Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Access to internet is blocked, with dysfunctional Bluetooth.


  • This topic is locked This topic is locked
2 replies to this topic

#1 asibb

asibb

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 12 November 2016 - 02:39 PM

Whenever I opened any websites,it says there is no internet connection even though the LAN is fine for other computers. Prior to the FRST scan, I had uninstall a few suspicious program like indiatimes.xyz; scanned & fixed the registry using CCleaner (v5 17.5590); unchecked the "Use a proxy server.." in the Internet Properties; changed my DNS setting to "Obtain DNS server automatically"; removed all the additional URLs & IPs, & revert back to the default in my System32 "hosts" file; but it still hasn't worked.
Post-FRST scan, I noticed the windows firewall was turned off (without my knowledge) so I turned it back on. Please help me gain access to my internet back 😢


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by hasif ibnu malik (administrator) on SUITEBERTHA (12-11-2016 23:44:43)
Running from C:\Users\End User\Desktop
Loaded Profiles: hasif ibnu malik (Available Profiles: hasif ibnu malik & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
(ASUSTeK Computer Inc.) C:\WINDOWS\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\4A68AFB1-1478955127-E111-AEDA-3085A96FD525\knsmA4DB.tmpfs
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
(Microsoft Corporation) C:\Program Files\XBox\XBLive.exe
() C:\Program Files (x86)\WebShield\WebShield.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\WINDOWS\AsScrPro.exe
(ASUSTeK) C:\WINDOWS\SysWOW64\ACEngSvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\WINDOWS\SysWOW64\C2MP\TrayMenu.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel Corporation) C:\WINDOWS\System32\igfxTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Nullsoft, Inc.) C:\Users\End User\Documents\Winamp\winamp.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\41.0.2353.56\opera.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544 2015-11-04] (Bitdefender)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-25] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-03] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-20] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [WinampAgent] => C:\Users\End User\Documents\Winamp\winampa.exe [74752 2011-10-25] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 1
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\...\Run: [Google Update] => C:\Users\End User\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-11-04] (Bitdefender)
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-16] (Piriform Ltd)
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\...\Policies\Explorer: [HideSCAHealth] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [181488 2016-10-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [181488 2016-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [159352 2016-10-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-10-12] (Google)
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk [2014-10-15]
ShortcutTarget: APC UPS Status.lnk -> C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-05-08]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TrayMenu.lnk [2015-03-16]
ShortcutTarget: TrayMenu.lnk -> C:\WINDOWS\SysWOW64\C2MP\TrayMenu.exe ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1112824363-1646314159-1450038129-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog9 01 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 02 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 03 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 04 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 05 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 06 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 07 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 08 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 09 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 10 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 11 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 12 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 25 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 09 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 10 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 11 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 12 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 25 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Tcpip\Parameters: [DhcpNameServer] 202.83.21.28 202.83.21.24 192.168.1.1
Tcpip\..\Interfaces\{cac92ea2-e5c0-4758-a203-4fe6628e1eac}: [DhcpNameServer] 202.83.21.28 202.83.21.24 192.168.1.1
Tcpip\..\Interfaces\{d0dc0a92-212e-444e-b91a-18d52c7bc8ff}: [DhcpNameServer] 202.83.21.28 202.83.21.24 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=658&r=2013/04/29&hid=2716007796&lg=EN&cc=IN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=658&r=2013/04/29&hid=2716007796&lg=EN&cc=IN
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-16] (Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-16] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-11] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-12-30] (Atheros Commnucations)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-11] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-12-16] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-12-16] (Bitdefender)
Toolbar: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 -> No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff => not found
FF HKLM\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff => not found
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv19@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [2013-10-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [2013-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-07] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-11] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-02-22] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1112824363-1646314159-1450038129-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\End User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1112824363-1646314159-1450038129-1001: @talk.google.com/O1DPlugin -> C:\Users\End User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1112824363-1646314159-1450038129-1001: @tools.google.com/Google Update;version=3 -> C:\Users\End User\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1112824363-1646314159-1450038129-1001: @tools.google.com/Google Update;version=9 -> C:\Users\End User\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-1112824363-1646314159-1450038129-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\End User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-04-17] (Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\End User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\End User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-12] <==== ATTENTION
CHR Extension: (Theme Creator) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\akpelnjfckgfiplcikojhomllgombffc [2016-04-24]
CHR Extension: (Google Drive) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-23]
CHR Extension: (AdBlock) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\banlaihlglfcmhmepnojbophdcbdmphc [2014-05-30]
CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2016-09-27]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-11-26]
CHR Extension: (Bitdefender Wallet) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem [2016-01-30]
CHR Extension: (Bitdefender Wallet) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\fabcmochhfpldjekobfaaggijgohadih [2016-02-08]
CHR Extension: (YouTube Center) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gabnjlibfmlilpljjkkbkebfaopgpjmk [2013-09-26]
CHR Extension: (Google Docs Offline) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-23]
CHR Extension: (AdBlock) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-10]
CHR Extension: (Custom Google Background) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg [2016-06-21]
CHR Extension: (Until AM Web App) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk [2014-03-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Browsec VPN - Privacy and Security Online) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-11-12]
CHR Extension: (Night Mode Eye Guard) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pcoddialcapoppmmfdcmbfoicoiggjpk [2016-09-02]
CHR Extension: (Chrome Media Router) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
CHR Profile: C:\Users\End User\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-12]
CHR Extension: (Docs) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-12]
CHR Extension: (Google Drive) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-12]
CHR Extension: (YouTube) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-12]
CHR Extension: (Gmail) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-12]
CHR HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\End User\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\End User\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-10] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-10-10] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-30] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1100392 2016-10-28] (Bitdefender)
R2 Qerfishmapacult; C:\Program Files (x86)\Hoeghtshbeward\merngerpr.dll [276992 2016-11-12] () [File not signed]
