-10-01 20:02 - 2016-09-15 09:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-10-01 20:02 - 2016-09-15 09:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-10-01 20:02 - 2016-09-15 09:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-10-01 20:02 - 2016-09-15 09:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-10-01 20:02 - 2016-09-15 09:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-10-01 20:02 - 2016-09-15 09:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-10-01 20:02 - 2016-09-15 09:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-10-01 20:02 - 2016-09-15 09:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-10-01 20:02 - 2016-09-15 09:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-10-01 20:02 - 2016-09-15 09:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-10-01 20:02 - 2016-09-15 09:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-10-01 20:02 - 2016-09-15 09:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-10-01 20:02 - 2016-09-15 09:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-10-01 20:02 - 2016-09-15 09:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-10-01 20:02 - 2016-09-15 09:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-10-01 20:02 - 2016-09-15 09:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-10-01 20:02 - 2016-09-15 09:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-10-01 20:02 - 2016-09-15 09:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-10-01 20:02 - 2016-09-15 09:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-10-01 20:02 - 2016-09-15 09:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-10-01 20:02 - 2016-09-15 09:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-10-01 20:02 - 2016-09-15 09:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-10-01 20:02 - 2016-09-15 09:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-10-01 20:02 - 2016-09-15 09:26 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2016-10-01 20:02 - 2016-09-15 09:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-10-01 20:02 - 2016-09-15 09:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-10-01 20:02 - 2016-09-15 09:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-10-01 20:02 - 2016-09-15 09:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-10-01 20:02 - 2016-09-15 09:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-10-01 20:02 - 2016-09-15 09:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-10-01 20:02 - 2016-09-15 09:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-10-01 20:02 - 2016-09-15 09:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-10-01 20:02 - 2016-09-15 09:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-10-01 20:02 - 2016-08-05 20:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-10-01 19:15 - 2016-10-01 19:15 - 00000000 ___HD C:\$SysReset
2016-10-01 03:55 - 2016-10-01 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-01 03:55 - 2016-10-01 20:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-30 14:09 - 2016-09-30 14:09 - 01474527 _____ C:\Users\fast\Downloads\he7210 (1).pdf
2016-09-30 14:08 - 2016-09-30 16:47 - 02188607 _____ C:\Users\fast\Downloads\he7210.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-10-30 05:49 - 2015-06-26 04:09 - 00000000 ____D C:\FRST
2016-10-30 05:29 - 2016-09-21 17:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-30 02:00 - 2016-04-28 08:43 - 00000000 ____D C:\Users\fast\AppData\Local\Adobe
2016-10-29 22:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-29 22:29 - 2016-04-27 23:05 - 01420560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-29 22:25 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-29 22:24 - 2016-09-21 17:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-10-29 22:24 - 2015-09-10 09:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-29 22:24 - 2015-06-12 00:16 - 00000000 __SHD C:\Users\fast\IntelGraphicsProfiles
2016-10-29 22:23 - 2016-09-21 18:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-29 22:23 - 2016-09-21 17:56 - 04975168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 22:22 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-29 22:22 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-29 22:22 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-29 22:22 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 22:22 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-10-29 22:22 - 2016-07-15 23:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-10-29 22:21 - 2016-07-16 04:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-29 22:20 - 2016-09-21 17:57 - 00000000 ____D C:\Users\fast
2016-10-29 20:57 - 2016-04-28 00:13 - 00000000 ____D C:\Users\fast\AppData\Roaming\Video Client
2016-10-29 04:50 - 2016-04-28 18:37 - 00000000 ____D C:\Users\fast\AppData\Local\ElevatedDiagnostics
2016-10-28 17:04 - 2016-04-27 23:07 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-28 13:32 - 2016-05-02 15:45 - 01627648 ___SH C:\Users\fast\Desktop\Thumbs.db
2016-10-28 11:53 - 2016-04-27 23:14 - 00000000 ____D C:\Users\fast\AppData\Local\Google
2016-10-27 18:37 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-27 14:45 - 2016-04-27 23:01 - 00000000 ____D C:\Users\fast\AppData\Local\Packages
2016-10-25 04:38 - 2016-04-29 13:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-25 03:38 - 2016-07-16 04:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-25 02:06 - 2016-07-05 13:42 - 00000000 ____D C:\Users\fast\Desktop\product info.bullet
