Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Hijack 'links-yahoo' Web Search in Chrome


  • This topic is locked This topic is locked
5 replies to this topic

#1 terrypen

terrypen

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 06 November 2016 - 09:30 PM

First post timed out...

 

Copied the topic title from similar post on here.

 

 

1. When using Chrome it opens up a tab labelled 'links-yahoo' that contains a search panel with a label Web Search. I usually have to open about 3 windows to get my normal home page.

 

2. On taking actions in chrome it frequently redirects me to a website showing pc technical advice

 

​I've switched to IE temporarily, issue is in Chrome.

Initial opening of Chrome opens links-yahoo.net rather than google.com

Links are getting added to pages that are not even on the page normally. (After clicking 'legitimate' links, bogus page opens; 3rd or 4th time will open legitimate page only to start process over again)

Some popups blocked are 'About:blank.html', some pc repair sites, etc.. some blocked are flash of some type.

 

 

 

Attached File  FRST.txt   95.61KB   4 downloads

 

Not sure what a 'normal' time to wait for a reply, wondered if I didn't get a reply due to me not copying and pasting the FRST.txt file in my post.  I tried but for some reason it kept timing out until I deleted all the text and attached the files... so I'm going to try to edit..

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by terry (administrator) on DESKTOP-B5089OQ (06-11-2016 17:19:26)
Running from C:\Users\terry\Downloads
Loaded Profiles: terry (Available Profiles: defaultuser0 & terry)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> Secure System
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(CenturyLink Inc) C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe
(VIA Technologies, Inc.) C:\Program Files (x86)\VIA XHCI UASP Utility\usb3Monitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2016-09-25] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [CenturyLinkTouchPointAgent] => C:\Program Files (x86)\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe [48616 2015-07-21] (CenturyLink Inc)
HKLM-x32\...\Run: [VIAxHCUtl] => C:\Program Files (x86)\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3710171672-2965925632-1851883111-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-3710171672-2965925632-1851883111-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3710171672-2965925632-1851883111-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{7754d6fa-0359-4da6-96ad-05cafe5db974}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{9e92ae91-5461-4b67-ae5c-b261b5a6f556}: [DhcpNameServer] 192.168.0.1 205.171.2.25
ManualProxies:

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-11-06] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-11-06] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-06] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2016-01-04] (Belarc, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-11-06] (Microsoft Corporation)

Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2016-11-06]
Edge Extension: (NAME) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.1.29.0_neutral__qq0fmhteeht3j [2016-11-06]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFPlgn
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFPlgn [2016-11-06] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-11-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-24] (Google Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default [2016-11-06]
CHR Extension: (Google Slides) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-24]
CHR Extension: (Google Docs) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-24]
CHR Extension: (Google Drive) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-24]
CHR Extension: (YouTube) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-24]
CHR Extension: (Adblock Plus) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-28]
CHR Extension: (Session Buddy) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2016-10-30]
CHR Extension: (Google Sheets) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-24]
CHR Extension: (Purity for Facebook™ (by FBPURITY.NET)) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcclfpgicliophbkfmnjlefcjmmfgfof [2016-09-24]
CHR Extension: (Google Docs Offline) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-24]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2016-11-06]
CHR Extension: (IE Tab) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2016-11-05]
CHR Extension: (Norton Identity Safe) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-11-06]
CHR Extension: (Bing2Google) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgoehlfmhfafaiepckjikpphoklijedl [2016-11-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-24]
CHR Extension: (Gmail) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-24]
CHR Extension: (Chrome Media Router) - C:\Users\terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-29]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\Exts\Chrome.crx [2016-11-06]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\Exts\Chrome.crx [2016-11-06]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-10-06] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2016-08-11] (Futuremark)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [45008 2016-08-25] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019792 2016-05-16] (Micro-Star INT'L CO., LTD.)
S3 hns; C:\Windows\System32\HostNetSvc.dll [552960 2016-10-14] (Microsoft Corporation)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [58296 2016-08-12] (Micro-Star INT'L CO., LTD.)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\Engine\22.5.2.15\NAV.exe [282016 2015-07-16] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-09-24] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 vmcompute; C:\Windows\system32\vmcompute.exe [1910784 2016-10-14] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-09-15] (Microsoft Corporation)
R2 vmms; C:\Windows\system32\vmms.exe [14422528 2016-10-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0307329.inf_amd64_55b6bd3e40065979\atikmdag.sys [26559504 2016-10-01] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0307329.inf_amd64_55b6bd3e40065979\atikmpag.sys [527264 2016-10-01] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [118848 2016-07-22] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\22.5.2.15\Definitions\BASHDefs\20150706.001\BHDrvx64.sys [1648880 2015-07-10] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-11-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-11-06] (Symantec Corporation)
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\22.5.2.15\Definitions\IPSDefs\20150710.001\IDSVia64.sys [692984 2015-07-10] (Symantec Corporation)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [22528 2016-09-26] (Microsoft Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-06] (Malwarebytes)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20161106.001\ENG64.SYS [138456 2016-11-06] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\Norton AntiVirus\NortonData\22.5.2.15\Definitions\VirusDefs\20161106.001\EX64.SYS [2148056 2016-11-06] (Symantec Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [24576 2016-09-26] (Microsoft Corporation)
S3 pcip; C:\Windows\System32\drivers\pcip.sys [46592 2016-09-26] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [50176 2016-09-26] (Microsoft Corporation)
S3 ramparser; C:\Windows\System32\drivers\ramparser.sys [30720 2016-09-26] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2016-09-25] (Realtek                                            )
S3 SRTSP; C:\Windows\system32\drivers\NAVx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2016-11-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
R3 Synth3dVsp; C:\Windows\System32\drivers\synth3dvsp.sys [103424 2016-09-26] (Microsoft Corporation)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [26624 2016-09-26] (Microsoft Corporation)
R3 vmsmp; C:\Windows\System32\drivers\vmswitch.sys [1616896 2016-09-15] (Microsoft Corporation)
R2 VMSP; C:\Windows\System32\drivers\vmswitch.sys [1616896 2016-09-15] (Microsoft Corporation)
R0 vmsproxy; C:\Windows\System32\drivers\vmsproxy.sys [33632 2016-08-05] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\System32\drivers\vmswitch.sys [1616896 2016-09-15] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\System32\drivers\vmswitch.sys [1616896 2016-09-15] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [207360 2016-09-26] (Microsoft Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-06 17:19 - 2016-11-06 17:19 - 00023066 _____ C:\Users\terry\Downloads\FRST.txt
2016-11-06 17:19 - 2016-11-06 17:19 - 00000000 ____D C:\FRST
2016-11-06 17:17 - 2016-11-06 17:19 - 02410496 _____ (Farbar) C:\Users\terry\Downloads\FRST64.exe
2016-11-06 16:21 - 2016-11-06 16:23 - 00000000 ____D C:\AdwCleaner
2016-11-06 16:18 - 2016-11-06 16:21 - 03910208 _____ C:\Users\terry\Downloads\adwcleaner_6.030.exe
2016-11-06 16:16 - 2016-11-06 16:16 - 00003670 _____ C:\Users\terry\Downloads\session_buddy_export_2016_11_06_16_16_17.csv
2016-11-06 15:47 - 2016-11-06 15:48 - 22851472 _____ (Malwarebytes ) C:\Users\terry\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-06 15:26 - 2016-11-06 15:26 - 00054736 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2016-11-06 15:25 - 2016-11-06 15:46 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-06 15:13 - 2016-11-06 15:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-06 15:13 - 2016-11-06 15:58 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-06 15:13 - 2016-11-06 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-06 15:13 - 2016-11-06 15:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-06 15:13 - 2016-11-06 15:13 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-06 15:13 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-06 15:13 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-06 15:09 - 2016-11-06 15:25 - 11579432 _____ (SurfRight B.V.) C:\Users\terry\Downloads\hitmanpro_x64.exe
2016-11-06 15:08 - 2016-11-06 15:12 - 22851472 _____ (Malwarebytes ) C:\Users\terry\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-06 14:18 - 2016-11-06 14:18 - 00000000 ____D C:\Users\terry\Documents\ProcAlyzer Dumps
2016-11-06 13:32 - 2016-07-16 03:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20161106-133235.backup
2016-11-06 13:27 - 2016-11-06 13:27 - 00000000 ____D C:\Program Files\Common Files\AV
2016-11-06 13:27 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-11-06 13:07 - 2016-11-06 16:34 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2016-11-06 13:06 - 2016-11-06 13:06 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2016-11-06 13:06 - 2016-11-06 13:06 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2016-11-06 13:06 - 2016-11-06 13:06 - 00003422 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-11-06 13:06 - 2016-11-06 13:06 - 00002707 _____ C:\Users\Public\Desktop\Norton AntiVirus Online.LNK
2016-11-06 13:06 - 2016-11-06 13:06 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-11-06 13:05 - 2016-11-06 13:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus Online
2016-11-06 13:01 - 2016-11-06 14:17 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-06 13:01 - 2016-11-06 13:27 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-06 13:01 - 2016-11-06 13:01 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-11-06 13:01 - 2016-11-06 13:01 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-11-06 13:01 - 2016-11-06 13:01 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-11-06 13:01 - 2016-11-06 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-11-06 13:01 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-11-06 12:58 - 2016-11-06 13:00 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\terry\Downloads\spybot-2.4.exe
2016-11-06 10:37 - 2016-11-06 10:37 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-11-06 10:18 - 2016-11-06 10:18 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002414 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00002393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-11-06 10:18 - 2016-11-06 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2016-11-06 10:06 - 2016-11-06 14:38 - 00000000 ____D C:\Program Files\Microsoft Office
2016-11-06 10:06 - 2016-11-06 10:06 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-06 10:05 - 2016-11-06 10:05 - 05575472 _____ (Microsoft Corporation) C:\Users\terry\Downloads\Setup.x64.en-US_ProPlusRetail_YMHGN-VTGQ8-DQ2X7-6W47G-QYH7H_TX_PR_act_1_.exe
2016-11-06 09:57 - 2016-11-06 09:57 - 13986264 _____ C:\Users\terry\Downloads\12082015061204.pptx