S2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [100816 2015-11-04] (Bitdefender)
R2 UQiqSSPG; C:\Program Files (x86)\WebShield\WebShield.exe [360448 2016-08-13] () [File not signed]
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1561344 2015-11-18] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1265664 2016-10-26] (Microsoft Corporation) [File not signed]
R2 XBox; C:\Program Files\XBox\XBLive.exe [6342584 2016-06-13] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-30] (Atheros) [File not signed]
R2 myryjote; C:\Program Files (x86)\4A68AFB1-1478955127-E111-AEDA-3085A96FD525\knsmA4DB.tmpfs [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4325544 2015-08-30] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1600512 2015-10-28] (BitDefender)
R3 avchv; C:\WINDOWS\system32\DRIVERS\avchv.sys [282000 2015-09-17] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [775424 2015-09-17] (BitDefender)
U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC)
S3 DFX11_1; C:\WINDOWS\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC)
R4 KuaiZipDrive2; C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys [92832 2016-11-12] (WinMount International Inc) <==== ATTENTION
R4 LDrvPro; C:\WINDOWS\system32\drivers\LDrvPro64.sys [195824 2015-08-25] (深圳市驱动人生软件技术有限公司)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-09-30] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-05-04] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-08-30] (Realsil Semiconductor Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [40568 2015-10-03] (SteelSeries ApS)
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [52952 2016-08-29] (SteelSeries ApS)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 23:44 - 2016-11-12 23:46 - 00032029 _____ C:\Users\End User\Desktop\FRST.txt
2016-11-12 23:44 - 2016-11-12 23:44 - 00000000 ____D C:\FRST
2016-11-12 23:43 - 2016-11-12 23:42 - 02411520 ____N (Farbar) C:\Users\End User\Desktop\FRST64.exe
2016-11-12 23:34 - 2016-11-12 23:20 - 22851472 ____N (Malwarebytes ) C:\Users\End User\Desktop\mbam-setup-2.2.1.1043.exe
2016-11-12 21:43 - 2016-11-12 21:43 - 00250912 _____ C:\WINDOWS\SysWOW64\kz.exe
2016-11-12 21:40 - 2016-11-12 21:40 - 00000000 ____D C:\ApcTempReg
2016-11-12 18:30 - 2016-11-12 21:43 - 00000000 ____D C:\Users\End User\AppData\Local\AppTrailers
2016-11-12 18:23 - 2016-11-12 21:43 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-11-12 18:23 - 2016-11-12 18:24 - 00000000 ____D C:\Program Files (x86)\Hoeghtshbeward_
2016-11-12 18:23 - 2016-11-12 18:23 - 00092832 _____ (WinMount International Inc) C:\WINDOWS\system32\Drivers\KuaiZipDrive2.sys
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Users\End User\AppData\Roaming\vnlgp
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Users\End User\AppData\Roaming\Softlink
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Users\End User\AppData\Roaming\Links2
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Users\End User\AppData\Roaming\KuaiZip
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Users\End User\AppData\Roaming\gplyra
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Program Files\XBox
2016-11-12 18:23 - 2016-11-12 18:23 - 00000000 ____D C:\Program Files (x86)\wanttoxiamen
2016-11-12 18:22 - 2016-11-12 23:38 - 00000000 ____D C:\Program Files (x86)\4A68AFB1-1478955127-E111-AEDA-3085A96FD525
2016-11-12 18:22 - 2016-11-12 18:22 - 00000000 ____D C:\Program Files (x86)\WebShield
2016-11-12 18:22 - 2016-11-12 18:22 - 00000000 _____ C:\TOSTACK
2016-11-12 18:21 - 2016-11-12 18:21 - 00000000 ____D C:\ProgramData\Avira
2016-11-12 18:21 - 2016-11-12 18:21 - 00000000 ____D C:\ProgramData\Avg
2016-11-12 18:20 - 2016-11-12 18:20 - 00000000 ____D C:\ProgramData\Windows Security
2016-11-12 18:19 - 2016-11-12 18:23 - 00006086 _____ C:\WINDOWS\System32\Tasks\Gfisataqied Builder
2016-11-12 18:18 - 2016-11-12 21:43 - 00000000 ____D C:\Users\End User\AppData\Roaming\Josshqmoy
2016-11-12 18:18 - 2016-11-12 18:27 - 00000000 ____D C:\Program Files (x86)\Hoeghtshbeward
2016-11-12 18:18 - 2016-11-12 18:20 - 00000000 ____D C:\Users\End User\AppData\Local\Gholosyphetock
2016-11-09 20:14 - 2016-11-02 19:02 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 20:14 - 2016-11-02 19:01 - 00546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 20:14 - 2016-10-25 15:04 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2016-11-09 20:14 - 2016-10-25 14:02 - 01862000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-11-09 20:14 - 2016-10-25 14:02 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 20:14 - 2016-10-25 14:02 - 00845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-11-09 20:14 - 2016-10-25 14:02 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-11-09 20:14 - 2016-10-25 13:58 - 01083648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-11-09 20:14 - 2016-10-25 13:35 - 00712032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 20:14 - 2016-10-25 13:15 - 00032096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2016-11-09 20:14 - 2016-10-25 13:09 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-11-09 20:14 - 2016-10-25 13:07 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 20:14 - 2016-10-25 13:07 - 01349632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-11-09 20:14 - 2016-10-25 13:07 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-11-09 20:14 - 2016-10-25 13:07 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-11-09 20:14 - 2016-10-25 13:07 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-11-09 20:14 - 2016-10-25 13:07 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 20:14 - 2016-10-25 13:01 - 01824272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-11-09 20:14 - 2016-10-25 13:01 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 20:14 - 2016-10-25 13:00 - 02938920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 20:14 - 2016-10-25 13:00 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-11-09 20:14 - 2016-10-25 12:57 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 20:14 - 2016-10-25 12:57 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-11-09 20:14 - 2016-10-25 12:57 - 00256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-11-09 20:14 - 2016-10-25 12:56 - 05240952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-11-09 20:14 - 2016-10-25 12:56 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 20:14 - 2016-10-25 12:56 - 01355344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-11-09 20:14 - 2016-10-25 12:56 - 00836752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-11-09 20:14 - 2016-10-25 12:56 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-11-09 20:14 - 2016-10-25 12:52 - 00268040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-11-09 20:14 - 2016-10-25 12:49 - 00295776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 20:14 - 2016-10-25 12:48 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-11-09 20:14 - 2016-10-25 12:26 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 20:14 - 2016-10-25 12:26 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2016-11-09 20:14 - 2016-10-25 12:24 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-11-09 20:14 - 2016-10-25 12:24 - 00273760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 20:14 - 2016-10-25 12:23 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 20:14 - 2016-10-25 11:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-11-09 20:14 - 2016-10-25 11:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 20:14 - 2016-10-25 11:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-11-09 20:14 - 2016-10-25 11:39 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 20:14 - 2016-10-25 11:38 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-11-09 20:14 - 2016-10-25 11:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-11-09 20:14 - 2016-10-25 11:30 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 20:14 - 2016-10-25 11:20 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 20:14 - 2016-10-25 11:19 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-11-09 20:14 - 2016-10-25 11:18 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-11-09 20:14 - 2016-10-25 11:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-11-09 20:14 - 2016-10-25 11:15 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2016-11-09 20:14 - 2016-10-25 11:14 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 20:14 - 2016-10-25 11:13 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