2016-10-25 02:06 - 2016-03-31 20:03 - 00000000 ____D C:\Users\fast\Desktop\kj
2016-10-25 02:06 - 2015-08-25 01:50 - 00000000 ____D C:\Users\fast\Desktop\mindmap
2016-10-25 02:05 - 2016-03-10 15:26 - 00000000 ____D C:\Users\fast\Desktop\dji
2016-10-25 02:05 - 2015-06-29 09:57 - 00000000 ____D C:\Users\fast\Desktop\DvrClient
2016-10-25 01:59 - 2016-06-12 02:36 - 00000000 ____D C:\Users\fast\Desktop\Phone text messages
2016-10-25 01:59 - 2016-03-30 00:21 - 00000000 ____D C:\Users\fast\Desktop\PayPal Website Payment Details - PayPal_files
2016-10-25 01:56 - 2016-09-09 22:53 - 00000000 ____D C:\Users\fast\Desktop\liz
2016-10-25 01:08 - 2016-06-03 14:05 - 00000000 ____D C:\Users\fast\Desktop\jenny
2016-10-25 01:08 - 2016-04-21 15:48 - 00000000 ____D C:\Users\fast\Desktop\Jenn
2016-10-25 01:05 - 2016-06-24 00:39 - 00000000 ____D C:\Users\fast\Desktop\AUTEL Vid
2016-10-25 01:05 - 2016-04-06 15:14 - 00000000 ____D C:\Users\fast\Desktop\bank statements
2016-10-25 00:58 - 2016-09-23 07:19 - 00002434 _____ C:\Users\fast\Desktop\Kris - Chrome.lnk
2016-10-24 16:30 - 2016-07-16 04:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-24 16:30 - 2016-07-16 04:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-24 07:27 - 2016-04-28 08:32 - 00000000 ____D C:\ProgramData\Adobe
2016-10-24 07:26 - 2016-09-21 17:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-10-24 07:26 - 2016-09-21 17:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-24 02:27 - 2016-04-27 23:51 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-10-24 00:48 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-23 23:24 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-23 23:10 - 2016-09-26 05:59 - 00000000 ____D C:\Program Files (x86)\EvLog 3.0
2016-10-23 23:09 - 2016-05-27 04:14 - 00000000 ____D C:\Program Files\CCleaner
2016-10-21 12:39 - 2016-09-23 04:30 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-21 12:39 - 2016-09-23 04:30 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-16 14:54 - 2016-05-27 04:14 - 00000000 ____D C:\Program Files\Recuva
2016-10-14 05:02 - 2016-04-27 23:06 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 18:08 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-11 16:03 - 2016-05-31 05:10 - 00000000 ____D C:\Program Files\pia_manager
2016-10-11 15:50 - 2016-09-21 18:02 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-11 15:50 - 2016-07-18 11:58 - 00001543 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-10-11 15:50 - 2016-07-18 11:58 - 00001531 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-10-11 15:50 - 2016-04-28 08:43 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-10-11 15:50 - 2016-04-28 08:43 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-11 15:32 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-11 11:07 - 2016-04-27 23:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-11 10:34 - 2016-07-16 04:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-11 10:34 - 2016-07-16 04:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-08 03:37 - 2016-06-30 13:30 - 08519680 _____ C:\Users\fast\Documents\Database1.accdb
2016-10-08 03:19 - 2015-09-08 00:48 - 00136192 ___SH C:\Users\fast\Documents\Thumbs.db
2016-10-07 11:10 - 2016-05-23 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2016-10-07 11:10 - 2016-05-23 15:11 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-10-07 11:10 - 2016-04-30 15:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-07 10:58 - 2016-09-21 18:56 - 00000000 ____D C:\WINDOWS\Panther
2016-10-06 03:28 - 2016-05-27 04:14 - 00001699 _____ C:\Users\Public\Desktop\Recuva.lnk
2016-10-06 03:26 - 2016-05-27 04:14 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-06 02:47 - 2016-06-13 14:40 - 00000000 ____D C:\Program Files (x86)\HP
2016-10-03 15:12 - 2015-06-13 16:01 - 00000000 ____D C:\Users\fast\AppData\LocalLow\LastPass
2016-10-03 12:09 - 2016-05-03 19:24 - 00000000 ____D C:\ProgramData\Nuance
2016-10-02 23:09 - 2016-07-16 07:29 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-02 23:09 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-02 23:09 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-02 23:09 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-02 23:09 - 2016-07-15 23:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-01 20:29 - 2016-09-28 23:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-01 20:29 - 2016-07-18 05:30 - 00000000 ____D C:\Users\fast\AppData\Roaming\vlc
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\DDFs
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-10-01 20:29 - 2016-07-16 04:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-10-01 20:29 - 2016-04-28 00:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-01 20:28 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\registration
2016-10-01 20:28 - 2016-05-06 17:41 - 00000000 ____D C:\Users\fast\AppData\Roaming\Skype
2016-10-01 20:28 - 2016-05-06 17:41 - 00000000 ____D C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2016-06-01 11:27 - 2016-06-01 11:27 - 21737496 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-06-13 02:53 - 2016-06-15 01:24 - 0000132 _____ () C:\Users\fast\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-04-28 03:44 - 2016-09-23 09:15 - 0007636 _____ () C:\Users\fast\AppData\Local\resmon.resmoncfg
2016-06-13 14:40 - 2016-06-13 14:40 - 0000057 _____ () C:\ProgramData\Ament.ini
 