2016-11-05 11:37 - 2016-11-05 11:37 - 00830856 _____ (Blackfish Software) C:\Users\terry\Downloads\ietabhelper.exe
2016-11-05 11:37 - 2016-11-05 11:37 - 00000000 ____D C:\Users\terry\AppData\Local\IE Tab
2016-11-02 03:55 - 2016-11-02 03:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-11-02 03:55 - 2016-11-02 03:55 - 00000000 ____D C:\Program Files\CPUID
2016-11-02 03:54 - 2016-11-02 03:55 - 01189840 _____ ( ) C:\Users\terry\Downloads\hwmonitor_1.30.exe
2016-11-01 17:35 - 2016-11-01 17:35 - 00175728 _____ C:\Users\terry\Downloads\Submit_Elections_Confirmation.pdf
2016-11-01 17:09 - 2016-11-01 17:09 - 00113495 _____ C:\Users\terry\Downloads\Terry_Pendergrass_(96712).pdf
2016-11-01 17:00 - 2016-11-01 17:00 - 00146823 _____ C:\Users\terry\Downloads\Terry_Pendergrass_(96712)-_10%2F14%2F2016_(Regular_US)_-_Complete (3).pdf
2016-11-01 16:58 - 2016-11-01 16:58 - 00144037 _____ C:\Users\terry\Downloads\Save_for_Later_Confirmation.pdf
2016-11-01 16:58 - 2016-11-01 16:58 - 00144037 _____ C:\Users\terry\Downloads\Save_for_Later_Confirmation (1).pdf
2016-11-01 09:58 - 2016-11-01 09:58 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-01 09:58 - 2016-11-01 09:58 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-10-31 12:31 - 2016-10-31 12:31 - 00146818 _____ C:\Users\terry\Downloads\Terry_Pendergrass_(96712)-_10%2F14%2F2016_(Regular_US)_-_Complete (2).pdf
2016-10-31 12:31 - 2016-10-31 12:31 - 00010594 _____ C:\Users\terry\Downloads\Payslip_to_Print_10_31_2016.pdf
2016-10-31 12:29 - 2016-10-31 12:29 - 00146820 _____ C:\Users\terry\Downloads\Terry_Pendergrass_(96712)-_10%2F14%2F2016_(Regular_US)_-_Complete (1).pdf
2016-10-31 12:28 - 2016-10-31 12:29 - 00146821 _____ C:\Users\terry\Downloads\Terry_Pendergrass_(96712)-_10%2F14%2F2016_(Regular_US)_-_Complete.pdf
2016-10-28 14:57 - 2016-10-28 14:58 - 02658432 _____ (Kingston Technology Corporation) C:\Users\terry\Downloads\CloudII_FW_Update_0005.exe
2016-10-28 14:14 - 2016-10-14 20:51 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-28 14:14 - 2016-10-14 20:51 - 00894088 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-10-28 14:14 - 2016-10-14 20:48 - 07817568 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-28 14:14 - 2016-10-14 20:48 - 01354320 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-28 14:14 - 2016-10-14 20:48 - 01173496 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-10-28 14:14 - 2016-10-14 20:48 - 00498952 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2016-10-28 14:14 - 2016-10-14 20:47 - 01883784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 22224480 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 04673304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-28 14:14 - 2016-10-14 20:26 - 04129928 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 01990648 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 01472536 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 01274712 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 00811416 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-10-28 14:14 - 2016-10-14 20:26 - 00691080 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-10-28 14:14 - 2016-10-14 20:22 - 01608896 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-10-28 14:14 - 2016-10-14 20:22 - 01461200 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-10-28 14:14 - 2016-10-14 20:22 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-10-28 14:14 - 2016-10-14 20:22 - 00628040 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-10-28 14:14 - 2016-10-14 20:18 - 00749920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2016-10-28 14:14 - 2016-10-14 20:18 - 00576400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-10-28 14:14 - 2016-10-14 20:18 - 00186424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2016-10-28 14:14 - 2016-10-14 20:15 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-28 14:14 - 2016-10-14 20:15 - 01557808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2016-10-28 14:14 - 2016-10-14 20:11 - 01424488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-10-28 14:14 - 2016-10-14 20:11 - 01263848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-10-28 14:14 - 2016-10-14 20:02 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\HostGuardianServiceClientResources.dll
2016-10-28 14:14 - 2016-10-14 20:01 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 14:14 - 2016-10-14 19:57 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-10-28 14:14 - 2016-10-14 19:56 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\PrivateCloudHNSPlugin.dll
2016-10-28 14:14 - 2016-10-14 19:56 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2016-10-28 14:14 - 2016-10-14 19:55 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\HostNetSvc.dll
2016-10-28 14:14 - 2016-10-14 19:55 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2016-10-28 14:14 - 2016-10-14 19:54 - 00555008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-10-28 14:14 - 2016-10-14 19:54 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\vmcompute.dll
2016-10-28 14:14 - 2016-10-14 19:54 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-10-28 14:14 - 2016-10-14 19:54 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-10-28 14:14 - 2016-10-14 19:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-10-28 14:14 - 2016-10-14 19:53 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-10-28 14:14 - 2016-10-14 19:53 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 14:14 - 2016-10-14 19:53 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-28 14:14 - 2016-10-14 19:52 - 06285312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-10-28 14:14 - 2016-10-14 19:52 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-10-28 14:14 - 2016-10-14 19:51 - 14422528 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2016-10-28 14:14 - 2016-10-14 19:50 - 17188352 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-10-28 14:14 - 2016-10-14 19:50 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 14:14 - 2016-10-14 19:49 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-10-28 14:14 - 2016-10-14 19:48 - 03778560 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-10-28 14:14 - 2016-10-14 19:48 - 01323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2016-10-28 14:14 - 2016-10-14 19:47 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2016-10-28 14:14 - 2016-10-14 19:46 - 00471552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 14:14 - 2016-10-14 19:45 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-10-28 14:14 - 2016-10-14 19:44 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 14:14 - 2016-10-14 19:44 - 00470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 14:14 - 2016-10-14 19:43 - 01910784 _____ (Microsoft Corporation) C:\Windows\system32\vmcompute.exe
2016-10-28 14:14 - 2016-10-14 19:43 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\energy.dll
2016-10-28 14:14 - 2016-10-14 19:42 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-10-28 14:14 - 2016-10-14 19:42 - 00459776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 14:14 - 2016-10-14 19:42 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-10-28 14:14 - 2016-10-14 19:42 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-10-28 14:14 - 2016-10-14 19:41 - 12174848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-28 14:14 - 2016-10-14 19:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\vsconfig.dll
2016-10-28 14:14 - 2016-10-14 19:41 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-10-28 14:14 - 2016-10-14 19:40 - 13081600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-28 14:14 - 2016-10-14 19:39 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-10-28 14:14 - 2016-10-14 19:39 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-10-28 14:14 - 2016-10-14 19:39 - 00982528 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-28 14:14 - 2016-10-14 19:38 - 07468032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-10-28 14:14 - 2016-10-14 19:38 - 00913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2016-10-28 14:14 - 2016-10-14 19:37 - 08075776 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-10-28 14:14 - 2016-10-14 19:37 - 01643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-10-28 14:14 - 2016-10-14 19:36 - 03617792 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-10-28 14:14 - 2016-10-14 19:36 - 02290176 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-10-28 14:14 - 2016-10-14 19:36 - 01880576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-10-28 14:14 - 2016-10-14 19:35 - 00701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-10-28 14:14 - 2016-10-14 19:34 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-10-28 14:14 - 2016-10-14 19:31 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2016-10-28 14:14 - 2016-08-26 21:12 - 00244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-28 14:13 - 2016-10-14 21:11 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 02186896 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 01637728 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 01235296 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00595296 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00283488 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-10-28 14:13 - 2016-10-14 20:51 - 00232800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00137568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-28 14:13 - 2016-10-14 20:51 - 00078688 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-28 14:13 - 2016-10-14 20:48 - 00773712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-10-28 14:13 - 2016-10-14 20:43 - 01356352 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2016-10-28 14:13 - 2016-10-14 20:41 - 05622088 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-10-28 14:13 - 2016-10-14 20:38 - 00500064 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-28 14:13 - 2016-10-14 20:37 - 00063328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2016-10-28 14:13 - 2016-10-14 20:34 - 01969912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll
2016-10-28 14:13 - 2016-10-14 20:33 - 00455040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2016-10-28 14:13 - 2016-10-14 20:32 - 01570680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-28 14:13 - 2016-10-14 20:31 - 02827864 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-10-28 14:13 - 2016-10-14 20:31 - 02750384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-28 14:13 - 2016-10-14 20:31 - 02190688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-10-28 14:13 - 2016-10-14 20:31 - 00658272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-10-28 14:13 - 2016-10-14 20:31 - 00402272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-10-28 14:13 - 2016-10-14 20:30 - 01851696 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-28 14:13 - 2016-10-14 20:30 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-10-28 14:13 - 2016-10-14 20:30 - 00557408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-10-28 14:13 - 2016-10-14 20:30 - 00509280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-10-28 14:13 - 2016-10-14 20:30 - 00341936 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-28 14:13 - 2016-10-14 20:30 - 00238056 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2016-10-28 14:13 - 2016-10-14 20:29 - 02913104 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-10-28 14:13 - 2016-10-14 20:29 - 01267504 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-10-28 14:13 - 2016-10-14 20:29 - 00908640 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2016-10-28 14:13 - 2016-10-14 20:29 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-10-28 14:13 - 2016-10-14 20:29 - 00079200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2016-10-28 14:13 - 2016-10-14 20:26 - 01694712 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2016-10-28 14:13 - 2016-10-14 20:26 - 01600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-10-28 14:13 - 2016-10-14 20:26 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-28 14:13 - 2016-10-14 20:25 - 00882680 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2016-10-28 14:13 - 2016-10-14 20:25 - 00742704 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-10-28 14:13 - 2016-10-14 20:22 - 02069688 _____ (Microsoft Corporation) C:\Windows\system32\vmwp.exe
2016-10-28 14:13 - 2016-10-14 20:22 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\sbresources.dll
2016-10-28 14:13 - 2016-10-14 20:21 - 02537824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-10-28 14:13 - 2016-10-14 20:21 - 01100128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-10-28 14:13 - 2016-10-14 20:21 - 00292872 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-10-28 14:13 - 2016-10-14 20:19 - 02256592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-28 14:13 - 2016-10-14 20:15 - 03892352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-10-28 14:13 - 2016-10-14 20:15 - 01123368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-28 14:13 - 2016-10-14 20:15 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-10-28 14:13 - 2016-10-14 20:15 - 00952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-10-28 14:13 - 2016-10-14 20:14 - 04311736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-28 14:13 - 2016-10-14 20:11 - 00545944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-10-28 14:13 - 2016-10-14 20:10 - 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2016-10-28 14:13 - 2016-10-14 20:06 - 05685760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 14:13 - 2016-10-14 20:05 - 07216640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-10-28 14:13 - 2016-10-14 20:02 - 22568960 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-10-28 14:13 - 2016-10-14 20:00 - 01631232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 14:13 - 2016-10-14 20:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-10-28 14:13 - 2016-10-14 20:00 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdole2.tlb
2016-10-28 14:13 - 2016-10-14 19:59 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\mfksproxy.dll
2016-10-28 14:13 - 2016-10-14 19:59 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfksproxy.dll
2016-10-28 14:13 - 2016-10-14 19:59 - 00130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2016-10-28 14:13 - 2016-10-14 19:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\ActivationVdev.dll
2016-10-28 14:13 - 2016-10-14 19:58 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-10-28 14:13 - 2016-10-14 19:58 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\efsext.dll
2016-10-28 14:13 - 2016-10-14 19:58 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsext.dll
2016-10-28 14:13 - 2016-10-14 19:57 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-10-28 14:13 - 2016-10-14 19:57 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2016-10-28 14:13 - 2016-10-14 19:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2016-10-28 14:13 - 2016-10-14 19:56 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2016-10-28 14:13 - 2016-10-14 19:56 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2016-10-28 14:13 - 2016-10-14 19:56 - 00306688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2016-10-28 14:13 - 2016-10-14 19:56 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.WiFi.dll
2016-10-28 14:13 - 2016-10-14 19:56 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2016-10-28 14:13 - 2016-10-14 19:56 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2016-10-28 14:13 - 2016-10-14 19:56 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll
2016-10-28 14:13 - 2016-10-14 19:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00329216 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 14:13 - 2016-10-14 19:55 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00717312 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2016-10-28 14:13 - 2016-10-14 19:54 - 00102912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2016-10-28 14:13 - 2016-10-14 19:53 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-10-28 14:13 - 2016-10-14 19:53 - 00549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-10-28 14:13 - 2016-10-14 19:53 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-10-28 14:13 - 2016-10-14 19:53 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-10-28 14:13 - 2016-10-14 19:53 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2016-10-28 14:13 - 2016-10-14 19:52 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-10-28 14:13 - 2016-10-14 19:51 - 13868544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 14:13 - 2016-10-14 19:51 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 02716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 02333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 00896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 00310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-10-28 14:13 - 2016-10-14 19:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-10-28 14:13 - 2016-10-14 19:49 - 01913344 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2016-10-28 14:13 - 2016-10-14 19:49 - 00838144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-10-28 14:13 - 2016-10-14 19:49 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-10-28 14:13 - 2016-10-14 19:49 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-10-28 14:13 - 2016-10-14 19:49 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-10-28 14:13 - 2016-10-14 19:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-10-28 14:13 - 2016-10-14 19:49 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-28 14:13 - 2016-10-14 19:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-28 14:13 - 2016-10-14 19:48 - 23680000 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-28 14:13 - 2016-10-14 19:48 - 01554944 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2016-10-28 14:13 - 2016-10-14 19:48 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-10-28 14:13 - 2016-10-14 19:47 - 07792640 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-10-28 14:13 - 2016-10-14 19:47 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-10-28 14:13 - 2016-10-14 19:47 - 04612608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-10-28 14:13 - 2016-10-14 19:47 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 14:13 - 2016-10-14 19:47 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2016-10-28 14:13 - 2016-10-14 19:47 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2016-10-28 14:13 - 2016-10-14 19:46 - 19418112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-10-28 14:13 - 2016-10-14 19:46 - 19416576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-28 14:13 - 2016-10-14 19:46 - 03287552 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2016-10-28 14:13 - 2016-10-14 19:46 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 14:13 - 2016-10-14 19:46 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2016-10-28 14:13 - 2016-10-14 19:45 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-28 14:13 - 2016-10-14 19:45 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 14:13 - 2016-10-14 19:45 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-10-28 14:13 - 2016-10-14 19:44 - 03307520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-10-28 14:13 - 2016-10-14 19:44 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-10-28 14:13 - 2016-10-14 19:44 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.exe