2016-11-09 20:14 - 2016-10-25 11:11 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-11-09 20:14 - 2016-10-25 11:10 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-11-09 20:14 - 2016-10-25 11:09 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2016-11-09 20:14 - 2016-10-25 11:07 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-11-09 20:14 - 2016-10-25 11:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-11-09 20:14 - 2016-10-25 11:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-11-09 20:14 - 2016-10-25 11:06 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-11-09 20:14 - 2016-10-25 11:05 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-11-09 20:14 - 2016-10-25 11:02 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-11-09 20:14 - 2016-10-25 11:01 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-11-09 20:14 - 2016-10-25 11:00 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-11-09 20:14 - 2016-10-25 10:59 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-11-09 20:14 - 2016-10-25 10:59 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-11-09 20:14 - 2016-10-25 10:59 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-11-09 20:14 - 2016-10-25 10:58 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 20:14 - 2016-10-25 10:58 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 20:14 - 2016-10-25 10:58 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-11-09 20:14 - 2016-10-25 10:58 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-11-09 20:14 - 2016-10-25 10:58 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-11-09 20:14 - 2016-10-25 10:57 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-11-09 20:14 - 2016-10-25 10:56 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-11-09 20:14 - 2016-10-25 10:55 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2016-11-09 20:14 - 2016-10-25 10:55 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-11-09 20:14 - 2016-10-25 10:55 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-11-09 20:14 - 2016-10-25 10:53 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 20:14 - 2016-10-25 10:53 - 00964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 20:14 - 2016-10-25 10:52 - 01562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2016-11-09 20:14 - 2016-10-25 10:51 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-11-09 20:14 - 2016-10-25 10:51 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-11-09 20:14 - 2016-10-25 10:47 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 20:14 - 2016-10-25 10:41 - 04078592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-11-09 20:14 - 2016-10-25 10:41 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-11-09 20:14 - 2016-10-25 10:39 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-11-09 20:14 - 2016-10-25 10:34 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-11-09 20:14 - 2016-10-25 10:33 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 20:14 - 2016-10-25 10:31 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2016-11-09 20:14 - 2016-10-25 10:30 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-11-09 20:14 - 2016-10-25 10:30 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 20:14 - 2016-10-25 10:30 - 02555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 20:14 - 2016-10-25 10:30 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-11-09 20:14 - 2016-10-25 10:30 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-11-09 20:14 - 2016-10-25 10:29 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-11-09 20:14 - 2016-10-25 10:29 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2016-11-09 20:14 - 2016-10-25 10:28 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 20:14 - 2016-10-25 10:27 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-11-09 20:14 - 2016-10-25 10:26 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 20:14 - 2016-10-25 10:25 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-11-09 20:14 - 2016-10-25 10:25 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnfldr.dll
2016-11-09 20:14 - 2016-10-25 10:24 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-11-09 20:14 - 2016-10-25 10:23 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-11-09 20:14 - 2016-10-25 10:17 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-11-09 20:14 - 2016-10-25 10:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-11-09 20:14 - 2016-10-25 10:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 20:14 - 2016-10-25 10:13 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 20:14 - 2016-10-25 10:10 - 05325824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-11-09 20:14 - 2016-10-25 10:08 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 20:14 - 2016-10-25 10:07 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-11-09 20:14 - 2016-10-25 10:06 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 20:14 - 2016-10-25 10:05 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-11-09 20:14 - 2016-10-25 10:05 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-11-09 20:14 - 2016-10-25 10:04 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 20:14 - 2016-10-25 10:04 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 20:14 - 2016-10-25 10:04 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 20:14 - 2016-10-25 10:02 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 20:14 - 2016-10-25 09:57 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 20:14 - 2016-10-25 09:53 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-11-09 20:14 - 2016-10-25 09:51 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 20:13 - 2016-11-02 18:21 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 20:13 - 2016-10-25 14:54 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-11-09 20:13 - 2016-10-25 14:48 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-11-09 20:13 - 2016-10-25 14:19 - 00588328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-11-09 20:13 - 2016-10-25 14:19 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 01017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-11-09 20:13 - 2016-10-25 14:18 - 00847648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 20:13 - 2016-10-25 14:12 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-11-09 20:13 - 2016-10-25 14:09 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-11-09 20:13 - 2016-10-25 14:08 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 20:13 - 2016-10-25 14:07 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-11-09 20:13 - 2016-10-25 14:07 - 01040792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-11-09 20:13 - 2016-10-25 14:05 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-11-09 20:13 - 2016-10-25 14:02 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-11-09 20:13 - 2016-10-25 14:00 - 00360288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 20:13 - 2016-10-25 13:17 - 28851216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-11-09 20:13 - 2016-10-25 13:17 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2016-11-09 20:13 - 2016-10-25 13:17 - 00305808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-11-09 20:13 - 2016-10-25 13:16 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-11-09 20:13 - 2016-10-25 13:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-11-09 20:13 - 2016-10-25 13:05 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-11-09 20:13 - 2016-10-25 13:00 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-11-09 20:13 - 2016-10-25 12:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-11-09 20:13 - 2016-10-25 12:56 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-11-09 20:13 - 2016-10-25 12:53 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-11-09 20:13 - 2016-10-25 12:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2016-11-09 20:13 - 2016-10-25 12:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-11-09 20:13 - 2016-10-25 12:48 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-11-09 20:13 - 2016-10-25 12:44 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-11-09 20:13 - 2016-10-25 12:43 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-11-09 20:13 - 2016-10-25 12:42 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2016-11-09 20:13 - 2016-10-25 12:42 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2016-11-09 20:13 - 2016-10-25 12:40 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2016-11-09 20:13 - 2016-10-25 12:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-11-09 20:13 - 2016-10-25 12:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceConnectApi.dll
2016-11-09 20:13 - 2016-10-25 12:35 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-11-09 20:13 - 2016-10-25 12:29 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 20:13 - 2016-10-25 12:22 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-11-09 20:13 - 2016-10-25 12:21 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-11-09 20:13 - 2016-10-25 12:20 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 20:13 - 2016-10-25 12:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-11-09 20:13 - 2016-10-25 12:19 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2016-11-09 20:13 - 2016-10-25 12:18 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll
2016-11-09 20:13 - 2016-10-25 12:16 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-11-09 20:13 - 2016-10-25 12:13 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-11-09 20:13 - 2016-10-25 12:11 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-11-09 20:13 - 2016-10-25 12:10 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2016-11-09 20:13 - 2016-10-25 12:10 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-11-09 20:13 - 2016-10-25 12:09 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-11-09 20:13 - 2016-10-25 12:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-11-09 20:13 - 2016-10-25 12:08 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-11-09 20:13 - 2016-10-25 12:08 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-11-09 20:13 - 2016-10-25 12:08 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-11-09 20:13 - 2016-10-25 12:07 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-11-09 20:13 - 2016-10-25 12:07 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-11-09 20:13 - 2016-10-25 12:04 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-11-09 20:13 - 2016-10-25 12:03 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-11-09 20:13 - 2016-10-25 12:03 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-11-09 20:13 - 2016-10-25 12:02 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-11-09 20:13 - 2016-10-25 11:59 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-11-09 20:13 - 2016-10-25 11:58 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-11-09 20:13 - 2016-10-25 11:57 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-11-09 20:13 - 2016-10-25 11:57 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2016-11-09 20:13 - 2016-10-25 11:57 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2016-11-09 20:13 - 2016-10-25 11:57 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-11-09 20:13 - 2016-10-25 11:53 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-11-09 20:13 - 2016-10-25 11:52 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-11-09 20:13 - 2016-10-25 11:48 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-11-09 20:13 - 2016-10-25 11:46 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-11-09 20:13 - 2016-10-25 11:42 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-11-09 20:13 - 2016-10-25 11:35 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-11-09 20:13 - 2016-10-25 11:35 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-11-09 20:13 - 2016-10-25 11:35 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 20:13 - 2016-10-25 11:33 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-11-09 20:13 - 2016-10-25 11:33 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-11-09 20:13 - 2016-10-25 11:33 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCardDlg.dll
2016-11-09 20:13 - 2016-10-25 11:31 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-09 20:13 - 2016-10-25 11:31 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2016-11-09 20:13 - 2016-10-25 11:30 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-11-09 20:13 - 2016-10-25 11:30 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceClassExtension.dll
2016-11-09 20:13 - 2016-10-25 11:29 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-11-09 20:13 - 2016-10-25 11:29 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-11-09 20:13 - 2016-10-25 11:27 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-11-09 20:13 - 2016-10-25 11:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceConnectApi.dll
2016-11-09 20:13 - 2016-10-25 11:25 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-11-09 20:13 - 2016-10-25 11:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-11-09 20:13 - 2016-10-25 11:23 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-11-09 20:13 - 2016-10-25 11:21 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2016-11-09 20:13 - 2016-10-25 11:20 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2016-11-09 20:13 - 2016-10-25 11:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2016-11-09 20:13 - 2016-10-25 11:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-11-09 20:13 - 2016-10-25 11:19 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-11-09 20:13 - 2016-10-25 11:18 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-11-09 20:13 - 2016-10-25 11:16 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnfldr.dll
2016-11-09 20:13 - 2016-10-25 11:15 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-11-09 20:13 - 2016-10-25 11:15 - 00564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2016-11-09 20:13 - 2016-10-25 11:15 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-11-09 20:13 - 2016-10-25 11:13 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
2016-11-09 20:13 - 2016-10-25 11:12 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-11-09 20:13 - 2016-10-25 11:12 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-11-09 20:13 - 2016-10-25 11:11 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-11-09 20:13 - 2016-10-25 11:09 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-11-09 20:13 - 2016-10-25 11:09 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 20:13 - 2016-10-25 11:07 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-11-09 20:13 - 2016-10-25 11:07 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-11-09 20:13 - 2016-10-25 11:07 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-11-09 20:13 - 2016-10-25 11:06 - 04646400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-11-09 20:13 - 2016-10-25 11:06 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-11-09 20:13 - 2016-10-25 11:06 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 20:13 - 2016-10-25 11:06 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2016-11-09 20:13 - 2016-10-25 11:06 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-11-09 20:13 - 2016-10-25 11:06 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-11-09 20:13 - 2016-10-25 11:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-11-09 20:13 - 2016-10-25 11:05 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 20:13 - 2016-10-25 11:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-11-09 20:13 - 2016-10-25 11:03 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-11-09 20:13 - 2016-10-25 11:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-11-09 20:13 - 2016-10-25 11:02 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 20:13 - 2016-10-25 11:02 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-11-09 20:13 - 2016-10-25 11:02 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-11-09 20:13 - 2016-10-25 10:58 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-11-09 20:13 - 2016-10-25 10:58 - 01186816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2016-11-09 20:13 - 2016-10-25 10:58 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 20:13 - 2016-10-25 10:57 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-11-09 20:13 - 2016-10-25 10:55 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-11-09 20:13 - 2016-10-25 10:55 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 20:13 - 2016-10-25 10:54 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-11-09 20:13 - 2016-10-25 10:44 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-11-09 20:13 - 2016-10-25 10:44 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-11-09 20:13 - 2016-10-25 10:41 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-11-09 20:13 - 2016-10-25 10:39 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-11-09 20:13 - 2016-10-25 10:37 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-11-09 20:13 - 2016-10-25 10:35 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-11-09 20:13 - 2016-10-25 10:35 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 20:13 - 2016-10-25 10:35 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 20:13 - 2016-10-25 10:29 - 14258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 20:13 - 2016-10-25 10:28 - 07536128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 20:13 - 2016-10-25 10:25 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 20:13 - 2016-10-25 10:25 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-11-09 20:13 - 2016-10-25 10:23 - 03294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 20:13 - 2016-10-25 10:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-11-09 20:13 - 2016-10-25 10:22 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-11-09 20:13 - 2016-10-25 10:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-11-09 20:13 - 2016-10-25 10:20 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-11-09 20:13 - 2016-10-25 10:18 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-11-09 20:13 - 2016-10-25 10:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-11-09 20:13 - 2016-10-25 10:11 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 20:13 - 2016-10-25 10:03 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 20:13 - 2016-10-25 10:02 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-11-09 20:13 - 2016-10-25 10:02 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-11-09 20:13 - 2016-10-25 10:00 - 12590080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 20:13 - 2016-10-25 09:37 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-11-09 20:12 - 2016-10-25 15:12 - 07468384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 20:12 - 2016-10-25 15:12 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 20:12 - 2016-10-25 15:12 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 20:12 - 2016-10-25 15:12 - 01098648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-11-09 20:12 - 2016-10-25 15:12 - 00125280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-11-09 20:12 - 2016-10-25 15:11 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 20:12 - 2016-10-25 15:10 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 20:12 - 2016-10-25 14:55 - 01637216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-09 20:12 - 2016-10-25 14:49 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-11-09 20:12 - 2016-10-25 14:21 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-11-09 20:12 - 2016-10-25 14:20 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-11-09 20:12 - 2016-10-25 14:12 - 02607336 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-11-09 20:12 - 2016-10-25 14:12 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 20:12 - 2016-10-25 14:11 - 03694088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 20:12 - 2016-10-25 14:00 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-11-09 20:12 - 2016-10-25 13:31 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-11-09 20:12 - 2016-10-25 13:15 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-11-09 20:12 - 2016-10-25 13:10 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 20:12 - 2016-10-25 13:03 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\genericusbfn.sys