Files to move or delete:
====================
C:\Users\fast\lastpass_x64 (1).exe
C:\Users\fast\lastpass_x64.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-10-23 20:25
 
==================== End of FRST.txt ============================
Attached File  Addition.txt   42.79KB   1 downloadsAttached File  Addition.txt   42.79KB   1 downloads
 


#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:16 AM

Posted 04 November 2016 - 05:05 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

 

Mod Edit:  Topic reopened per OP request rec'd via PM - Hamluis.


Edited by hamluis, 06 November 2016 - 07:11 AM.
Reopened - Hamluis.


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:16 PM

Posted 15 November 2016 - 12:29 PM

Hello,

I'm sorry for the long wait, it looks like this topic was overlooked.

 

Goggle blocks certain sites of itself, reason being unusual traffic detected. 

This is perfectly normal, google does that based on sites you visit, not based on what happens on your computer.

 

Your logs look all perfectly normal, there is no malware present. It would help if you could describe what actually is not working right (the traffic you described in your first post is not a sign of malware, it is normal to see this). 

 

Do you experience any issues that could point towards malware (browser redirects, pop ups, extreme slowness, ...)?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#6 Titan-man

Titan-man
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 17 November 2016 - 04:30 AM

Hi Elise, 

I apologize for my delay and thank you for your help. I do hope you are correct with your initial thoughts as to the state of my computer. I wish I would have kept better notes however I did not so this is what I remember. I will attach supporting data and hope I'm not exposing myself any. please remove anything not appropriate. My computer skill level is low so maybe I am wrong however I know when something is not right and this is wrong! This is not malware in that there are no pop-ups, redirects, tool bars and my computer is not slow. I believe something came from a laptop used both on our LAN and elsewhere. We do not access our network from outside and no remote access have we granted. I will list what I noticed and will try to get the timeline correct, I will not though.

Warning to reconnect file history drive. (drive is WD DL4100)

Restore points are gone.

Google blocks access to analytics and to paid ad spot links. (2 files)

Router shows unusual WAN traffic from time clock (1 file), HP printer, laptop & desk top (current topic)

Router shows port forwarding from !192.168.1.0 to 192.168.1.1 several times however port forwarding is disabled. (2 file) 

Lots of remote access and changing time as seen in these EvLogs (10 files)

 

With that I will stop now until you have a chance to tell me I'm crazy. I attached some other stuff found? Ask for anything you need more from me. A couple of things that come to mind.

 

The time clock stopped working and tech from the company tried trouble shooting the clock. The clock would not allow firmware to update and I was sent another clock. Also clock was sending out hundreds of MB instead of the 127k per hour it usually reported.

 

I tried to download FRST on to the laptop and it would go into a loop not allowing the download. Maybe unrelated and I was able to download, run and have those for you as well. Not posting them because they should be a new topic? Thought I read that somewhere.