2016-10-28 14:13 - 2016-10-14 19:43 - 02748928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2016-10-28 14:13 - 2016-10-14 19:43 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2016-10-28 14:13 - 2016-10-14 19:43 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-10-28 14:13 - 2016-10-14 19:42 - 12349440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-28 14:13 - 2016-10-14 19:42 - 06108672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-10-28 14:13 - 2016-10-14 19:42 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 14:13 - 2016-10-14 19:42 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2016-10-28 14:13 - 2016-10-14 19:42 - 00467968 _____ (Microsoft Corporation) C:\Windows\system32\Geolocation.dll
2016-10-28 14:13 - 2016-10-14 19:42 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\chartv.dll
2016-10-28 14:13 - 2016-10-14 19:41 - 07654912 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-10-28 14:13 - 2016-10-14 19:41 - 05376000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-10-28 14:13 - 2016-10-14 19:41 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2016-10-28 14:13 - 2016-10-14 19:41 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-10-28 14:13 - 2016-10-14 19:41 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 14:13 - 2016-10-14 19:41 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2016-10-28 14:13 - 2016-10-14 19:40 - 01690112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 14:13 - 2016-10-14 19:40 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 04474368 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 03400192 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 01005568 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Geolocation.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chartv.dll
2016-10-28 14:13 - 2016-10-14 19:39 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-10-28 14:13 - 2016-10-14 19:38 - 13441024 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-28 14:13 - 2016-10-14 19:38 - 02458112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-10-28 14:13 - 2016-10-14 19:38 - 01993216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-10-28 14:13 - 2016-10-14 19:38 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-10-28 14:13 - 2016-10-14 19:38 - 00675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2016-10-28 14:13 - 2016-10-14 19:38 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 03733504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 02256896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 01980416 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 00715264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 00709120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-10-28 14:13 - 2016-10-14 19:37 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 02512384 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 01595392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 01492480 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-10-28 14:13 - 2016-10-14 19:36 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-10-28 14:13 - 2016-10-14 19:36 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2016-10-28 14:13 - 2016-10-14 19:36 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmifw.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 03054080 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 02999808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-10-28 14:13 - 2016-10-14 19:35 - 02708992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 02670592 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 02315264 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 02005504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 01779712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 01512960 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-10-28 14:13 - 2016-10-14 19:35 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00772608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-10-28 14:13 - 2016-10-14 19:35 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-10-28 14:13 - 2016-10-14 19:34 - 02688512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-10-28 14:13 - 2016-10-14 19:34 - 02476544 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-28 14:13 - 2016-10-14 19:34 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-28 14:13 - 2016-10-14 19:34 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-10-28 14:13 - 2016-10-14 19:34 - 00936448 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-10-28 14:13 - 2016-10-14 19:32 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-10-28 14:13 - 2016-09-10 05:21 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\capimg.sys
2016-10-28 14:13 - 2016-08-05 20:17 - 00619368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-10-28 14:12 - 2016-10-14 20:38 - 00409952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-10-28 14:12 - 2016-10-14 20:32 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-10-28 14:12 - 2016-10-14 20:26 - 00160096 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.dll
2016-10-28 14:12 - 2016-10-14 20:21 - 00584032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-10-28 14:12 - 2016-10-14 20:20 - 02276736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-10-28 14:12 - 2016-10-14 20:19 - 00272720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-28 14:12 - 2016-10-14 20:18 - 02166232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-10-28 14:12 - 2016-10-14 20:18 - 01556712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-28 14:12 - 2016-10-14 20:18 - 00846560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-10-28 14:12 - 2016-10-14 20:15 - 01853776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-10-28 14:12 - 2016-10-14 20:15 - 00687936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-10-28 14:12 - 2016-10-14 20:11 - 01435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-10-28 14:12 - 2016-10-14 20:00 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2016-10-28 14:12 - 2016-10-14 19:59 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\stdole2.tlb
2016-10-28 14:12 - 2016-10-14 19:57 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-28 14:12 - 2016-10-14 19:56 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-10-28 14:12 - 2016-10-14 19:56 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2016-10-28 14:12 - 2016-10-14 19:55 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-10-28 14:12 - 2016-10-14 19:54 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2016-10-28 14:12 - 2016-10-14 19:53 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-28 14:12 - 2016-10-14 19:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-10-28 14:12 - 2016-10-14 19:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-28 14:12 - 2016-10-14 19:51 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-10-28 14:12 - 2016-10-14 19:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-10-28 14:12 - 2016-10-14 19:50 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-10-28 14:12 - 2016-10-14 19:49 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-10-28 14:12 - 2016-10-14 19:45 - 01790464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-10-28 14:12 - 2016-10-14 19:44 - 00636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-10-28 14:12 - 2016-10-14 19:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.exe
2016-10-28 14:12 - 2016-10-14 19:41 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-10-28 14:12 - 2016-10-14 19:39 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2016-10-28 14:12 - 2016-10-14 19:36 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-28 14:12 - 2016-10-14 19:36 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-28 14:12 - 2016-10-14 19:36 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-10-28 14:12 - 2016-10-14 19:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-21 13:50 - 2016-10-21 13:50 - 00000000 ____D C:\Crash
2016-10-21 13:33 - 2016-10-21 13:40 - 00000000 ____D C:\Users\terry\AppData\LocalLow\Daybreak Game Company
2016-10-21 13:33 - 2016-10-21 13:33 - 00000000 ____D C:\Users\terry\AppData\Local\SCE
2016-10-21 13:33 - 2016-10-21 13:33 - 00000000 ____D C:\Users\terry\AppData\Local\Daybreak Game Company
2016-10-19 14:23 - 2016-10-19 14:23 - 00000000 ____D C:\Users\terry\Documents\Lightshot
2016-10-18 21:21 - 2016-10-18 21:21 - 00290130 _____ C:\Users\terry\Documents\bookmarks_10_18_16.html
2016-10-16 19:59 - 2016-10-16 19:59 - 00000000 ____D C:\Users\terry\AppData\Local\Logitech
2016-10-16 19:57 - 2016-10-16 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-10-16 19:57 - 2016-10-16 19:57 - 00000000 ____D C:\Program Files\Logitech
2016-10-16 19:57 - 2016-10-16 19:57 - 00000000 ____D C:\Program Files\Common Files\Logitech
2016-10-16 19:56 - 2016-10-16 19:56 - 00000000 ____D C:\Users\terry\AppData\Roaming\Logitech
2016-10-16 19:56 - 2016-10-16 19:56 - 00000000 ____D C:\Users\terry\AppData\Roaming\Logishrd
2016-10-16 10:15 - 2016-10-16 19:56 - 16082320 _____ (Logitech Inc.) C:\Users\terry\Downloads\lgs510_x64.exe
2016-10-16 10:08 - 2016-10-16 10:08 - 00000000 ____D C:\Users\terry\Documents\Flight Simulator X Files
2016-10-16 09:55 - 2016-10-16 09:55 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-10-16 09:52 - 2016-10-16 09:52 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-10-13 13:21 - 2016-10-13 13:21 - 00000252 ____H C:\Windows\Tasks\MSISW_Host.job
2016-10-12 01:01 - 2016-10-12 01:01 - 00000760 _____ C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\putty.lnk
2016-10-11 20:54 - 2016-10-05 02:17 - 01322848 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2016-10-11 20:54 - 2016-10-05 02:12 - 02446696 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-10-11 20:54 - 2016-10-05 02:09 - 00064352 _____ (Avago Technologies) C:\Windows\system32\Drivers\MegaSas2i.sys