2016-11-09 20:12 - 2016-10-25 13:02 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-11-09 20:12 - 2016-10-25 13:01 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 20:12 - 2016-10-25 13:01 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-11-09 20:12 - 2016-10-25 13:00 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2016-11-09 20:12 - 2016-10-25 12:54 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 20:12 - 2016-10-25 12:51 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 20:12 - 2016-10-25 12:46 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 20:12 - 2016-10-25 12:42 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2016-11-09 20:12 - 2016-10-25 12:42 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 20:12 - 2016-10-25 12:40 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-11-09 20:12 - 2016-10-25 12:40 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2016-11-09 20:12 - 2016-10-25 12:38 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-11-09 20:12 - 2016-10-25 12:34 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-11-09 20:12 - 2016-10-25 12:32 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 20:12 - 2016-10-25 12:32 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 20:12 - 2016-10-25 12:30 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 20:12 - 2016-10-25 12:29 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 20:12 - 2016-10-25 12:28 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-11-09 20:12 - 2016-10-25 12:27 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-11-09 20:12 - 2016-10-25 12:26 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-11-09 20:12 - 2016-10-25 12:26 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-11-09 20:12 - 2016-10-25 12:26 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 20:12 - 2016-10-25 12:25 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-11-09 20:12 - 2016-10-25 12:25 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2016-11-09 20:12 - 2016-10-25 12:25 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 20:12 - 2016-10-25 12:24 - 00752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-11-09 20:12 - 2016-10-25 12:23 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-11-09 20:12 - 2016-10-25 12:23 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-11-09 20:12 - 2016-10-25 12:23 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-11-09 20:12 - 2016-10-25 12:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 20:12 - 2016-10-25 12:22 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-11-09 20:12 - 2016-10-25 12:22 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-11-09 20:12 - 2016-10-25 12:22 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 20:12 - 2016-10-25 12:21 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2016-11-09 20:12 - 2016-10-25 12:21 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-11-09 20:12 - 2016-10-25 12:21 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-11-09 20:12 - 2016-10-25 12:20 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2016-11-09 20:12 - 2016-10-25 12:20 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 20:12 - 2016-10-25 12:20 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2016-11-09 20:12 - 2016-10-25 12:19 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2016-11-09 20:12 - 2016-10-25 12:18 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-11-09 20:12 - 2016-10-25 12:17 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-11-09 20:12 - 2016-10-25 12:16 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2016-11-09 20:12 - 2016-10-25 12:13 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-11-09 20:12 - 2016-10-25 12:13 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 20:12 - 2016-10-25 12:12 - 01813504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-11-09 20:12 - 2016-10-25 12:12 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-11-09 20:12 - 2016-10-25 12:12 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-11-09 20:12 - 2016-10-25 12:11 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-11-09 20:12 - 2016-10-25 12:11 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-11-09 20:12 - 2016-10-25 12:10 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-11-09 20:12 - 2016-10-25 12:10 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-11-09 20:12 - 2016-10-25 12:10 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-11-09 20:12 - 2016-10-25 12:10 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-11-09 20:12 - 2016-10-25 12:10 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-11-09 20:12 - 2016-10-25 12:09 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-11-09 20:12 - 2016-10-25 12:09 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-11-09 20:12 - 2016-10-25 12:09 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-11-09 20:12 - 2016-10-25 12:09 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-11-09 20:12 - 2016-10-25 12:08 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-11-09 20:12 - 2016-10-25 12:08 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2016-11-09 20:12 - 2016-10-25 12:06 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-11-09 20:12 - 2016-10-25 12:06 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-11-09 20:12 - 2016-10-25 12:06 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-11-09 20:12 - 2016-10-25 12:05 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-11-09 20:12 - 2016-10-25 12:05 - 01132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-11-09 20:12 - 2016-10-25 12:05 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-11-09 20:12 - 2016-10-25 12:05 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-09 20:12 - 2016-10-25 12:04 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 20:12 - 2016-10-25 12:03 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-09 20:12 - 2016-10-25 12:00 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-11-09 20:12 - 2016-10-25 12:00 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-11-09 20:12 - 2016-10-25 11:59 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-11-09 20:12 - 2016-10-25 11:59 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 20:12 - 2016-10-25 11:58 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 20:12 - 2016-10-25 11:57 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 20:12 - 2016-10-25 11:57 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-11-09 20:12 - 2016-10-25 11:56 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-11-09 20:12 - 2016-10-25 11:55 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-11-09 20:12 - 2016-10-25 11:55 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 20:12 - 2016-10-25 11:55 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-11-09 20:12 - 2016-10-25 11:54 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-11-09 20:12 - 2016-10-25 11:52 - 01424384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-11-09 20:12 - 2016-10-25 11:51 - 02054144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 20:12 - 2016-10-25 11:49 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-11-09 20:12 - 2016-10-25 11:47 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-11-09 20:12 - 2016-10-25 11:37 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-11-09 20:12 - 2016-10-25 11:33 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-11-09 20:12 - 2016-10-25 11:31 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-11-09 20:12 - 2016-10-25 11:24 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-11-09 20:12 - 2016-10-25 11:24 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 20:12 - 2016-10-25 11:23 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 20:12 - 2016-10-25 11:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 20:12 - 2016-10-25 11:22 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 20:12 - 2016-10-25 11:19 - 03081216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 20:12 - 2016-10-25 11:18 - 04826624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 20:12 - 2016-10-25 11:16 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-11-09 20:12 - 2016-10-25 11:16 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-11-09 20:12 - 2016-10-25 11:11 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-11-09 20:12 - 2016-10-25 11:05 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2016-11-09 20:12 - 2016-10-25 11:04 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-11-09 20:12 - 2016-10-25 11:04 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-11-09 20:12 - 2016-10-25 11:02 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-11-09 20:12 - 2016-10-25 11:00 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 20:12 - 2016-10-25 10:58 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-11-09 20:12 - 2016-10-25 10:58 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 20:12 - 2016-10-25 10:55 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-11-09 20:12 - 2016-10-25 10:54 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-11-09 20:12 - 2016-10-25 10:53 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-11-09 20:12 - 2016-10-25 10:49 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-11-09 20:12 - 2016-10-25 10:47 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 20:12 - 2016-10-25 10:44 