 

Last for now a couple times Google popped up captcha saying my traffic looked inhuman.

 

Again thank you and being as intelligent as you are you will see my company name in the files. If you need anything you only need ask.

 

TitanAttached File  Asus port forwarding.PNG   506.56KB   0 downloadsAttached File  44.png   782.76KB   0 downloadsAttached File  Google no connect 1.PNG   40.73KB   0 downloadsAttached File  Google no connect 2.PNG   379.19KB   0 downloadsAttached File  Time clock.PNG   50.29KB   0 downloadsAttached File  evlog3-2016-10-20.pdf   35.72KB   0 downloadsAttached File  evlog3-2016-10-21.pdf   45.47KB   1 downloadsAttached File  evlog3-2016-10-22.pdf   35.3KB   1 downloadsAttached File  evlog3-2016-10-23.pdf   44.89KB   0 downloadsAttached File  evlog3-2016-10-14.pdf   86.59KB   0 downloadsAttached File  evlog3-2016-10-15.pdf   80.24KB   0 downloadsAttached File  evlog3-2016-10-16.pdf   42.46KB   0 downloadsAttached File  evlog3-2016-10-17.pdf   42.42KB   0 downloadsAttached File  evlog3-2016-10-18.pdf   53.34KB   0 downloadsAttached File  evlog3-2016-10-19.pdf   45.57KB   0 downloadsAttached File  malware.txt   8.12KB   1 downloadsAttached File  syslog (1) router.txt   36.38KB   0 downloadsAttached File  syslog.txt   33.58KB   1 downloadsAttached File  Viperrescue NVIDIA.Steam Trojan.JPG   137.88KB   0 downloads 

 

  



#7 Titan-man

Titan-man
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 17 November 2016 - 03:09 PM

I forgot this piece. I have as you can see lass pass. The lass pass extension on Chrome is all kinds of funny. Not on Firefox though. the mouse tracks low and if I put the pointer on the password it inputs on the username. if I didnt catch it I would type my password unmasked. We use two layer sign in which uses code generator from my phone. Also last pass constantly logs out like never before. Is this all in my head? My gut says no and is usually right. I will send you something as I have a minute showing you what I need. And yes I removed, cleared cash and reinstalled last pass. Also I did a wipe of computer except personal files. The Google reject went away for 2-3 days and then came back. I found this in my user files (see attached)  

 

Best,

Titan

 

 

Attached File  user file pic.PNG   292.38KB   0 downloads



#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:16 PM

Posted 18 November 2016 - 05:55 AM

Warning to reconnect file history drive. (drive is WD DL4100)

 

Have you tried to check/change settings? (this is a known, annoying windows backup issue)

 

Restore points are gone.

 

Likewise, have you checked setings? Windows will flush restore points if they exceed size or if certain upgrades are done. Are you able to set a restore point now?

Last for now a couple times Google popped up captcha saying my traffic looked inhuman.

 

 

Google does that if you search often. To avoid it you could log in to a google account.

 

As for the blocks, I suspect its just mbam having those sites on their blacklist, you can check it in the logs.

 

The LAN connects are normal, the only thing I see in your event logs is that windows is not happy with the amount of free space on the disk and this can cause real problems with system restore and strange application behavior.

 

The files in your last screenshot are just usual userprofile files (the user specific registry hives, unless you want to risk losing the profile I strongly recommend you to leave those files alone).

 

Lastpass in chrome can be a bit erratic sometimes, I use it myself and there can be small issues. How did you install it (what installer did you use)?


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 Titan-man

Titan-man
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 19 November 2016 - 02:37 AM

Hi Elise,

 

I want to first thank you for your time. As you know when you use a tool everyday it becomes an extension of you. Over time you know the look and feel of it so well that when something is different, you know. I only regret not taking notes and logging better. What I gave you was only a part off all going on and obviously my inexperience shows by including normal operating files. My gut says something is up and the fact that everything you explained probable causes plus things I did not include happened all at once. It's just too much to fault at the same time including the laptop booting up several times on it's own (or remotely) when before all was smooth. I have screen shots where permissions were granted for remote logins and I know they were are are removed with each update. I would like your opinion as to a better OS then Microsoft, something less invasive. Windows 10 is terrible and only getting worse. Even something not so PnP user friendly as I love to learn and forever a student so I am willing to take the time needed. I will continue to look for something here (afraid maybe I wiped something you needed to see by resetting the OS on both computers) and correct the faults you advised me on. If I find something I will report back to you and ask for your consideration for admittance to your removal program and if I do not I will drown my sorrows in microbrews.