2016-10-11 20:54 - 2016-10-05 01:38 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2016-10-11 20:54 - 2016-10-05 01:36 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 20:54 - 2016-10-05 01:35 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2016-10-11 20:54 - 2016-10-05 01:35 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2016-10-11 20:54 - 2016-10-05 01:33 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2016-10-11 20:54 - 2016-10-05 01:33 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll
2016-10-11 20:54 - 2016-10-05 01:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-10-11 20:54 - 2016-10-05 01:31 - 00480768 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2016-10-11 20:54 - 2016-10-05 01:31 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-10-11 20:54 - 2016-10-05 01:30 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-10-11 20:54 - 2016-10-05 01:29 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-10-11 20:54 - 2016-10-05 01:28 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2016-10-11 20:54 - 2016-10-05 01:26 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 20:54 - 2016-10-05 01:26 - 00184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2016-10-11 20:54 - 2016-10-05 01:26 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-11 20:54 - 2016-10-05 01:25 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2016-10-11 20:54 - 2016-10-05 01:25 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-10-11 20:54 - 2016-10-05 01:25 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2016-10-11 20:54 - 2016-10-05 01:25 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll
2016-10-11 20:54 - 2016-10-05 01:24 - 00483840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-11 20:54 - 2016-10-05 01:23 - 00431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2016-10-11 20:54 - 2016-10-05 01:23 - 00426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-11 20:54 - 2016-10-05 01:23 - 00284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2016-10-11 20:54 - 2016-10-05 01:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2016-10-11 20:54 - 2016-10-05 01:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 20:54 - 2016-10-05 01:19 - 02390016 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2016-10-11 20:54 - 2016-10-05 01:18 - 00983040 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-10-11 20:54 - 2016-10-05 01:18 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 20:54 - 2016-10-05 01:17 - 08126464 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-10-11 20:54 - 2016-10-05 01:17 - 02914304 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-10-11 20:54 - 2016-10-05 01:16 - 04747776 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 20:54 - 2016-10-05 01:15 - 02800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-10-11 20:54 - 2016-10-05 01:15 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll
2016-10-11 20:54 - 2016-10-05 01:12 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2016-10-11 20:54 - 2016-10-05 01:11 - 06043136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-10-11 20:54 - 2016-10-05 01:10 - 06474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2016-10-11 20:54 - 2016-10-05 01:09 - 00691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-11 20:54 - 2016-10-05 01:08 - 00873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2016-10-11 20:54 - 2016-10-05 01:07 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-11 20:54 - 2016-10-05 01:07 - 02682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-10-11 20:54 - 2016-10-05 01:07 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
2016-10-11 20:53 - 2016-10-05 02:33 - 00128864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-10-11 20:53 - 2016-10-05 02:31 - 02213248 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-11 20:53 - 2016-10-05 02:22 - 01181536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-10-11 20:53 - 2016-10-05 02:13 - 01859264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-10-11 20:53 - 2016-10-05 02:13 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2016-10-11 20:53 - 2016-10-05 02:12 - 01112928 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-10-11 20:53 - 2016-10-05 02:09 - 01071728 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-10-11 20:53 - 2016-10-05 02:08 - 00241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2016-10-11 20:53 - 2016-10-05 02:03 - 01705976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-11 20:53 - 2016-10-05 01:51 - 01430720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-11 20:53 - 2016-10-05 01:50 - 00116576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2016-10-11 20:53 - 2016-10-05 01:48 - 01022304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-10-11 20:53 - 2016-10-05 01:46 - 01360456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-10-11 20:53 - 2016-10-05 01:46 - 00980824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-10-11 20:53 - 2016-10-05 01:38 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-10-11 20:53 - 2016-10-05 01:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2016-10-11 20:53 - 2016-10-05 01:35 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2016-10-11 20:53 - 2016-10-05 01:34 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 20:53 - 2016-10-05 01:33 - 00651264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.AllJoyn.dll
2016-10-11 20:53 - 2016-10-05 01:32 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2016-10-11 20:53 - 2016-10-05 01:32 - 00379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2016-10-11 20:53 - 2016-10-05 01:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.HostName.dll
2016-10-11 20:53 - 2016-10-05 01:31 - 00837632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2016-10-11 20:53 - 2016-10-05 01:31 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-10-11 20:53 - 2016-10-05 01:31 - 00561664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Wallet.dll
2016-10-11 20:53 - 2016-10-05 01:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2016-10-11 20:53 - 2016-10-05 01:31 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ConfigureExpandedStorage.dll
2016-10-11 20:53 - 2016-10-05 01:29 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-10-11 20:53 - 2016-10-05 01:28 - 03059200 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-10-11 20:53 - 2016-10-05 01:28 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2016-10-11 20:53 - 2016-10-05 01:28 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-10-11 20:53 - 2016-10-05 01:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.HostName.dll
2016-10-11 20:53 - 2016-10-05 01:27 - 00945664 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2016-10-11 20:53 - 2016-10-05 01:27 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-11 20:53 - 2016-10-05 01:27 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-11 20:53 - 2016-10-05 01:26 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll
2016-10-11 20:53 - 2016-10-05 01:25 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-10-11 20:53 - 2016-10-05 01:24 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 20:53 - 2016-10-05 01:23 - 01908224 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-10-11 20:53 - 2016-10-05 01:23 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll
2016-10-11 20:53 - 2016-10-05 01:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-10-11 20:53 - 2016-10-05 01:21 - 03689984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-10-11 20:53 - 2016-10-05 01:21 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-10-11 20:53 - 2016-10-05 01:20 - 00936960 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-10-11 20:53 - 2016-10-05 01:20 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2016-10-11 20:53 - 2016-10-05 01:18 - 00858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-10-11 20:53 - 2016-10-05 01:17 - 04136960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2016-10-11 20:53 - 2016-10-05 01:16 - 06664192 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2016-10-11 20:53 - 2016-10-05 01:16 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-10-11 20:53 - 2016-10-05 01:16 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2016-10-11 20:53 - 2016-10-05 01:16 - 00508416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-11 20:53 - 2016-10-05 01:15 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-10-11 20:53 - 2016-10-05 01:15 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2016-10-11 20:53 - 2016-10-05 01:15 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
2016-10-11 20:53 - 2016-10-05 01:14 - 01255936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-10-11 20:53 - 2016-10-05 01:14 - 01013760 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-10-11 20:53 - 2016-10-05 01:13 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2016-10-11 20:53 - 2016-10-05 01:13 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-10-11 20:53 - 2016-10-05 01:12 - 00998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-10-11 20:53 - 2016-10-05 01:12 - 00924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-11 20:53 - 2016-10-05 01:11 - 03496960 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 20:53 - 2016-10-05 01:11 - 00640000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-10-11 20:53 - 2016-10-05 01:09 - 03369984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2016-10-11 20:53 - 2016-10-05 01:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-10-11 20:53 - 2016-10-05 01:08 - 02356736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-11 20:53 - 2016-10-05 01:08 - 00598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2016-10-11 20:53 - 2016-10-05 01:07 - 02646016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-10-11 20:53 - 2016-10-05 01:06 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2016-10-11 20:53 - 2016-10-05 01:06 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-10-11 20:53 - 2016-10-05 01:05 - 03105792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-10-11 20:53 - 2016-10-05 01:05 - 00751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-11 20:53 - 2016-10-04 16:01 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml
2016-10-11 20:53 - 2016-09-06 21:34 - 00360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-10-11 20:52 - 2016-10-05 02:35 - 00279904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-10-11 20:52 - 2016-10-05 02:16 - 00187232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-10-11 20:52 - 2016-10-05 01:49 - 01980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-10-11 20:52 - 2016-10-05 01:35 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2016-10-11 20:52 - 2016-10-05 01:21 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2016-10-11 20:52 - 2016-10-05 01:18 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-10-11 20:52 - 2016-10-05 01:17 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-11 20:52 - 2016-10-05 01:14 - 01456640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-10-11 20:52 - 2016-10-05 01:07 - 00589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2016-10-09 22:33 - 2016-10-09 22:33 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-10-09 22:23 - 2016-10-09 22:33 - 224516160 _____ (AMD Inc.) C:\Users\terry\Downloads\non-whql-win10-64bit-radeon-software-crimson-16.10.1-oct6.exe
2016-10-09 21:41 - 2016-10-12 02:58 - 00000600 _____ C:\Users\terry\AppData\Local\PUTTY.RND
2016-10-09 21:38 - 2016-10-09 21:38 - 00531368 _____ (Simon Tatham) C:\Users\terry\Downloads\putty.exe
2016-10-09 14:30 - 2016-10-19 14:23 - 00000000 ____D C:\Users\terry\Documents\3DMark
2016-10-09 14:30 - 2016-10-09 14:30 - 00000022 _____ C:\Windows\GPU-Z.INI
2016-10-09 14:30 - 2016-10-09 14:30 - 00000000 ____D C:\Users\terry\AppData\Local\Futuremark
2016-10-09 14:30 - 2016-10-09 14:30 - 00000000 ____D C:\Users\terry\.oracle_jre_usage
2016-10-09 14:30 - 2016-10-09 14:30 - 00000000 ____D C:\ProgramData\Futuremark
2016-10-09 14:29 - 2016-10-09 14:29 - 00000000 ____D C:\Program Files (x86)\Futuremark
2016-10-09 14:14 - 2016-10-09 14:14 - 00943211 _____ C:\Users\terry\Downloads\SysSpec.zip
2016-10-09 14:14 - 2016-10-09 14:14 - 00000000 ____D C:\Users\terry\Downloads\SysSpec
2016-10-09 14:08 - 2016-10-09 14:08 - 04513984 _____ C:\Users\terry\Downloads\advisorinstaller.exe
2016-10-09 14:08 - 2016-10-09 14:08 - 00002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2016-10-09 14:08 - 2016-10-09 14:08 - 00002197 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2016-10-09 14:08 - 2016-10-09 14:08 - 00000000 ____D C:\Program Files (x86)\Belarc
2016-10-09 13:28 - 2016-10-09 13:28 - 00000000 ____D C:\Users\terry\Documents\Aerofly FS 2
2016-10-09 11:44 - 2016-10-09 11:44 - 00000665 _____ C:\Users\terry\Desktop\CentOS mirrors.txt
2016-10-09 11:35 - 2016-10-09 11:35 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2016-10-09 11:33 - 2016-10-09 11:33 - 00000000 ____D C:\Users\terry\AppData\Roaming\InfraRecorder
2016-10-09 11:31 - 2016-10-09 11:31 - 00001733 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-10-09 11:31 - 2016-10-09 11:31 - 00000000 ____D C:\Users\terry\AppData\Roaming\Canneverbe Limited
2016-10-09 11:31 - 2016-10-09 11:31 - 00000000 ____D C:\Program Files\CDBurnerXP
2016-10-09 11:29 - 2016-10-09 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfraRecorder
2016-10-09 11:29 - 2016-10-09 11:29 - 00000000 ____D C:\Program Files\InfraRecorder
2016-10-09 11:28 - 2016-10-09 11:43 - 00000000 ____D C:\Users\terry\AppData\Roaming\Notepad++
2016-10-09 11:28 - 2016-10-09 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-10-09 11:28 - 2016-10-09 11:28 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-10-09 11:26 - 2016-10-09 11:27 - 00422480 _____ (Secure By Design Inc.) C:\Users\terry\Downloads\Ninite CDBurnerXP InfraRecorder Notepad Installer.exe
2016-10-09 01:22 - 2016-10-09 01:23 - 00000000 ____D C:\Users\terry\AppData\Local\Sniper3
2016-10-08 13:13 - 2016-10-09 22:42 - 00000000 ____D C:\Users\terry\AppData\Roaming\discord
2016-10-08 13:13 - 2016-10-08 13:13 - 00000000 ____D C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-10-08 13:13 - 2016-10-08 13:13 - 00000000 ____D C:\Users\terry\AppData\Local\Discord
2016-10-08 13:12 - 2016-10-08 13:13 - 00000000 ____D C:\Users\terry\AppData\Local\SquirrelTemp
2016-10-08 13:10 - 2016-10-08 13:12 - 50343608 _____ (Hammer & Chisel, Inc.) C:\Users\terry\Downloads\DiscordSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-06 17:09 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\AppReadiness
2016-11-06 17:04 - 2016-09-24 18:32 - 00000000 ____D C:\Users\terry\AppData\Local\Packages
2016-11-06 17:03 - 2016-07-16 03:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-06 16:31 - 2016-09-24 18:29 - 01233162 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-06 16:27 - 2016-09-24 19:07 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-06 16:27 - 2016-09-24 18:32 - 00000000 ____D C:\Users\terry
2016-11-06 16:25 - 2016-09-24 18:19 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-06 16:24 - 2016-09-24 18:54 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-11-06 16:24 - 2016-07-15 22:04 - 00524288 _____ C:\Windows\system32\config\BBI
2016-11-06 15:15 - 2016-09-26 16:48 - 00004168 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F72FE2E5-4739-4BEC-A9AA-879D40ABA196}
2016-11-06 14:24 - 2016-09-24 18:32 - 00000000 ____D C:\Users\terry\AppData\Local\VirtualStore
2016-11-06 14:21 - 2016-09-24 18:19 - 00332264 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-06 14:21 - 2016-07-16 03:47 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-11-06 13:06 - 2016-09-24 22:21 - 00000000 ____D C:\ProgramData\Norton
2016-11-06 13:06 - 2016-07-15 22:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2016-11-06 13:05 - 2016-09-24 22:21 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-11-06 13:05 - 2016-09-24 22:21 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2016-11-06 11:04 - 2016-09-24 22:51 - 00291512 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-11-06 11:04 - 2016-09-24 22:49 - 00291512 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-11-06 10:37 - 2016-07-16 03:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-06 10:37 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-11-06 10:36 - 2016-07-16 03:45 - 00000000 ____D C:\Windows\INF
2016-11-06 09:57 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\LiveKernelReports
2016-11-06 08:56 - 2016-09-24 18:19 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-11-06 00:13 - 2016-09-24 22:49 - 00291512 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-11-02 03:58 - 2016-09-24 18:56 - 00000000 ____D C:\MSI
2016-11-01 18:24 - 2016-09-25 09:41 - 00000000 ____D C:\Users\terry\AppData\Local\ElevatedDiagnostics
2016-11-01 09:58 - 2016-09-24 22:50 - 00000000 ____D C:\Users\terry\Documents\My Games
2016-11-01 09:09 - 2016-09-28 01:00 - 00000000 ____D C:\Users\terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-30 11:32 - 2016-09-24 18:36 - 00000000 ____D C:\Users\terry\AppData\Local\Google
2016-10-28 19:06 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\rescache
2016-10-28 15:09 - 2016-09-24 18:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-28 15:04 - 2016-09-26 17:41 - 00000000 ____D C:\Program Files\Hyper-V
2016-10-28 15:04 - 2016-07-16 03:47 - 00015425 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2016-10-28 15:04 - 2016-07-16 03:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-10-28 15:04 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-10-28 15:04 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\system32\oobe
2016-10-28 15:04 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-28 15:04 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-10-28 14:21 - 2016-07-16 03:36 - 00000000 ____D C:\Windows\CbsTemp
2016-10-28 13:45 - 2016-09-24 20:42 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-25 19:45 - 2016-09-24 18:47 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-24 15:30 - 2016-07-16 03:49 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-24 15:30 - 2016-07-16 03:49 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-21 13:33 - 2016-09-24 18:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-15 01:01 - 2016-07-16 04:58 - 00389400 __RSH C:\bootmgr
2016-10-12 15:30 - 2016-07-16 03:47 - 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-10-12 15:30 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\system32\migwiz
2016-10-12 15:30 - 2016-07-16 03:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-10-12 15:30 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 15:30 - 2016-07-16 03:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 11:45 - 2016-09-24 21:00 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 11:40 - 2016-09-24 21:00 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 20:24 - 2016-07-16 03:43 - 00783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-10-11 20:24 - 2016-07-16 03:42 - 00177664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-10 06:33 - 2016-09-24 18:57 - 00000000 ____D C:\Users\terry\AppData\LocalLow\AMD
2016-10-09 22:41 - 2016-09-24 18:55 - 00000000 ____D C:\Users\terry\AppData\Local\AMD
2016-10-09 22:35 - 2016-09-24 18:52 - 00000000 ____D C:\Program Files\AMD
2016-10-09 22:34 - 2016-09-24 18:51 - 00000000 ____D C:\AMD