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-11-09 20:12 - 2016-10-25 10:43 - 22375936 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 20:12 - 2016-10-25 10:35 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 20:12 - 2016-10-25 10:32 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 20:12 - 2016-10-25 10:31 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 20:12 - 2016-10-25 10:22 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-11-09 20:12 - 2016-10-25 10:18 - 07838208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 20:12 - 2016-10-25 10:15 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 20:12 - 2016-10-25 10:14 - 19348480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 20:12 - 2016-10-25 10:14 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 20:12 - 2016-10-25 10:13 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 20:12 - 2016-10-25 09:59 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2016-11-09 20:12 - 2016-10-25 09:56 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 20:12 - 2016-10-25 07:49 - 00775336 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 20:12 - 2016-10-25 07:49 - 00775336 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 20:12 - 2016-10-25 07:17 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 20:12 - 2016-09-07 10:52 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-11-09 20:11 - 2016-11-02 20:42 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 20:11 - 2016-11-02 20:38 - 00636296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 20:11 - 2016-11-02 19:55 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 20:11 - 2016-10-25 15:14 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 20:11 - 2016-10-25 15:14 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 20:11 - 2016-10-25 15:12 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 20:11 - 2016-10-25 15:12 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-11-09 20:11 - 2016-10-25 15:09 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-11-09 20:11 - 2016-10-25 15:09 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-11-09 20:11 - 2016-10-25 14:56 - 00528736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-11-09 20:11 - 2016-10-25 14:09 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-11-09 20:11 - 2016-10-25 14:09 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-11-09 20:11 - 2016-10-25 14:08 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-11-09 20:11 - 2016-10-25 14:08 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-11-09 20:11 - 2016-10-25 14:07 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 20:11 - 2016-10-25 14:07 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-11-09 20:11 - 2016-10-25 14:07 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-11-09 20:11 - 2016-10-25 14:06 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-11-09 20:11 - 2016-10-25 14:06 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-11-09 20:11 - 2016-10-25 14:04 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-11-09 20:11 - 2016-10-25 14:04 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-11-09 20:11 - 2016-10-25 14:04 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-11-09 20:11 - 2016-10-25 14:03 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-11-09 20:11 - 2016-10-25 13:33 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 20:11 - 2016-10-25 13:33 - 01988440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-11-09 20:11 - 2016-10-25 13:32 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-11-09 20:11 - 2016-10-25 13:32 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-11-09 20:11 - 2016-10-25 13:31 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 20:11 - 2016-10-25 13:31 - 00324448 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 20:11 - 2016-10-25 13:16 - 00376528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-11-09 20:11 - 2016-10-25 13:02 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2016-11-09 20:11 - 2016-10-25 13:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2016-11-09 20:11 - 2016-10-25 12:51 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-11-09 20:11 - 2016-10-25 12:49 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2016-11-09 20:11 - 2016-10-25 12:43 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2016-11-09 20:11 - 2016-10-25 12:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-11-09 20:11 - 2016-10-25 12:42 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2016-11-09 20:11 - 2016-10-25 12:40 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 20:11 - 2016-10-25 12:39 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-11-09 20:11 - 2016-10-25 12:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-11-09 20:11 - 2016-10-25 12:32 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 20:11 - 2016-10-25 12:29 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-11-09 20:11 - 2016-10-25 12:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2016-11-09 20:11 - 2016-10-25 12:29 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2016-11-09 20:11 - 2016-10-25 12:29 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2016-11-09 20:11 - 2016-10-25 12:28 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2016-11-09 20:11 - 2016-10-25 12:28 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 20:11 - 2016-10-25 12:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-11-09 20:11 - 2016-10-25 12:26 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2016-11-09 20:11 - 2016-10-25 12:25 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-11-09 20:11 - 2016-10-25 12:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 20:11 - 2016-10-25 12:24 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-11-09 20:11 - 2016-10-25 12:23 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-11-09 20:11 - 2016-10-25 12:22 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 20:11 - 2016-10-25 12:22 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-11-09 20:11 - 2016-10-25 12:22 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-11-09 20:11 - 2016-10-25 12:21 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-11-09 20:11 - 2016-10-25 12:21 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-11-09 20:11 - 2016-10-25 12:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-11-09 20:11 - 2016-10-25 12:20 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-11-09 20:11 - 2016-10-25 12:20 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2016-11-09 20:11 - 2016-10-25 12:17 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 20:11 - 2016-10-25 12:17 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 20:11 - 2016-10-25 12:17 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-11-09 20:11 - 2016-10-25 12:16 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-11-09 20:11 - 2016-10-25 12:15 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-11-09 20:11 - 2016-10-25 12:14 - 01479168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-11-09 20:11 - 2016-10-25 12:14 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2016-11-09 20:11 - 2016-10-25 12:13 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2016-11-09 20:11 - 2016-10-25 12:12 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 20:11 - 2016-10-25 12:11 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 20:11 - 2016-10-25 12:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 20:11 - 2016-10-25 12:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-11-09 20:11 - 2016-10-25 12:10 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-11-09 20:11 - 2016-10-25 12:09 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-11-09 20:11 - 2016-10-25 12:08 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-11-09 20:11 - 2016-10-25 12:08 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 20:11 - 2016-10-25 12:08 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 20:11 - 2016-10-25 12:07 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-11-09 20:11 - 2016-10-25 12:07 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-11-09 20:11 - 2016-10-25 12:05 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-11-09 20:11 - 2016-10-25 12:04 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-11-09 20:11 - 2016-10-25 12:03 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 20:11 - 2016-10-25 12:02 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 20:11 - 2016-10-25 12:02 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-11-09 20:11 - 2016-10-25 12:02 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 20:11 - 2016-10-25 12:02 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-11-09 20:11 - 2016-10-25 12:02 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-11-09 20:11 - 2016-10-25 12:02 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-11-09 20:11 - 2016-10-25 12:02 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2016-11-09 20:11 - 2016-10-25 11:59 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-11-09 20:11 - 2016-10-25 11:57 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 20:11 - 2016-10-25 11:54 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-11-09 20:11 - 2016-10-25 11:54 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 20:11 - 2016-10-25 11:53 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-11-09 20:11 - 2016-10-25 11:52 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-11-09 20:11 - 2016-10-25 11:51 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-11-09 20:11 - 2016-10-25 