 

Best,

TM     



#10 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:16 PM

Posted 19 November 2016 - 02:58 AM

If everything looks okay, but you feel something is wrong, then I can only recommend you to reset your router, wipe all drives of the computer and do a full reinstall of Windows. Nothing short of that will obviously put you at ease. I can spend a week explaining what I think is normal, but I doubt it will make a difference.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#11 Titan-man

Titan-man
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 01 December 2016 - 07:22 AM

Hi Elise,

 

Still having crazy stuff but first to report I did all the things you asked... (in order)

 

 

 

Warning to reconnect file history drive. (drive is WD DL4100)

 

Have you tried to check/change settings? (this is a known, annoying windows backup issue)

 

I have tried connecting from computer however I am unable to create and maintain a network connection with the NAS. I have also gone through the user interface, including a soft reset of NAS with no luck. OS troubleshoot can't find any networking problems after a very quick scan.

 

 

Restore points are gone.

 

Likewise, have you checked setings? Windows will flush restore points if they exceed size or if certain upgrades are done. Are you able to set a restore point now?

 

 

The restore points are gone and also shadow copies. (I did some reading on this site) OS will not let me set up restore points Attached File  restore 12.1.16.PNG   351.98KB   0 downloads  Attached File  restore 1 12.1.16.PNG   133.41KB   0 downloads

 

 

 

Last for now a couple times Google popped up captcha saying my traffic looked inhuman.

 

 

Google does that if you search often. To avoid it you could log in to a google account.

 

 

 

I did not give enough information here as well as elsewhere. Not just the CAPTCHA however I am blocked from any google ads, even on this site. Blocked from signing into google analytics as well as others and I am always signed in. This happens on firefox using duck duck go.  I did screen captures of this however couldn't upload it here so a link to my dropbox...

https://www.dropbox.com/s/6zftxbrc8vh38xe/firefox%20duck%20duck%20ad%20block.webm?dl=0

 https://www.dropbox.com/s/s6gifxi6zicuxgu/Google%20no%20connect%2012.1.16.webm?dl=0

 

Also links to screen captures for google extension for lastpass and it's erratic behavior. I contacted lastpass support and their fix did nothing which was uninstalling and they provided a clean link to download it. Also I cleared everything from crome including removing it from my computer and reinstalling it. 

 https://www.dropbox.com/s/k6k0p5w5zjm0q81/lASTPASS%2011.23.16.webm?dl=0

https://www.dropbox.com/s/o00779mq4crtfi2/Lastpass%201%2011.23.16.webm?dl=0

 

The new stuff is I noticed the time clock on our network would delay > one minute to say "thank you" after swiping a FOB on it checking someone in or out. The time clock is connected to the router by Ethernet. My computer is also connected to router by Ethernet but other than that common connection to the router are in no way linked. To access the time clock I must go through the company providing the service's website. This is what I found on my computer as it was lost in a loop and as you can see from my FRST I do not have a F: drive. Attached File  11.30.16 c drive f drive.PNG   125.35KB   0 downloads 

 

Help...

 

TM

 


 

 



#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,308 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:16 PM

Posted 01 December 2016 - 08:53 AM

Looks like user permissions are messed up which causes the system restore error, you can google the error code to see more information.

 

The fact that certain programs do not behave as you'd expect them to usually are caused by software bugs, nto by malware. You have two options there; either use an alternative or try to sort out with the program's support if they can solve the issue.

 

As for removable drives, they show only up on FRST's log if they're connected. If you've connected them at one time, Windows will still remember the assigned drive letter though. Normal behavior that.


regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#13 Titan-man

Titan-man
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:16 AM

Posted 01 December 2016 - 08:57 AM

Thank you for your help. I really do appreciate it.

 

Best,

TM 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users