==================== Files in the root of some directories =======

2016-10-09 21:41 - 2016-10-12 02:58 - 0000600 _____ () C:\Users\terry\AppData\Local\PUTTY.RND
2016-09-27 19:14 - 2016-09-27 19:14 - 0000003 _____ () C:\Users\terry\AppData\Local\updater.log
2016-09-27 19:14 - 2016-09-27 19:14 - 0000424 _____ () C:\Users\terry\AppData\Local\UserProducts.xml
2016-09-26 16:34 - 2016-09-26 16:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-09-25 14:38 - 2016-09-25 14:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\terry\AppData\Local\Temp\libeay32.dll
C:\Users\terry\AppData\Local\Temp\msvcr120.dll
C:\Users\terry\AppData\Local\Temp\sqlite3.dll
C:\Users\terry\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NAV__{5B32E06D-BFE0-4935-A010-DFE9118A3833}.exe
C:\Users\terry\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NAV__{CB65A378-5354-4838-998A-985F3A54626F}.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-28 18:32

==================== End of FRST.txt ============================

 

 

 

Attached File  Addition.txt   41.53KB   2 downloads


Edited by terrypen, 07 November 2016 - 07:10 PM.


BC AdBot (Login to Remove)

 


#2 terrypen

terrypen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 07 November 2016 - 07:12 PM

replied, so it would come up as 'new'



#3 terrypen

terrypen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 08 November 2016 - 05:52 PM

I had a user message me on here with a fix...

 

EinSophistry

I came across your thread while hunting for solutions to this same problem. I think I've found the solution, but the site wouldn't let me reply to your thread.

The culprit is the FB Purity extension. This is a scam version of the original Facebook Purity extension (which comes from a .com, rather than .net source), and it seems to be causing these redirects. I ran countless antimalware/antiadware scans, ran Ccleaner, deleted and reinstalled Chrome (several times), even did a System Restore in attempt to fix this issue and nothing worked. Finally, I got rid of the bogus extension, and so far, at least, so good. Hope it helps in your case too.

 

Topic can be close with this thread being fixed!



#4 terrypen

terrypen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 09 November 2016 - 04:24 PM

I guess everyone has moved away from these forums.



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,997 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:52 AM

Posted 10 November 2016 - 10:37 PM

Sorry for the delay, there are many people waiting for assistance.

Thank you for letting us know.

Edited by Oh My!, 10 November 2016 - 10:38 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,997 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:03:52 AM

Posted 10 November 2016 - 10:38 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users