11:51 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-11-09 20:11 - 2016-10-25 11:51 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-11-09 20:11 - 2016-10-25 11:50 - 03549696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 20:11 - 2016-10-25 11:46 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 20:11 - 2016-10-25 11:46 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 20:11 - 2016-10-25 11:41 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 20:11 - 2016-10-25 11:39 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-11-09 20:11 - 2016-10-25 11:35 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 20:11 - 2016-10-25 11:35 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-11-09 20:11 - 2016-10-25 11:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-11-09 20:11 - 2016-10-25 11:31 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-11-09 20:11 - 2016-10-25 11:24 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-11-09 20:11 - 2016-10-25 11:22 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-11-09 20:11 - 2016-10-25 11:22 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-11-09 20:11 - 2016-10-25 11:21 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 20:11 - 2016-10-25 11:20 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-11-09 20:11 - 2016-10-25 11:19 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-11-09 20:11 - 2016-10-25 11:17 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-11-09 20:11 - 2016-10-25 11:13 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 20:11 - 2016-10-25 11:10 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-11-09 20:11 - 2016-10-25 11:09 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-11-09 20:11 - 2016-10-25 11:08 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-09 20:11 - 2016-10-25 11:07 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-11-09 20:11 - 2016-10-25 11:05 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-11-09 20:11 - 2016-10-25 11:04 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 20:11 - 2016-10-25 10:56 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 20:11 - 2016-10-25 10:50 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 20:11 - 2016-10-25 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-11-09 20:11 - 2016-10-25 10:42 - 11544576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 20:11 - 2016-10-25 10:40 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 20:11 - 2016-10-25 10:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-11-09 20:11 - 2016-10-25 10:35 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 20:11 - 2016-10-25 10:33 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 20:11 - 2016-10-25 10:32 - 06976512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-11-09 20:11 - 2016-10-25 10:32 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 20:11 - 2016-10-25 10:32 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-11-09 20:11 - 2016-10-25 10:14 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-11-09 20:11 - 2016-10-25 10:13 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-05 17:37 - 2016-11-12 11:57 - 00000000 ____D C:\Users\End User\AppData\LocalLow\uTorrent
2016-11-02 17:13 - 2016-11-02 17:13 - 00028770 _____ C:\ProgramData\agent.1478087033.bdinstall.bin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 23:33 - 2015-10-30 12:51 - 00000000 ____D C:\WINDOWS\INF
2016-11-12 23:28 - 2012-10-01 23:11 - 00000000 ____D C:\Users\End User\AppData\Local\CrashDumps
2016-11-12 23:17 - 2015-08-16 19:31 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-12 22:58 - 2014-06-07 18:48 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1112824363-1646314159-1450038129-1001UA.job
2016-11-12 22:55 - 2012-03-10 01:20 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-12 22:53 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-12 22:47 - 2016-09-26 23:17 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-12 22:10 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-12 22:10 - 2014-04-12 21:52 - 00000000 ____D C:\Users\End User\AppData\Local\Packages
2016-11-12 22:08 - 2012-11-14 16:36 - 00000000 ____D C:\Users\End User\AppData\Roaming\uTorrent
2016-11-12 22:01 - 2015-09-01 09:17 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AEC6D4C1-6CAF-4031-829C-0809C5F940E3}
2016-11-12 21:45 - 2015-09-23 23:10 - 00000000 ____D C:\Program Files (x86)\DTLSoft
2016-11-12 21:39 - 2016-01-09 22:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-12 21:39 - 2012-10-01 10:32 - 00000429 _____ C:\Users\End User\AppData\Roaming\sp_data.sys
2016-11-12 21:39 - 2012-07-12 13:23 - 00000828 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-11-12 21:39 - 2012-03-10 01:20 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-12 21:38 - 2016-01-09 22:34 - 00000000 ____D C:\Users\End User
2016-11-12 21:37 - 2016-01-09 22:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-12 18:29 - 2012-07-12 13:30 - 00003011 _____ C:\WINDOWS\system32\AutoRunFilter.ini
2016-11-12 18:29 - 2012-07-12 13:30 - 00002176 _____ C:\WINDOWS\system32\ServiceFilter.ini
2016-11-12 18:28 - 2015-10-30 11:58 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2016-11-12 18:25 - 2015-10-30 11:58 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-11-12 18:25 - 2015-09-23 23:51 - 00022256 _____ (<company name here>) C:\WINDOWS\system32\Drivers\cdmsnroot_s.sys
2016-11-12 18:23 - 2012-03-10 01:21 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-12 18:21 - 2016-05-12 01:38 - 00000000 ____D C:\Program Files (x86)\FFmpeg for Audacity
2016-11-12 18:21 - 2016-01-29 16:29 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-11-12 18:21 - 2015-08-30 08:49 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-11-12 18:21 - 2012-11-14 16:36 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-11-12 18:21 - 2012-10-01 13:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-12 18:21 - 2012-07-12 13:24 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2016-11-12 18:20 - 2012-07-12 13:23 - 00000000 ____D C:\ProgramData\Intel
2016-11-12 17:18 - 2015-09-23 23:51 - 00032159 _____ C:\WINDOWS\SysWOW64\PCPELog.txt
2016-11-12 17:18 - 2013-12-05 07:44 - 00646913 _____ C:\bdlog.txt
2016-11-12 17:09 - 2014-10-06 11:10 - 00000000 ____D C:\Users\End User\AppData\Local\Battle.net
2016-11-12 14:03 - 2015-10-30 12:54 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-12 08:58 - 2014-06-07 18:48 - 00000908 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1112824363-1646314159-1450038129-1001Core.job
2016-11-12 08:45 - 2014-10-06 11:15 - 00000000 ____D C:\Program Files (x86)\Diablo III
2016-11-12 07:44 - 2014-10-06 11:08 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-11-12 07:28 - 2016-01-09 22:31 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-11 20:13 - 2016-10-02 00:49 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-11 19:49 - 2012-07-12 13:23 - 00000830 _____ C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-11-11 00:15 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\rescache
2016-11-10 17:56 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-11-10 17:56 - 2015-10-30 12:41 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-10 17:03 - 2016-09-26 23:23 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1474912414
2016-11-10 17:03 - 2016-09-26 23:23 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-10 07:34 - 2016-01-09 22:23 - 04970464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-10 07:28 - 2015-10-30 12:54 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-11-10 07:28 - 2015-10-30 12:54 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-11-10 07:28 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-11-10 07:28 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-10 07:28 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-10 07:28 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ____D C:\WINDOWS\Provisioning
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files\Windows Defender
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-10 07:27 - 2015-10-30 12:54 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-09 21:18 - 2013-10-02 04:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 21:12 - 2013-10-02 04:03 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-09 18:49 - 2016-01-13 15:14 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-11-08 07:20 - 2016-01-25 22:58 - 00000000 ___HD C:\Users\End User\Desktop\.picasaoriginals
2016-11-07 15:56 - 2015-08-30 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-11-06 09:16 - 2015-10-19 21:40 - 00007680 _____ C:\Users\End User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-11-05 21:17 - 2013-09-23 15:05 - 00000000 ____D C:\Users\End User\Documents\My REAL Documents
2016-11-05 21:15 - 2015-10-22 17:54 - 00000000 ____D C:\Users\End User\Desktop\Minor Postings
2016-11-03 16:39 - 2016-07-17 05:04 - 00000000 ____D C:\$WINDOWS.~BT
2016-11-03 16:38 - 2016-01-10 03:51 - 00000000 ___DC C:\WINDOWS\Panther
2016-10-29 03:18 - 2015-10-30 12:56 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-29 03:18 - 2015-10-30 12:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-27 23:59 - 2012-10-01 13:25 - 00000000 ____D C:\Users\End User\AppData\Local\Google
2016-10-25 14:28 - 2016-01-09 22:26 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-10-23 01:36 - 2012-10-03 22:56 - 00000000 ____D C:\Users\End User\AppData\Roaming\vlc
2016-10-13 20:41 - 2015-09-10 23:43 - 00000000 ____D C:\Users\End User\AppData\Roaming\MPC-HC

==================== Files in the root of some directories =======

2012-11-11 01:39 - 2016-10-11 17:52 - 0000132 _____ () C:\Users\End User\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-10-01 23:19 - 2012-10-01 23:19 - 0045270 _____ () C:\Users\End User\AppData\Roaming\room_v3.dat
2012-10-01 10:32 - 2016-11-12 21:39 - 0000429 _____ () C:\Users\End User\AppData\Roaming\sp_data.sys
2014-06-19 07:35 - 2014-06-19 07:35 - 0000024 _____ () C:\Users\End User\AppData\Roaming\temp.ini
2016-03-23 21:22 - 2016-03-23 23:11 - 0001456 _____ () C:\Users\End User\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-10-19 21:40 - 2016-11-06 09:16 - 0007680 _____ () C:\Users\End User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-08 18:53 - 2016-02-08 18:53 - 0418802 _____ () C:\ProgramData\1454937501.bdinstall.bin
2016-02-16 19:05 - 2016-02-16 19:05 - 0025199 _____ () C:\ProgramData\1455629743.bdinstall.bin
2016-03-23 10:43 - 2016-03-23 10:43 - 0025917 _____ () C:\ProgramData\1458710014.bdinstall.bin
2016-03-23 10:44 - 2016-03-23 10:44 - 0025986 _____ () C:\ProgramData\1458710037.bdinstall.bin
2016-03-23 10:44 - 2016-03-23 10:44 - 0025982 _____ () C:\ProgramData\1458710049.bdinstall.bin
2016-03-23 10:44 - 2016-03-23 10:44 - 0025986 _____ () C:\ProgramData\1458710062.bdinstall.bin
2016-04-02 12:45 - 2016-04-02 12:45 - 0025986 _____ () C:\ProgramData\1459581306.bdinstall.bin
2016-06-14 18:28 - 2016-06-14 18:28 - 0026793 _____ () C:\ProgramData\1465909102.bdinstall.bin
2016-09-21 18:43 - 2016-09-21 18:43 - 0026853 _____ () C:\ProgramData\agent.1474463562.bdinstall.bin
2016-11-02 17:13 - 2016-11-02 17:13 - 0028770 _____ () C:\ProgramData\agent.1478087033.bdinstall.bin
2016-01-09 22:27 - 2016-01-09 22:27 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-03-10 01:32 - 2010-10-06 23:15 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2012-07-12 13:35 - 2012-07-12 13:36 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-07-12 13:35 - 2012-07-12 13:35 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-07-12 13:34 - 2012-07-12 13:35 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\Users\End User\en_res.dll
C:\Users\End User\es_res.dll
C:\Users\End User\fr_res.dll
C:\Users\End User\grm_res.dll
C:\Users\End User\it_res.dll
C:\Users\End User\jp_res.dll
C:\Users\End User\mfc80u.dll
C:\Users\End User\msvcr80.dll
C:\Users\End User\PCPE Setup.exe
C:\Users\End User\pt_res.dll
C:\Users\End User\ResourceReader.dll
C:\Users\End User\ru_res.dll
C:\Users\End User\zh_res.dll


Some files in TEMP:
====================
C:\Users\End User\AppData\Local\Temp\0Uninst.exe
C:\Users\End User\AppData\Local\Temp\setup.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-11-06 00:21

==================== End of FRST.txt ============================

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,961 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:03 AM

Posted 14 November 2016 - 12:00 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:


() C:\Program Files (x86)\4A68AFB1-1478955127-E111-AEDA-3085A96FD525\knsmA4DB.tmpfs
(Microsoft Corporation) C:\ProgramData\Windows Security\winsecurity.exe
() C:\Program Files (x86)\WebShield\WebShield.exe
() C:\WINDOWS\SysWOW64\C2MP\TrayMenu.exe
ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => No File
ShortcutTarget: TrayMenu.lnk -> C:\WINDOWS\SysWOW64\C2MP\TrayMenu.exe ()
GroupPolicy: Restriction <======= ATTENTION
ProxyServer: [S-1-5-21-1112824363-1646314159-1450038129-1001] => http=127.0.0.1:8080;https=127.0.0.1:8080
Winsock: Catalog9 01 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 02 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 03 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 04 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 05 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 06 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 07 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 08 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 09 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 10 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 11 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 12 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9 25 C:\Program Files (x86)\Hoeghtshbeward\Proxy32.dll No File
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 09 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 10 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 11 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 12 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
Winsock: Catalog9-x64 25 C:\Program Files (x86)\Hoeghtshbeward\Proxy64.dll No File
URLSearchHook: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=658&r=2013/04/29&hid=2716007796&lg=EN&cc=IN
SearchScopes: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=658&r=2013/04/29&hid=2716007796&lg=EN&cc=IN
Toolbar: HKU\S-1-5-21-1112824363-1646314159-1450038129-1001 -> No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff => not found
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff => not found
CHR Profile: C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-12] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Browsec VPN - Privacy and Security Online) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2016-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
CHR HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1112824363-1646314159-1450038129-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\End User\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\End User\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
R2 Qerfishmapacult; C:\Program Files (x86)\Hoeghtshbeward\merngerpr.dll [276992 2016-11-12] () [File not signed]
R2 UQiqSSPG; C:\Program Files (x86)\WebShield\WebShield.exe [360448 2016-08-13] () [File not signed]
R2 WindowsSecurity; C:\ProgramData\Windows Security\winsecurity.exe [1265664 2016-10-26] (Microsoft Corporation) [File not signed]
R2 XBox; C:\Program Files\XBox\XBLive.exe [6342584 2016-06-13] (Microsoft Corporation)
R2 myryjote; C:\Program Files (x86)\4A68AFB1-1478955127-E111-AEDA-3085A96FD525\knsmA4DB.tmpfs [X]
R4 KuaiZipDrive2; C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys [92832 2016-11-12] (WinMount International Inc) <==== ATTENTION
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
U3 idsvc; no ImagePath
C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\End User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh
C:\Program Files (x86)\4A68AFB1-1478955127-E111-AEDA-3085A96FD525
C:\ProgramData\Windows Security
C:\Program Files (x86)\WebShield
C:\WINDOWS\SysWOW64\C2MP
C:\Program Files (x86)\Hoeghtshbeward
C:\WINDOWS\system32\drivers\KuaiZipDrive2.sys
cmd: netsh winsock reset catalog
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
CMD: bitsadmin /reset /allusers
Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Post include the Addition.txt file that was created by the Farbar tool. I need to review it.

Let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,961 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:03 AM

Posted 20 November 2016 - 10:07 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users